Headline
CVE-2022-4937: Changeset 2630745 for wc-frontend-manager – WordPress Plugin Repository
The WCFM Frontend Manager plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 6.6.0 due to missing capability checks on various AJAX actions. This makes it possible for authenticated attackers, with minimal permissions such as subscribers, to perform a wide variety of actions such as modifying knowledge bases, modifying notices, modifying payments, managing vendors, capabilities, and so much more. There were hundreds of AJAX endpoints affected.
wc-frontend-manager/tags/6.5.13/controllers/articles/wcfm-controller-articles-manage.php
r2629284
r2630745
70
70
'post\_status' => $article\_status,
71
71
'post\_type' => 'post',
72
'post\_excerpt' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
73
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
72
'post\_excerpt' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
73
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
74
74
'post\_author' => $current\_user\_id,
75
75
'post\_name' => sanitize\_title($wcfm\_articles\_manage\_form\_data\['title'\])
wc-frontend-manager/tags/6.5.13/controllers/articles/wcfm-controller-articles.php
r2629284
r2630745
116
116
// Thumb
117
117
if( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) {
118
$wcfm\_articles\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '"><img width="40" height="40" class="attachment-thumbnail size-thumbnail wp-post-image" src="' . esc\_url(get\_the\_post\_thumbnail\_url( $wcfm\_articles\_single->ID )) . '" /></a>';
118
$wcfm\_articles\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '"><img width="40" height="40" class="attachment-thumbnail size-thumbnail wp-post-image" src="' . esc\_url(get\_the\_post\_thumbnail\_url( $wcfm\_articles\_single->ID )) . '" /></a>';
119
119
} else {
120
120
$wcfm\_articles\_json\_arr\[$index\]\[\] = '<img width="40" height="40" class="attachment-thumbnail size-thumbnail wp-post-image" src="' . esc\_url(get\_the\_post\_thumbnail\_url( $wcfm\_articles\_single->ID )) . '" />';
…
…
123
123
// Title
124
124
if( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) {
125
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
125
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
126
126
} else {
127
127
if( $wcfm\_articles\_single->post\_status == 'publish' ) {
128
128
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', $wcfm\_articles\_single->post\_title, $wcfm\_articles\_single->ID );
129
129
} elseif( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) {
130
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
130
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
131
131
} else {
132
132
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', $wcfm\_articles\_single->post\_title, $wcfm\_articles\_single->ID );
…
…
164
164
165
165
// Action
166
$actions = '<a class="wcfm-action-icon" target="\_blank" href="' . get\_permalink( $wcfm\_articles\_single->ID ) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View', 'wc-frontend-manager' ) . '"></span></a>';
166
$actions = '<a class="wcfm-action-icon" target="\_blank" href="' . esc\_url(get\_permalink( $wcfm\_articles\_single->ID )) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View', 'wc-frontend-manager' ) . '"></span></a>';
167
167
168
168
if( $wcfm\_articles\_single->post\_status == 'publish' ) {
169
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
170
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm-action-icon wcfm\_article\_delete" href="#" data-articleid="' . $wcfm\_articles\_single->ID . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
169
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
170
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm-action-icon wcfm\_article\_delete" href="#" data-articleid="' . esc\_attr($wcfm\_articles\_single->ID) . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
171
171
} else {
172
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
173
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm\_article\_delete wcfm-action-icon" href="#" data-articleid="' . $wcfm\_articles\_single->ID . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
172
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
173
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm\_article\_delete wcfm-action-icon" href="#" data-articleid="' . esc\_attr($wcfm\_articles\_single->ID) . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
174
174
}
175
175
wc-frontend-manager/tags/6.5.13/controllers/coupons/wcfm-controller-coupons.php
r2629284
r2630745
83
83
// Code
84
84
if( $wcfm\_coupons\_single->post\_status != 'publish' ) {
85
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>' . ' -- ' . \_\_( ucfirst( $wcfm\_coupons\_single->post\_status ), 'wc-frontend-manager' );
85
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>' . ' -- ' . \_\_( ucfirst( $wcfm\_coupons\_single->post\_status ), 'wc-frontend-manager' );
86
86
} elseif( current\_user\_can( 'edit\_published\_shop\_coupons' ) && apply\_filters( 'wcfm\_is\_allow\_edit\_coupons', true ) ) {
87
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>';
87
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>';
88
88
} else {
89
89
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<span class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</span>';
…
…
117
117
$actions = '';
118
118
if( $wcfm\_coupons\_single->post\_status == 'publish' ) {
119
$actions .= ( current\_user\_can( 'edit\_published\_shop\_coupons' ) && apply\_filters( 'wcfm\_is\_allow\_edit\_coupons', true ) ) ? '<a class="wcfm-action-icon" href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
119
$actions .= ( current\_user\_can( 'edit\_published\_shop\_coupons' ) && apply\_filters( 'wcfm\_is\_allow\_edit\_coupons', true ) ) ? '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
120
120
} else {
121
$actions .= '<a class="wcfm-action-icon" href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
121
$actions .= '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
122
122
}
123
123
$wcfm\_coupons\_json\_arr\[$index\]\[\] = apply\_filters ( 'wcfm\_coupons\_actions', $actions, $wcfm\_coupons\_single );
wc-frontend-manager/tags/6.5.13/controllers/customers/wcfm-controller-customers-details.php
r2629284
r2630745
117
117
118
118
if( apply\_filters( 'wcfm\_is\_allow\_order\_details', true ) && $WCFM->wcfm\_vendor\_support->wcfm\_is\_order\_for\_vendor( $wcfm\_orders\_single->order\_id ) ) {
119
$wcfm\_orders\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_view\_order\_url($wcfm\_orders\_single->ID, $the\_order) . '" class="wcfm\_dashboard\_item\_title">#' . esc\_attr( $the\_order->get\_order\_number() ) . '</a>' . ' ' . \_\_( 'by', 'wc-frontend-manager' ) . ' ' . $username;
119
$wcfm\_orders\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_view\_order\_url($wcfm\_orders\_single->ID, $the\_order)) . '" class="wcfm\_dashboard\_item\_title">#' . esc\_attr( $the\_order->get\_order\_number() ) . '</a>' . ' ' . \_\_( 'by', 'wc-frontend-manager' ) . ' ' . $username;
120
120
} else {
121
121
$wcfm\_orders\_json\_arr\[$index\]\[\] = '<span class="wcfm\_dashboard\_item\_title">#' . esc\_attr( $the\_order->get\_order\_number() ) . '</span>' . ' ' . \_\_( 'by', 'wc-frontend-manager' ) . ' ' . $username;
…
…
481
481
482
482
// Appointment
483
$appointment\_label = '<a href="' . get\_wcfm\_view\_appointment\_url($wcfm\_appointments\_single->ID, $the\_appointment) . '" class="wcfm\_appointment\_title">#' . $wcfm\_appointments\_single->ID . '</a>';
483
$appointment\_label = '<a href="' . esc\_url(get\_wcfm\_view\_appointment\_url($wcfm\_appointments\_single->ID, $the\_appointment)) . '" class="wcfm\_appointment\_title">#' . $wcfm\_appointments\_single->ID . '</a>';
484
484
485
485
$customer = $the\_appointment->get\_customer();
…
…
529
529
if ( $the\_order ) {
530
530
if( apply\_filters( 'wcfm\_is\_allow\_order\_details', true ) && $WCFM->wcfm\_vendor\_support->wcfm\_is\_order\_for\_vendor( $the\_order->get\_order\_number() ) ) {
531
$wcfm\_appointments\_json\_arr\[$index\]\[\] = '<span class="appointment-orderno"><a href="' . get\_wcfm\_view\_order\_url( $the\_order->get\_order\_number(), $the\_order ) . '">#' . $the\_order->get\_order\_number() . '</a></span><br />' . esc\_html( wc\_get\_order\_status\_name( $the\_order->get\_status() ) );
531
$wcfm\_appointments\_json\_arr\[$index\]\[\] = '<span class="appointment-orderno"><a href="' . esc\_url(get\_wcfm\_view\_order\_url( $the\_order->get\_order\_number(), $the\_order )) . '">#' . $the\_order->get\_order\_number() . '</a></span><br />' . esc\_html( wc\_get\_order\_status\_name( $the\_order->get\_status() ) );
532
532
} else {
533
533
$wcfm\_appointments\_json\_arr\[$index\]\[\] = '<span class="appointment-orderno">#' . $the\_order->get\_order\_number() . '</span><br /> ' . esc\_html( wc\_get\_order\_status\_name( $the\_order->get\_status() ) );
…
…
548
548
if ( in\_array( $the\_appointment->get\_status(), array( 'pending-confirmation' ) ) ) $actions = '<a class="wcfm\_appointment\_mark\_confirm wcfm-action-icon" href="#" data-appointmentid="' . $wcfm\_appointments\_single->ID . '"><span class="wcfmfa fa-check-circle text\_tip" data-tip="' . esc\_attr\_\_( 'Mark as Confirmed', 'wc-frontend-manager' ) . '"></span></a>';
549
549
}
550
$actions .= apply\_filters ( 'wcfm\_appointments\_actions', '<a class="wcfm-action-icon" href="' . get\_wcfm\_view\_appointment\_url( $wcfm\_appointments\_single->ID, $the\_appointment ) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View Details', 'wc-frontend-manager' ) . '"></span></a>', $wcfm\_appointments\_single, $the\_appointment );
550
$actions .= apply\_filters ( 'wcfm\_appointments\_actions', '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_view\_appointment\_url( $wcfm\_appointments\_single->ID, $the\_appointment )) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View Details', 'wc-frontend-manager' ) . '"></span></a>', $wcfm\_appointments\_single, $the\_appointment );
551
551
$wcfm\_appointments\_json\_arr\[$index\]\[\] = $actions;
552
552
wc-frontend-manager/tags/6.5.13/controllers/customers/wcfm-controller-customers-manage.php
r2629284
r2630745
199
199
$author\_is\_vendor = 1;
200
200
$message\_to = 0;
201
$wcfm\_messages = sprintf( \_\_( 'A new customer <b>%s</b> added to the store by <b>%s</b>', 'wc-frontend-manager' ), '<a class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_customers\_details\_url( $customer\_id ) . '">' . $wcfm\_customer\_form\_data\['first\_name'\] . ' ' . $wcfm\_customer\_form\_data\['last\_name'\] . '</a>', get\_user\_by( 'id', $author\_id )->display\_name );
201
$wcfm\_messages = sprintf( \_\_( 'A new customer <b>%s</b> added to the store by <b>%s</b>', 'wc-frontend-manager' ), '<a class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_customers\_details\_url( $customer\_id )) . '">' . $wcfm\_customer\_form\_data\['first\_name'\] . ' ' . $wcfm\_customer\_form\_data\['last\_name'\] . '</a>', get\_user\_by( 'id', $author\_id )->display\_name );
202
202
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( $author\_id, $message\_to, $author\_is\_admin, $author\_is\_vendor, $wcfm\_messages, 'new\_customer' );
203
203
}
wc-frontend-manager/tags/6.5.13/controllers/customers/wcfm-controller-customers.php
r2629284
r2630745
150
150
}
151
151
if( apply\_filters( 'wcfm\_is\_allow\_view\_customer', true ) ) {
152
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_customers\_details\_url($wcfm\_customers\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_customers\_display\_name\_data', $customer\_name, $wcfm\_customers\_single->ID ) . '</a>';
152
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_customers\_details\_url($wcfm\_customers\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_customers\_display\_name\_data', $customer\_name, $wcfm\_customers\_single->ID ) . '</a>';
153
153
} else {
154
154
$wcfm\_customers\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_customers\_display\_name\_data', $customer\_name, $wcfm\_customers\_single->ID );
…
…
220
220
$order = $orders\[0\];
221
221
if( apply\_filters( 'wcfm\_is\_allow\_order\_details', true ) && $WCFM->wcfm\_vendor\_support->wcfm\_is\_order\_for\_vendor( $order->get\_id() ) ) {
222
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<span class="customer-orderno"><a href="' . get\_wcfm\_view\_order\_url( $order->get\_id(), $order ) . '">' . \_x( '#', 'hash before order number', 'woocommerce' ) . $order->get\_order\_number() . '</a></span><br />' . wc\_format\_datetime( $order->get\_date\_created() );
222
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<span class="customer-orderno"><a href="' . esc\_url(get\_wcfm\_view\_order\_url( $order->get\_id(), $order )) . '">' . \_x( '#', 'hash before order number', 'woocommerce' ) . $order->get\_order\_number() . '</a></span><br />' . wc\_format\_datetime( $order->get\_date\_created() );
223
223
} else {
224
224
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<span class="customer-orderno">' . \_x( '#', 'hash before order number', 'woocommerce' ) . $order->get\_order\_number() . '</span><br />' . wc\_format\_datetime( $order->get\_date\_created() );
…
…
232
232
233
233
// Action
234
$actions = '<a class="wcfm-action-icon" href="' . get\_wcfm\_customers\_details\_url( $wcfm\_customers\_single->ID ) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'Manage Customer', 'wc-frontend-manager' ) . '"></span></a>';
234
$actions = '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_customers\_details\_url( $wcfm\_customers\_single->ID )) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'Manage Customer', 'wc-frontend-manager' ) . '"></span></a>';
235
235
if( apply\_filters( 'wcfm\_is\_allow\_edit\_customer', true ) && apply\_filters( 'wcfm\_is\_vendor\_customer', true, $wcfm\_customers\_single->ID ) ) {
236
$actions .= '<a class="wcfm-action-icon" href="' . get\_wcfm\_customers\_manage\_url( $wcfm\_customers\_single->ID ) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit Customer', 'wc-frontend-manager' ) . '"></span></a>';
236
$actions .= '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_customers\_manage\_url( $wcfm\_customers\_single->ID )) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit Customer', 'wc-frontend-manager' ) . '"></span></a>';
237
237
}
238
238
if ( empty( $orders ) && apply\_filters( 'wcfm\_is\_allow\_edit\_customer', true ) && apply\_filters( 'wcfm\_is\_allow\_delete\_customer', true ) && ( !wcfm\_is\_vendor() || apply\_filters( 'wcfm\_is\_vendor\_customer', true, $wcfm\_customers\_single->ID ) ) ) {
wc-frontend-manager/tags/6.5.13/controllers/enquiry/wcfm-controller-enquiry-form.php
r2629284
r2630745
146
146
if( $product\_id ) $enquiry\_for\_label = get\_the\_title( $product\_id );
147
147
148
//$enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_url() . '">' . \_\_( 'Store', 'wc-frontend-manager' ) . '</a>';
149
//if( $vendor\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_url() . '">' . wcfm\_get\_vendor\_store\_name( $vendor\_id ) . ' ' . apply\_filters( 'wcfm\_sold\_by\_label', $vendor\_id, \_\_( 'Store', 'wc-frontend-manager' ) ) . '</a>';
150
//if( $product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_url() . '">' . get\_the\_title( $product\_id ) . '</a>';
148
//$enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . \_\_( 'Store', 'wc-frontend-manager' ) . '</a>';
149
//if( $vendor\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . wcfm\_get\_vendor\_store\_name( $vendor\_id ) . ' ' . apply\_filters( 'wcfm\_sold\_by\_label', $vendor\_id, \_\_( 'Store', 'wc-frontend-manager' ) ) . '</a>';
150
//if( $product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . get\_the\_title( $product\_id ) . '</a>';
151
151
152
152
/\*$mail\_to = apply\_filters( 'wcfm\_admin\_email\_notification\_receiver', get\_bloginfo( 'admin\_email' ), 'enquiry' );
…
…
196
196
// Direct message
197
197
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', 0 ) ) {
198
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $enquiry\_id ) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
198
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $enquiry\_id )) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
199
199
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -2, 0, 1, 0, $wcfm\_messages, 'enquiry', false );
200
200
}
…
…
220
220
// Direct message
221
221
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', $vendor\_id ) ) {
222
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $enquiry\_id ) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
222
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $enquiry\_id )) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
223
223
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -1, $vendor\_id, 1, 0, $wcfm\_messages, 'enquiry', false );
224
224
}
wc-frontend-manager/tags/6.5.13/controllers/enquiry/wcfm-controller-enquiry-manage.php
r2629284
r2630745
47
47
$attchments = wcfm\_handle\_file\_upload();
48
48
49
$inquiry\_reply = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
49
$inquiry\_reply = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
50
50
$inquiry\_reply\_by = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
51
51
$inquiry\_id = absint( $wcfm\_enquiry\_reply\_form\_data\['inquiry\_id'\] );
…
…
128
128
$enquiry\_for = \_\_( 'Store', 'wc-frontend-manager' );
129
129
if( $inquiry\_vendor\_id ) $enquiry\_for = wcfm\_get\_vendor\_store( $inquiry\_vendor\_id );
130
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_permalink( $inquiry\_product\_id ) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
130
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_permalink( $inquiry\_product\_id )) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
131
131
132
132
$myaccount\_page\_id = get\_option( 'woocommerce\_myaccount\_page\_id' );
…
…
196
196
if( wcfm\_is\_vendor() ) {
197
197
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', 0 ) ) {
198
$wcfm\_messages = sprintf( \_\_( 'New reply posted for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $inquiry\_id ) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
198
$wcfm\_messages = sprintf( \_\_( 'New reply posted for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $inquiry\_id )) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
199
199
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( $inquiry\_vendor\_id, 0, 0, 1, $wcfm\_messages, 'enquiry', false );
200
200
}
…
…
241
241
$attchments = wcfm\_handle\_file\_upload();
242
242
243
$inquiry\_reply = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
243
$inquiry\_reply = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
244
244
$inquiry\_reply\_by = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
245
245
$inquiry\_id = absint( $wcfm\_enquiry\_reply\_form\_data\['inquiry\_id'\] );
…
…
307
307
$enquiry\_for = \_\_( 'Store', 'wc-frontend-manager' );
308
308
if( $inquiry\_vendor\_id ) $enquiry\_for = wcfm\_get\_vendor\_store( $inquiry\_vendor\_id );
309
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_permalink( $inquiry\_product\_id ) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
309
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_permalink( $inquiry\_product\_id )) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
310
310
311
311
$mail\_to = apply\_filters( 'wcfm\_admin\_email\_notification\_receiver', get\_bloginfo( 'admin\_email' ), 'enquiry' );
…
…
345
345
// Direct message
346
346
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', 0 ) ) {
347
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $inquiry\_id ) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
347
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $inquiry\_id )) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
348
348
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -2, 0, 1, 0, $wcfm\_messages, 'enquiry', false );
349
349
}
…
…
365
365
// Direct message
366
366
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', $inquiry\_vendor\_id ) ) {
367
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $inquiry\_id ) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
367
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $inquiry\_id )) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
368
368
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -1, $inquiry\_vendor\_id, 1, 0, $wcfm\_messages, 'enquiry', false );
369
369
}
wc-frontend-manager/tags/6.5.13/controllers/enquiry/wcfm-controller-enquiry.php
r2629284
r2630745
45
45
$time\_filter = '';
46
46
47
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
47
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
48
48
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === wc\_clean($\_POST\['order'\]) ) ? 'ASC' : 'DESC';
49
49
…
…
121
121
foreach($wcfm\_enquirys\_array as $wcfm\_enquirys\_single) {
122
122
// Enquiry
123
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_enquiry\_message\_display', $wcfm\_enquirys\_single->enquiry, $wcfm\_enquirys\_single->ID ) . '</a>';
123
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_enquiry\_message\_display', $wcfm\_enquirys\_single->enquiry, $wcfm\_enquirys\_single->ID ) . '</a>';
124
124
125
125
// Product
126
126
if( $wcfm\_enquirys\_single->product\_id ) {
127
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a class="wcfm-enquiry-product" target="\_blank" href="' . get\_permalink($wcfm\_enquirys\_single->product\_id) . '">' . get\_the\_title($wcfm\_enquirys\_single->product\_id) . '</a>';
127
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a class="wcfm-enquiry-product" target="\_blank" href="' . esc\_url(get\_permalink($wcfm\_enquirys\_single->product\_id)) . '">' . get\_the\_title($wcfm\_enquirys\_single->product\_id) . '</a>';
128
128
} else {
129
129
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '–';
…
…
134
134
if( apply\_filters( 'wcfm\_allow\_view\_customer\_name', true ) ) {
135
135
if( $wcfm\_enquirys\_single->customer\_id && apply\_filters( 'wcfm\_is\_allow\_view\_customer', true ) ) {
136
$customer\_details = '<a target="\_blank" href="' . get\_wcfm\_customers\_details\_url($wcfm\_enquirys\_single->customer\_id) . '" class="wcfm\_inquiry\_by\_customer">' . $wcfm\_enquirys\_single->customer\_name . '</a>';
136
$customer\_details = '<a target="\_blank" href="' . esc\_url(get\_wcfm\_customers\_details\_url($wcfm\_enquirys\_single->customer\_id)) . '" class="wcfm\_inquiry\_by\_customer">' . $wcfm\_enquirys\_single->customer\_name . '</a>';
137
137
} else {
138
138
$customer\_details = $wcfm\_enquirys\_single->customer\_name;
…
…
207
207
208
208
// Action
209
$actions = '<a class="wcfm-action-icon" href="' . get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID) . '"><span class="wcfmfa fa-reply-all text\_tip" data-tip="' . esc\_attr\_\_( 'Reply', 'wc-frontend-manager' ) . '"></span></a>';
209
$actions = '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID)) . '"><span class="wcfmfa fa-reply-all text\_tip" data-tip="' . esc\_attr\_\_( 'Reply', 'wc-frontend-manager' ) . '"></span></a>';
210
210
211
211
if( apply\_filters( 'wcfm\_is\_allow\_eniquiry\_delete', true ) ) {
wc-frontend-manager/tags/6.5.13/controllers/knowledgebase/wcfm-controller-knowledgebase-manage.php
r2629284
r2630745
48
48
'post\_status' => $knowledgebase\_status,
49
49
'post\_type' => 'wcfm\_knowledgebase',
50
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ),
50
'post\_content' => wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ),
51
51
'post\_author' => $current\_user\_id
52
52
);
wc-frontend-manager/tags/6.5.13/controllers/knowledgebase/wcfm-controller-knowledgebase.php
r2629284
r2630745
98
98
// Knowledgebase
99
99
if( !wcfm\_is\_vendor() ) {
100
$wcfm\_knowledgebases\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_knowledgebases\_single->post\_title . '</a>';
100
$wcfm\_knowledgebases\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_knowledgebases\_single->post\_title . '</a>';
101
101
} else {
102
102
$wcfm\_knowledgebases\_json\_arr\[$index\]\[\] = '<span class="wcfm\_dashboard\_item\_title">' . $wcfm\_knowledgebases\_single->post\_title . '</span>';
…
…
119
119
$actions = '<a class="wcfm-action-icon wcfm\_knowledgebase\_view" href="#" data-knowledgebaseid="' . $wcfm\_knowledgebases\_single->ID . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View', 'wc-frontend-manager' ) . '"></span></a>';
120
120
if( !wcfm\_is\_vendor() && apply\_filters( 'wcfm\_is\_allow\_edit\_knowledgebase', true ) ) {
121
$actions .= '<a class="wcfm-action-icon" href="' . get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
121
$actions .= '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID)) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
122
122
if( $wcfm\_knowledgebases\_single->post\_status != 'publish' ) {
123
123
$actions .= '<a class="wcfm\_knowledgebase\_publish wcfm-action-icon" href="#" data-knowledgebaseid="' . $wcfm\_knowledgebases\_single->ID . '"><span class="wcfmfa fa-check-circle text\_tip" data-tip="' . esc\_attr\_\_( 'Publish - on line this now', 'wc-frontend-manager' ) . '"></span></a>';
wc-frontend-manager/tags/6.5.13/controllers/messages/wcfm-controller-message-sent.php
r2629284
r2630745
21
21
global $WCFM, $wpdb, $\_POST;
22
22
23
$wcfm\_messages = ! empty( $\_POST\['wcfm\_messages'\] ) ? sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['wcfm\_messages'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
23
$wcfm\_messages = ! empty( $\_POST\['wcfm\_messages'\] ) ? wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['wcfm\_messages'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
24
24
$author\_id = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
25
25
wc-frontend-manager/tags/6.5.13/controllers/messages/wcfm-controller-messages.php
r2629284
r2630745
37
37
}
38
38
39
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
39
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
40
40
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
41
41
wc-frontend-manager/tags/6.5.13/controllers/notice/wcfm-controller-notice-manage.php
r2629284
r2630745
39
39
'post\_status' => $notice\_status,
40
40
'post\_type' => 'wcfm\_notice',
41
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
41
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
42
42
'post\_author' => $current\_user\_id
43
43
);
wc-frontend-manager/tags/6.5.13/controllers/notice/wcfm-controller-notice-reply.php
r2629284
r2630745
35
35
'post\_status' => $notice\_status,
36
36
'post\_type' => 'wcfm\_notice',
37
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['topic\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
37
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['topic\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
38
38
'post\_author' => $current\_user\_id
39
39
);
wc-frontend-manager/tags/6.5.13/controllers/orders/wcfm-controller-dokan-orders.php
r2629284
r2630745
36
36
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'seller\_id' );
37
37
38
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
38
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
39
39
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
40
40
wc-frontend-manager/tags/6.5.13/controllers/orders/wcfm-controller-wcfmmarketplace-itemized-orders.php
r2629284
r2630745
47
47
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
48
48
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
50
50
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
51
51
$allowed\_status = get\_wcfm\_marketplace\_active\_withdrwal\_order\_status\_in\_comma();
wc-frontend-manager/tags/6.5.13/controllers/orders/wcfm-controller-wcfmmarketplace-orders.php
r2629284
r2630745
47
47
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
48
48
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
50
50
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
51
51
$allowed\_status = get\_wcfm\_marketplace\_active\_withdrwal\_order\_status\_in\_comma();
wc-frontend-manager/tags/6.5.13/controllers/orders/wcfm-controller-wcmarketplace-orders.php
r2629284
r2630745
38
38
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
39
39
40
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
40
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
41
41
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
42
42
wc-frontend-manager/tags/6.5.13/controllers/orders/wcfm-controller-wcpvendors-orders.php
r2629284
r2630745
35
35
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
36
36
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
38
38
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
39
39
wc-frontend-manager/tags/6.5.13/controllers/orders/wcfm-controller-wcvendors-orders.php
r2629284
r2630745
41
41
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
42
42
43
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
43
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
44
44
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
45
45
wc-frontend-manager/tags/6.5.13/controllers/products-manager/wcfm-controller-products-manage.php
r2629284
r2630745
75
75
'post\_status' => $product\_status,
76
76
'post\_type' => 'product',
77
'post\_excerpt' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
78
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
77
'post\_excerpt' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
78
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
79
79
'post\_author' => $current\_user\_id,
80
80
'post\_name' => sanitize\_title($wcfm\_products\_manage\_form\_data\['pro\_title'\])
wc-frontend-manager/tags/6.5.13/controllers/profile/wcfm-controller-profile.php
r2629284
r2630745
84
84
//$wcfm\_profile\_form = array\_map( 'stripslashes', $wcfm\_profile\_form );
85
85
86
$description = ! empty( $\_POST\['about'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['about'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
86
$description = ! empty( $\_POST\['about'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['about'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
87
87
update\_user\_meta( $user\_id, 'description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $description ) );
88
88
wc-frontend-manager/tags/6.5.13/controllers/settings/wcfm-controller-wcfmmarketplace-settings.php
r2629284
r2630745
147
147
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
148
148
if( isset( $\_POST\['profile'\] ) && !empty( $\_POST\['profile'\] ) ) {
149
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
149
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
150
150
wcfm\_update\_user\_meta( $user\_id, '\_store\_description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $wcfm\_settings\_form\['shop\_description'\] ) );
151
151
}
wc-frontend-manager/tags/6.5.13/controllers/settings/wcfm-controller-wcmarketplace-settings.php
r2629284
r2630745
43
43
// sanitize html editor content
44
44
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
45
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
45
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
46
46
update\_user\_meta( $user\_id, '\_vendor\_description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $wcfm\_settings\_form\['shop\_description'\] ) );
47
47
}
wc-frontend-manager/tags/6.5.13/controllers/settings/wcfm-controller-wcpvendors-settings.php
r2629284
r2630745
48
48
// sanitize html editor content
49
49
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
50
$wcfm\_settings\_form\['profile'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
50
$wcfm\_settings\_form\['profile'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
51
51
}
52
52
wc-frontend-manager/tags/6.5.13/controllers/settings/wcfm-controller-wcvendors-settings.php
r2629284
r2630745
40
40
41
41
// sanitize html editor content
42
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
42
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
43
43
44
44
if( apply\_filters( 'wcfm\_is\_allow\_store\_name', true ) ) {
wc-frontend-manager/tags/6.5.13/controllers/vendors/wcfm-controller-vendors-new.php
r2629284
r2630745
172
172
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
173
173
if( isset( $\_POST\['profile'\] ) && !empty( $\_POST\['profile'\] ) ) {
174
$wcfm\_vendor\_form\_data\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
174
$wcfm\_vendor\_form\_data\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
175
175
wcfm\_update\_user\_meta( $vendor\_id, '\_store\_description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $wcfm\_vendor\_form\_data\['shop\_description'\] ) );
176
176
}
wc-frontend-manager/tags/6.5.13/controllers/withdrawal/dokan/wcfm-controller-withdrawal-requests.php
r2629284
r2630745
24
24
$offset = wc\_clean($\_POST\['start'\]);
25
25
26
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
26
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
27
27
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
28
28
wc-frontend-manager/tags/6.5.13/controllers/withdrawal/wcfm/wcfm-controller-payments.php
r2629284
r2630745
39
39
}
40
40
41
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
41
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
42
42
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
43
43
wc-frontend-manager/tags/6.5.13/controllers/withdrawal/wcfm/wcfm-controller-withdrawal-requests.php
r2629284
r2630745
35
35
}
36
36
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
38
38
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
39
39
wc-frontend-manager/tags/6.5.13/controllers/withdrawal/wcfm/wcfm-controller-withdrawal-reverse.php
r2629284
r2630745
35
35
}
36
36
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
38
38
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
39
39
wc-frontend-manager/tags/6.5.13/controllers/withdrawal/wcfm/wcfm-controller-withdrawal.php
r2629284
r2630745
48
48
}
49
49
50
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
50
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
51
51
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
52
52
wc-frontend-manager/tags/6.5.13/core/class-wcfm-admin.php
r2629284
r2630745
118
118
<div class="notice is-dismissible wcfm\_addon\_inactive\_notice\_box wcfm\_ultimate\_inactive\_notice\_box" id="wcfm-ultimate-notice">
119
119
<img class="wcfm\_logo" src="<?php echo esc\_url( $WCFM->plugin\_url ); ?>assets/images/wcfm\_marketplace\_white\_logo.png" alt="">
120
<?php echo $offer\_msg; ?>
120
<?php echo wp\_kses\_post($offer\_msg); ?>
121
121
<span class="dashicons dashicons-megaphone"></span>
122
122
<a href="https://wclovers.com/product/woocommerce-frontend-manager-ultimate/?utm\_source=wp-admin&utm\_medium=banner&utm\_campaign=promotion&utm\_content=ultimate" class=" button-primary promo-btn" target="\_blank"><?php \_e( 'GET Ultimate', 'wc-multivendor-marketplace' ); ?></a>
…
…
164
164
<div class="notice is-dismissible wcfm\_addon\_inactive\_notice\_box" id="wcfm-membership-notice">
165
165
<img src="<?php echo esc\_url( $WCFM->plugin\_url ) . 'assets/images/wcfm\_membership\_logo.jpg'; ?>" alt="">
166
<?php echo $offer\_msg; ?>
166
<?php echo wp\_kses\_post($offer\_msg); ?>
167
167
<span class="dashicons dashicons-groups"></span>
168
168
<a href="https://wordpress.org/plugins/wc-multivendor-membership/" class="button button-primary promo-btn" target="\_blank"><?php \_e( 'View Details', 'wc-frontend-manager' ); ?></a>
…
…
216
216
<div class="notice is-dismissible wcfm\_addon\_inactive\_notice\_box wcfm\_group\_inactive\_notice\_box" id="wcfm-groups-sttafs-notice">
217
217
<img src="<?php echo esc\_url( $WCFM->plugin\_url ); ?>assets/images/wcfm\_marketplace\_white\_logo.png" alt="">
218
<?php echo $offer\_msg; ?>
218
<?php echo wp\_kses\_post($offer\_msg); ?>
219
219
<span class="dashicons dashicons-groups1"></span>
220
220
<a href="https://wclovers.com/product/woocommerce-frontend-manager-groups-staffs/?utm\_source=wp-admin&utm\_medium=banner&utm\_campaign=promotion&utm\_content=groups-staffs" class="promo-btn wcfmgs\_promo\_button" target="\_blank"></a>
…
…
262
262
</style>
263
263
<div class="postbox">
264
<a href="<?php echo get\_wcfm\_page(); ?>">
264
<a href="<?php echo esc\_usrl(get\_wcfm\_page()); ?>">
265
265
<div id="sales-piechart"><canvas id="sales-piechart-canvas"></canvas></div>
266
266
<div id="wcfm-logo"><img src="<?php echo esc\_url( $WCFM->plugin\_url ); ?>/assets/images/wcfm-30x30.png" alt="WCFM Home" /></div>
…
…
297
297
}
298
298
299
echo '<div style="text-align: center;"><a href="' . $wcfm\_url . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a></div>';
299
echo '<div style="text-align: center;"><a href="' . esc\_url($wcfm\_url) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a></div>';
300
300
}
301
301
…
…
307
307
308
308
if ( in\_array( $typenow, wc\_get\_order\_types( 'order-meta-boxes' ) ) ) {
309
echo '<a style="float: right;" href="' . get\_wcfm\_orders\_url() . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
309
echo '<a style="float: right;" href="' . esc\_url(get\_wcfm\_orders\_url()) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
310
310
} elseif ( 'product' == $typenow ) {
311
echo '<a style="float: right;" href="' . get\_wcfm\_products\_url() . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
311
echo '<a style="float: right;" href="' . esc\_url(get\_wcfm\_products\_url()) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
312
312
} elseif ( 'shop\_coupon' == $typenow ) {
313
echo '<a style="float: right;" href="' . get\_wcfm\_coupons\_url() . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
313
echo '<a style="float: right;" href="' . esc\_url(get\_wcfm\_coupons\_url()) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
314
314
}
315
315
}
…
…
387
387
foreach($pages\_array as $p\_id => $p\_name) {
388
388
?>
389
<option value="<?php echo $p\_id; ?>" <?php echo isset( $options\[ $args\['label\_for'\] \] ) ? ( selected( $options\[ $args\['label\_for'\] \], $p\_id, false ) ) : ( '' ); ?>>
389
<option value="<?php echo esc\_attr($p\_id); ?>" <?php echo isset( $options\[ $args\['label\_for'\] \] ) ? ( selected( $options\[ $args\['label\_for'\] \], $p\_id, false ) ) : ( '' ); ?>>
390
390
<?php esc\_html\_e( $p\_name, $WCFM->text\_domain ); ?>
391
391
</option>
…
…
395
395
</select>
396
396
<div class="wcfm\_setting\_warning\_box">
397
<p><?php \_e( 'DO NOT USE WCFM DASHBOARD PAGE FOR OTHER PAGE SETTINGS, you will break your site if you do.', 'wc-frontend-manager' ); ?></p>
397
<p><?php esc\_html\_e( 'DO NOT USE WCFM DASHBOARD PAGE FOR OTHER PAGE SETTINGS, you will break your site if you do.', 'wc-frontend-manager' ); ?></p>
398
398
</div>
399
399
<?php
…
…
437
437
?>
438
438
<div class="wrap">
439
<h1><?php echo esc\_html( get\_admin\_page\_title() ); ?></h1>
439
<h1><?php echo wp\_kses\_post( get\_admin\_page\_title() ); ?></h1>
440
440
<form action="options.php" method="post">
441
441
<div style="float: left; display: inline-block; width: 60%;">
wc-frontend-manager/tags/6.5.13/core/class-wcfm-ajax.php
r2629284
r2630745
157
157
} else {
158
158
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
159
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
159
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
160
160
wp\_die();
161
161
}
…
…
173
173
case 'wcfm-coupons-manage':
174
174
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
175
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
175
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
176
176
wp\_die();
177
177
}
…
…
235
235
case 'wcfm-profile':
236
236
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
237
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
237
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
238
238
wp\_die();
239
239
}
…
…
245
245
case 'wcfm-settings':
246
246
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
247
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
247
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
248
248
wp\_die();
249
249
}
…
…
264
264
case 'wcfm-capability':
265
265
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
266
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
266
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
267
267
wp\_die();
268
268
}
…
…
279
279
case 'wcfm-knowledgebase-manage':
280
280
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
281
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
281
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
282
282
wp\_die();
283
283
}
…
…
294
294
case 'wcfm-notice-manage':
295
295
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
296
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
296
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
297
297
wp\_die();
298
298
}
…
…
304
304
case 'wcfm-notice-reply':
305
305
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
306
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
306
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
307
307
wp\_die();
308
308
}
…
…
339
339
case 'wcfm-vendors-new':
340
340
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
341
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
341
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
342
342
wp\_die();
343
343
}
…
…
389
389
global $WCFM, $WCFMu, $\_POST;
390
390
391
$taxonomy = esc\_attr( wc\_clean( $\_POST\['taxonomy'\] ) );
391
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
392
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
393
wp\_die();
394
}
395
396
$taxonomy = wc\_clean( $\_POST\['taxonomy'\] );
392
397
$new\_term = wc\_clean( $\_POST\['new\_term'\] );
393
398
$parent\_term = wc\_clean( $\_POST\['parent\_term'\] );
…
…
506
511
}
507
512
513
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
514
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
515
wp\_die();
516
}
517
508
518
$product\_id = absint($\_POST\['proid'\]);
509
519
…
…
511
521
$product = wc\_get\_product( $product\_id );
512
522
if( !$product || !is\_object( $product ) ) {
513
echo 'failed';
523
echo esc\_html('failed');
514
524
die;
515
525
}
…
…
522
532
if( apply\_filters( 'wcfm\_is\_allow\_product\_delete' , false ) ) {
523
533
if(wp\_delete\_post($product\_id)) {
524
echo 'success';
534
echo esc\_html('success');
525
535
die;
526
536
}
527
537
} else {
528
538
if(wp\_trash\_post($product\_id)) {
529
echo 'success';
539
echo esc\_html('success');
530
540
die;
531
541
}
…
…
545
555
wp\_die();
546
556
}
557
558
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
559
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
560
wp\_die();
561
}
547
562
548
563
if( isset( $\_POST\['proid'\] ) && !empty( $\_POST\['proid'\] ) ) {
…
…
573
588
wp\_die();
574
589
}
590
591
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
592
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
593
wp\_die();
594
}
575
595
576
596
if( isset( $\_POST\['proid'\] ) && !empty( $\_POST\['proid'\] ) ) {
…
…
603
623
}
604
624
625
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
626
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
627
wp\_die();
628
}
629
605
630
if( isset( $\_POST\['proid'\] ) && !empty( $\_POST\['proid'\] ) ) {
606
631
$product\_id = absint( $\_POST\['proid'\] );
…
…
626
651
global $WCFM, $WCFMu, $\_POST;
627
652
653
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
654
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
655
wp\_die();
656
}
657
628
658
if( isset( $\_POST\['listid'\] ) && !empty( $\_POST\['listid'\] ) ) {
629
659
$listing\_id = absint($\_POST\['listid'\]);
…
…
637
667
}
638
668
639
echo 'sucess';
669
echo esc\_html('sucess');
640
670
die;
641
671
}
…
…
648
678
649
679
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
650
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
680
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
651
681
wp\_die();
652
682
}
683
684
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
685
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
686
wp\_die();
687
}
653
688
654
689
$order\_id = absint( $\_POST\['orderid'\] );
…
…
689
724
690
725
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
691
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
726
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
692
727
wp\_die();
693
728
}
729
730
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
731
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
732
wp\_die();
733
}
694
734
695
735
$order\_id = absint( $\_POST\['order\_id'\] );
…
…
723
763
724
764
if( defined('WCFM\_REST\_API\_CALL') ) {
725
return '{"status": true, "message": "' . \_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
726
}
727
728
echo '{"status": true, "message": "' . \_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
765
return '{"status": true, "message": "' . esc\_html\_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
766
}
767
768
echo '{"status": true, "message": "' . esc\_html\_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
729
769
}
730
770
die;
…
…
742
782
wp\_die();
743
783
}
784
785
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
786
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
787
wp\_die();
788
}
744
789
745
790
$knowledgebaseid = absint( $\_POST\['knowledgebaseid'\] );
…
…
765
810
}
766
811
812
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
813
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
814
wp\_die();
815
}
816
767
817
$knowledgebaseid = absint( $\_POST\['knowledgebaseid'\] );
768
818
…
…
787
837
}
788
838
839
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
840
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
841
wp\_die();
842
}
843
789
844
$knowledgebaseid = absint( $\_POST\['knowledgebaseid'\] );
790
845
791
846
if($knowledgebaseid) {
792
847
if(wp\_delete\_post($knowledgebaseid)) {
793
echo 'success';
848
echo esc\_html('success');
794
849
die;
795
850
}
…
…
808
863
wp\_die();
809
864
}
865
866
if ( !current\_user\_can( 'manage\_woocommerce' ) ) {
867
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
868
wp\_die();
869
}
810
870
811
871
$noticeid = absint( $\_POST\['noticeid'\] );
…
…
831
891
}
832
892
893
if ( !current\_user\_can( 'manage\_woocommerce' ) ) {
894
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
895
wp\_die();
896
}
897
833
898
$noticeid = absint( $\_POST\['noticeid'\] );
834
899
…
…
853
918
}
854
919
920
if ( !current\_user\_can( 'manage\_woocommerce' ) ) {
921
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
922
wp\_die();
923
}
924
855
925
$noticeid = absint( $\_POST\['noticeid'\] );
856
926
857
927
if($noticeid) {
858
928
if(wp\_delete\_post($noticeid)) {
859
echo 'success';
929
echo esc\_html('success');
860
930
die;
861
931
}
…
…
925
995
update\_user\_meta( $user\_id, '\_wcfm\_menu\_toggle\_state', $toggle\_state );
926
996
927
echo "success";
997
echo esc\_html("success");
928
998
die;
929
999
}
…
…
1189
1259
wp\_mail( $user\_email, $subject, $message );
1190
1260
1191
echo '{"status": true, "message": "' . \_\_( 'Email verification code send to your email.', 'wc-frontend-manager' ) . '"}';
1261
echo '{"status": true, "message": "' . esc\_html\_\_( 'Email verification code send to your email.', 'wc-frontend-manager' ) . '"}';
1192
1262
} else {
1193
echo '{"status": false, "message": "' . \_\_( 'Email verification not working right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1263
echo '{"status": false, "message": "' . esc\_html\_\_( 'Email verification not working right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1194
1264
}
1195
1265
die;
…
…
1203
1273
1204
1274
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
1205
wp\_send\_json\_error( \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) );
1275
wp\_send\_json\_error( esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) );
1206
1276
wp\_die();
1207
1277
}
1278
1279
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
1280
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
1281
wp\_die();
1282
}
1208
1283
1209
1284
if( isset( $\_POST\['memberid'\] ) ) {
…
…
1234
1309
do\_action( 'wcfm\_vendor\_disable\_after', $member\_id );
1235
1310
1236
echo '{"status": true, "message": "' . \_\_( 'Vendor successfully disabled.', 'wc-frontend-manager' ) . '"}';
1311
echo '{"status": true, "message": "' . esc\_html\_\_( 'Vendor successfully disabled.', 'wc-frontend-manager' ) . '"}';
1237
1312
die;
1238
1313
}
1239
echo '{"status": false, "message": "' . \_\_( 'Vendor can not be disabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1314
echo '{"status": false, "message": "' . esc\_html\_\_( 'Vendor can not be disabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1240
1315
die;
1241
1316
}
…
…
1251
1326
wp\_die();
1252
1327
}
1328
1329
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
1330
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
1331
wp\_die();
1332
}
1253
1333
1254
1334
if( isset( $\_POST\['memberid'\] ) ) {
…
…
1287
1367
do\_action( 'wcfm\_vendor\_enable\_after', $member\_id );
1288
1368
1289
echo '{"status": true, "message": "' . \_\_( 'Vendor successfully enabled.', 'wc-frontend-manager' ) . '"}';
1369
echo '{"status": true, "message": "' . esc\_html\_\_( 'Vendor successfully enabled.', 'wc-frontend-manager' ) . '"}';
1290
1370
die;
1291
1371
}
1292
echo '{"status": false, "message": "' . \_\_( 'Vendor can not be enabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1372
echo '{"status": false, "message": "' . esc\_html\_\_( 'Vendor can not be enabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1293
1373
die;
1294
1374
}
…
…
1300
1380
global $WCFM;
1301
1381
1382
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
1383
esc\_html\_e( 'You don’t have permission to do this.', 'woocommerce' );
1384
wp\_die();
1385
}
1386
1302
1387
$knowledgebase\_id = '';
1303
1388
if( isset($\_POST\['knowledgebaseid'\]) ) {
…
…
1307
1392
1308
1393
echo '<table><tbody><tr><td><h2 style="font-size: 18px;line-height: 20px;color:#00798b;text-decoration:underline;">';
1309
echo $knowledgebase\_post->post\_title;
1394
echo wp\_kses\_post($knowledgebase\_post->post\_title);
1310
1395
echo '</h2></td></tr><tr><td>';
1311
echo $knowledgebase\_post->post\_content;
1396
echo ($knowledgebase\_post->post\_content);
1312
1397
echo '</td></tr></tbody></table>';
1313
1398
}
…
…
1344
1429
1345
1430
if ( empty( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\] ) ) {
1346
echo '{"status": false, "message": "' . \_\_( 'Please insert username before submit.', 'wc-frontend-manager' ) . '"}';
1431
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please insert username before submit.', 'wc-frontend-manager' ) . '"}';
1347
1432
die;
1348
1433
}
…
…
1362
1447
1363
1448
if( !email\_exists( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\]) ) {
1364
echo '{"status": false, "message": "' . \_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1449
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1365
1450
die;
1366
1451
}
…
…
1373
1458
1374
1459
if ( is\_wp\_error( $user ) ) {
1375
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . $user->get\_error\_message() . '"}';
1460
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . $user->get\_error\_message() . '"}';
1376
1461
} else {
1377
echo '{"status": true, "message": "' . \_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1462
echo '{"status": true, "message": "' . esc\_html\_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1378
1463
}
1379
1464
} else {
1380
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1465
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1381
1466
}
1382
1467
1383
1468
} else {
1384
1469
if ( !validate\_username( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\] ) || !username\_exists( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\] ) ) {
1385
echo '{"status": false, "message": "' . \_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1470
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1386
1471
die;
1387
1472
}
…
…
1394
1479
1395
1480
if ( is\_wp\_error( $user ) ) {
1396
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1481
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1397
1482
} else {
1398
echo '{"status": true, "message": "' . \_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1483
echo '{"status": true, "message": "' . esc\_html\_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1399
1484
}
1400
1485
} else {
1401
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1486
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1402
1487
}
1403
1488
}
wc-frontend-manager/tags/6.5.13/core/class-wcfm-article.php
r2629284
r2630745
232
232
case 'wcfm-articles-manage':
233
233
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
234
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
234
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
235
235
wp\_die();
236
236
}
…
…
254
254
}
255
255
256
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
257
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
258
wp\_die();
259
}
260
256
261
$articleid = absint( $\_POST\['articleid'\] );
257
262
…
…
260
265
if( apply\_filters( 'wcfm\_is\_allow\_article\_delete' , false ) ) {
261
266
if(wp\_delete\_post($articleid)) {
262
echo 'success';
267
echo esc\_html('success');
263
268
die;
264
269
}
265
270
} else {
266
271
if(wp\_trash\_post($articleid)) {
267
echo 'success';
272
echo esc\_html('success');
268
273
die;
269
274
}
wc-frontend-manager/tags/6.5.13/core/class-wcfm-customer.php
r2629284
r2630745
363
363
}
364
364
365
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
366
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
367
wp\_die();
368
}
369
365
370
$customerid = absint( $\_POST\['customerid'\] );
366
371
367
372
if($customerid) {
368
373
if(wp\_delete\_user($customerid)) {
369
echo 'success';
374
echo esc\_html('success');
370
375
die;
371
376
}
wc-frontend-manager/tags/6.5.13/core/class-wcfm-enquiry.php
r2629284
r2630745
380
380
}
381
381
382
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
383
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
384
wp\_die();
385
}
386
382
387
if( isset( $\_POST\['enquiryid'\] ) && !empty( $\_POST\['enquiryid'\] ) ) {
383
388
$enquiryid = absint( $\_POST\['enquiryid'\] );
…
…
387
392
}
388
393
389
echo "success";
394
echo esc\_html("success");
390
395
die;
391
396
}
…
…
402
407
}
403
408
409
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
410
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
411
wp\_die();
412
}
413
404
414
if( isset( $\_POST\['responseid'\] ) && !empty( $\_POST\['responseid'\] ) ) {
405
415
$responseid = absint( $\_POST\['responseid'\] );
…
…
408
418
}
409
419
410
echo "success";
420
echo esc\_html("success");
411
421
die;
412
422
}
…
…
468
478
<div class="wcfm\_ele\_wrapper wcfm\_catalog\_enquiry\_button\_wrapper">
469
479
<div class="wcfm-clearfix"></div>
470
<a href="#" class="wcfm\_catalog\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $vendor\_id; ?>" data-product="<?php echo $product\_id; ?>" style="<?php echo $button\_style; ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a>
480
<a href="#" class="wcfm\_catalog\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="<?php echo esc\_attr($product\_id); ?>" style="<?php echo esc\_attr($button\_style); ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a>
471
481
<?php do\_action( 'wcfm\_after\_product\_catalog\_enquiry\_button' ); ?>
472
482
<?php if( $hover\_color ) { ?>
473
483
<style>
474
a.wcfm\_catalog\_enquiry:hover{background: <?php echo $hover\_color; ?> !important;background-color: <?php echo $hover\_color; ?> !important;border-bottom-color: <?php echo $hover\_color; ?> !important;color: <?php echo $hover\_text\_color; ?> !important;}
484
a.wcfm\_catalog\_enquiry:hover{background: <?php echo esc\_attr($hover\_color); ?> !important;background-color: <?php echo esc\_attr($hover\_color); ?> !important;border-bottom-color: <?php echo esc\_attr($hover\_color); ?> !important;color: <?php echo esc\_attr($hover\_text\_color); ?> !important;}
475
485
</style>
476
486
<?php } ?>
…
…
504
514
}
505
515
?>
506
<div class="lft bd\_icon\_box"><a class="wcfm\_store\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $vendor\_id; ?>" data-product="0" href="#"><i class="wcfmfa fa-question" aria-hidden="true"></i><span><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></div>
516
<div class="lft bd\_icon\_box"><a class="wcfm\_store\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="0" href="#"><i class="wcfmfa fa-question" aria-hidden="true"></i><span><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></div>
507
517
<?php
508
518
}
…
…
527
537
}
528
538
?>
529
<p class="store-enquiry"><a class="wcfm\_catalog\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $store\_id; ?>" data-product="0" href="#"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></p>
539
<p class="store-enquiry"><a class="wcfm\_catalog\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($store\_id); ?>" data-product="0" href="#"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></p>
530
540
<?php
531
541
}
…
…
566
576
foreach($wcfm\_enquirys\_array as $wcfm\_enquirys\_single) {
567
577
if( $counter == 5 ) break;
568
echo '<div class="wcfm\_dashboard\_enquiry"><a href="' . get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID) . '" class="wcfm\_dashboard\_item\_title"><span class="wcfmfa fa-question-circle"></span>' . substr( $wcfm\_enquirys\_single->enquiry, 0, 60 ) . ' ...</a></div>';
578
echo '<div class="wcfm\_dashboard\_enquiry"><a href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID)). '" class="wcfm\_dashboard\_item\_title"><span class="wcfmfa fa-question-circle"></span>' . wp\_kses\_post(substr( $wcfm\_enquirys\_single->enquiry, 0, 60 )) . ' ...</a></div>';
569
579
$counter++;
570
580
}
571
581
if( count( $wcfm\_enquirys\_array ) > 5 ) {
572
echo '<div class="wcfm\_dashboard\_enquiry\_show\_all"><a class="wcfm\_submit\_button" href="' . get\_wcfm\_enquiry\_url() . '">' . \_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div>';
582
echo '<div class="wcfm\_dashboard\_enquiry\_show\_all"><a class="wcfm\_submit\_button" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . esc\_html\_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div>';
573
583
}
574
584
} else {
575
\_e( 'There is no enquiry yet!!', 'wc-frontend-manager' );
585
esc\_html\_e( 'There is no enquiry yet!!', 'wc-frontend-manager' );
576
586
}
577
587
?>
…
…
615
625
if( $attachments && is\_array( $attachments ) && !empty( $attachments ) ) {
616
626
if( $context == 'view' ) {
617
echo '<div class="wcfm\_clearfix"></div><br /><h2 style="font-size:15px;">' . \_\_( 'Attachment(s)', 'wc-frontend-manager' ) . '</h2><div class="wcfm\_clearfix"></div>';
627
echo '<div class="wcfm\_clearfix"></div><br /><h2 style="font-size:15px;">' . esc\_html\_\_( 'Attachment(s)', 'wc-frontend-manager' ) . '</h2><div class="wcfm\_clearfix"></div>';
618
628
foreach( $attachments as $attachment ) {
619
echo '<a class="wcfm-wp-fields-uploader wcfm\_linked\_attached" target="\_blank" style="width:32px;height:32px;margin-right:10px;" href="' . $attachment . '"><span style="font-size:32px;color: #f86c6b;display:inline-block;" class="wcfmfa fa-file-image"></span></a>';
629
echo '<a class="wcfm-wp-fields-uploader wcfm\_linked\_attached" target="\_blank" style="width:32px;height:32px;margin-right:10px;" href="' . esc\_url($attachment) . '"><span style="font-size:32px;color: #f86c6b;display:inline-block;" class="wcfmfa fa-file-image"></span></a>';
620
630
}
621
631
return;
wc-frontend-manager/tags/6.5.13/core/class-wcfm-frontend.php
r2629284
r2630745
317
317
318
318
$quick\_access\_image\_url = isset( $wcfm\_options\['wcfm\_quick\_access\_icon'\] ) ? wcfm\_get\_attachment\_url( $wcfm\_options\['wcfm\_quick\_access\_icon'\] ) : esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png';
319
echo '<a href="' . get\_wcfm\_page() . '"><img class="text\_tip" data-tip="' . \_\_( 'Dashboard', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($quick\_access\_image\_url) . '" width="30" alt="' . \_\_( 'Dashboard', 'wc-frontend-manager' ) . '" /></a>';
319
echo '<a href="' . esc\_url(get\_wcfm\_page()) . '"><img class="text\_tip" data-tip="' . esc\_html\_\_( 'Dashboard', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($quick\_access\_image\_url) . '" width="30" alt="' . esc\_html\_\_( 'Dashboard', 'wc-frontend-manager' ) . '" /></a>';
320
320
}
321
321
…
…
352
352
<?php do\_action( 'wcfm\_product\_manage', $pro\_id, $\_product ); ?>
353
353
<?php if( apply\_filters( 'wcfm\_is\_allow\_edit\_products', true ) && apply\_filters( 'wcfm\_is\_allow\_edit\_specific\_products', true, $pro\_id ) ) { ?>
354
<a class="wcfm\_button" href="<?php echo get\_wcfm\_edit\_product\_url( $pro\_id, $\_product ); ?>"> <span class="wcfmfa fa-edit text\_tip" data-tip="<?php echo esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ); ?>"></span> </a>
354
<a class="wcfm\_button" href="<?php echo esc\_url(get\_wcfm\_edit\_product\_url( $pro\_id, $\_product )); ?>"> <span class="wcfmfa fa-edit text\_tip" data-tip="<?php echo esc\_html\_\_( 'Edit', 'wc-frontend-manager' ); ?>"></span> </a>
355
355
<?php } ?>
356
356
<?php if( apply\_filters( 'wcfm\_is\_allow\_delete\_products', true ) && apply\_filters( 'wcfm\_is\_allow\_delete\_specific\_products', true, $pro\_id ) ) { ?>
357
357
<span class="wcfm\_button\_separator">|</span>
358
<a class="wcfm\_button wcfm\_delete\_product" href="#" data-proid="<?php echo $pro\_id; ?>"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="<?php echo esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ); ?>"></span> </a>
358
<a class="wcfm\_button wcfm\_delete\_product" href="#" data-proid="<?php echo esc\_attr($pro\_id); ?>"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="<?php echo esc\_html\_\_( 'Delete', 'wc-frontend-manager' ); ?>"></span> </a>
359
359
<?php } ?>
360
360
</div>
…
…
820
820
821
821
if( apply\_filters( 'wcfm\_is\_force\_category\_attributes\_mapping', false ) ) {
822
echo '<p class="wcfm\_category\_attributes\_mapping\_msg description instructions">' . \_\_( 'First choose product category to get associated attributes.', 'wc-frontend-manager' ) . '</p>';
822
echo '<p class="wcfm\_category\_attributes\_mapping\_msg description instructions">' . esc\_html\_\_( 'First choose product category to get associated attributes.', 'wc-frontend-manager' ) . '</p>';
823
823
}
824
824
wc-frontend-manager/tags/6.5.13/core/class-wcfm-integrations.php
r2629284
r2630745
1218
1218
$idx=$origin\['origin\_code'\];
1219
1219
?>
1220
<option value=<?php echo '"'.$idx.'"'; if($vendor\_data\_asal\_kota === $idx){echo ' selected';}?>><?php echo $origin\["kota\_kabupaten"\]; ?></option>
1220
<option value=<?php echo '"'.$idx.'"'; if($vendor\_data\_asal\_kota === $idx){echo ' selected';}?>><?php echo esc\_html($origin\["kota\_kabupaten"\]); ?></option>
1221
1221
<?php
1222
1222
}
…
…
1592
1592
\*/
1593
1593
function wcfm\_listing\_approve() {
1594
1595
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
1596
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
1597
wp\_die();
1598
}
1599
1594
1600
if ( !empty( $\_GET\['listing\_id'\] ) && !wcfm\_is\_vendor() ) {
1595
1601
$listing\_id = absint( $\_GET\['listing\_id'\] );
wc-frontend-manager/tags/6.5.13/core/class-wcfm-library.php
r2629284
r2630745
1348
1348
?>
1349
1349
<div class="wcfm-date-range-field">
1350
<input type="text" name="wcfm-date-range" class="wcfm-date-range" autocomplete="off" placeholder="<?php \_e( 'Choose Date Range', 'wc-frontend-manager' ); ?> ..." value="<?php echo $wcfm\_date\_range; ?>">
1350
<input type="text" name="wcfm-date-range" class="wcfm-date-range" autocomplete="off" placeholder="<?php esc\_html\_e( 'Choose Date Range', 'wc-frontend-manager' ); ?> ..." value="<?php echo esc\_html($wcfm\_date\_range); ?>">
1351
1351
1352
1352
<input type="hidden" name="wcfm-date\_from" autocomplete="off" value="">
wc-frontend-manager/tags/6.5.13/core/class-wcfm-non-ajax.php
r2629284
r2630745
44
44
$draft\_count = wcfm\_get\_user\_posts\_count( $current\_user\_id, 'product', 'draft' );
45
45
46
$product\_stat = '{"online" : ' . $publish\_count . ', "pending" : ' . $pending\_count . ', "draft" : ' . $draft\_count . '}';
46
$product\_stat = '{"online" : ' . esc\_attr($publish\_count) . ', "pending" : ' . esc\_attr($pending\_count) . ', "draft" : ' . esc\_attr($draft\_count) . '}';
47
47
?>
48
48
<script type="text/javascript">
wc-frontend-manager/tags/6.5.13/core/class-wcfm-notification.php
r2629284
r2630745
247
247
$wcfm\_dashboard\_message\_content\_length = (int) apply\_filters( 'wcfm\_is\_allow\_dashboard\_message\_content\_length', 80 );
248
248
if( $wcfm\_message->message\_type == 'direct' ) $message\_text = substr( strip\_tags( $message\_text ), 0, $wcfm\_dashboard\_message\_content\_length ) . ' ...';
249
echo '<div class="wcfm\_dashboard\_notification">' . $message\_icon . ' ' . $message\_text . '</div>';
249
echo '<div class="wcfm\_dashboard\_notification">' . wp\_kses\_post($message\_icon) . ' ' . wp\_kses\_post($message\_text) . '</div>';
250
250
$counter++;
251
251
}
252
252
if( count( $wcfm\_messages ) > 5 ) {
253
echo '<div class="wcfm\_dashboard\_notifications\_show\_all"><a class="wcfm\_submit\_button" href="' . get\_wcfm\_messages\_url() . '">' . \_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div><div class="wcfm-clearfix"></div>';
253
echo '<div class="wcfm\_dashboard\_notifications\_show\_all"><a class="wcfm\_submit\_button" href="' . esc\_url(get\_wcfm\_messages\_url()) . '">' . esc\_html\_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div><div class="wcfm-clearfix"></div>';
254
254
}
255
255
} else {
…
…
273
273
274
274
if( is\_user\_logged\_in() ) {
275
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
276
//wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
277
wp\_die();
278
}
279
275
280
$unread\_notice = $this->wcfm\_direct\_message\_count( 'notice' );
276
281
$unread\_message = $this->wcfm\_direct\_message\_count( 'message' );
277
282
$unread\_enquiry = $this->wcfm\_direct\_message\_count( 'enquiry' );
278
283
279
echo '{ "status": true, "notice": ' . $unread\_notice . ', "message": ' .$unread\_message . ', "enquiry": ' .$unread\_enquiry . ' }';
284
echo '{ "status": true, "notice": ' . esc\_attr($unread\_notice) . ', "message": ' . esc\_attr($unread\_message) . ', "enquiry": ' . esc\_attr($unread\_enquiry) . ' }';
280
285
} else {
281
286
echo '{ "status": false, "redirect": "' . esc\_url( get\_permalink( wc\_get\_page\_id( 'myaccount' ) ) ) . '" }';
…
…
516
521
global $WCFM, $wpdb;
517
522
523
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
524
//wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
525
wp\_die();
526
}
527
518
528
if( isset( $\_POST\['limit'\] ) && $\_POST\['limit'\] ) {
519
529
$limit = absint( $\_POST\['limit'\] );
…
…
570
580
global $WCFM, $wpdb, $\_POST;
571
581
582
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
583
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
584
wp\_die();
585
}
586
572
587
$messageid = absint( $\_POST\['messageid'\] );
573
588
$message\_to = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
…
…
597
612
function wcfm\_messages\_bulk\_mark\_read() {
598
613
global $WCFM, $wpdb, $\_POST;
614
615
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
616
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
617
wp\_die();
618
}
599
619
600
620
if( isset($\_POST\['selected\_messages'\]) ) {
…
…
633
653
global $WCFM, $wpdb, $\_POST;
634
654
655
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
656
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
657
wp\_die();
658
}
659
635
660
$messageid = absint( $\_POST\['messageid'\] );
636
661
$wpdb->query( "DELETE FROM {$wpdb->prefix}wcfm\_messages WHERE \`ID\` = {$messageid}" );
…
…
656
681
function wcfm\_messages\_bulk\_mark\_delete() {
657
682
global $WCFM, $wpdb, $\_POST;
683
684
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
685
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
686
wp\_die();
687
}
658
688
659
689
if( isset($\_POST\['selected\_messages'\]) ) {
wc-frontend-manager/tags/6.5.13/core/class-wcfm-policy.php
r2629284
r2630745
66
66
<div class="page\_collapsible" id="wcfm\_settings\_form\_policies\_head">
67
67
<label class="wcfmfa fa-ambulance"></label>
68
<?php echo apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Policies', 'wc-frontend-manager'); ?><span></span>
68
<?php echo esc\_attr( apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Policies', 'wc-frontend-manager') ); ?><span></span>
69
69
</div>
70
70
<div class="wcfm-container">
71
71
<div id="wcfm\_settings\_form\_policies\_expander" class="wcfm-content">
72
<h2><?php echo apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Store Policies Setting', 'wc-frontend-manager'); ?></h2>
72
<h2><?php echo esc\_attr( apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Store Policies Setting', 'wc-frontend-manager') ); ?></h2>
73
73
<?php wcfm\_video\_tutorial( 'https://wclovers.com/knowledgebase/wcfm-store-policies/' ); ?>
74
74
<div class="wcfm\_clearfix"></div>
…
…
109
109
110
110
if( isset( $\_POST\['shipping\_policy'\] ) ) {
111
$wcfm\_policy\_options\['shipping\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
111
$wcfm\_policy\_options\['shipping\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
112
112
}
113
113
114
114
if( isset( $\_POST\['refund\_policy'\] ) ) {
115
$wcfm\_policy\_options\['refund\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
115
$wcfm\_policy\_options\['refund\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
116
116
}
117
117
118
118
if( isset( $\_POST\['cancellation\_policy'\] ) ) {
119
$wcfm\_policy\_options\['cancellation\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
119
$wcfm\_policy\_options\['cancellation\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
120
120
}
121
121
…
…
226
226
227
227
if( isset( $\_POST\['shipping\_policy'\] ) ) {
228
$wcfm\_policy\_vendor\_options\['shipping\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
228
$wcfm\_policy\_vendor\_options\['shipping\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
229
229
if( $is\_marketplace && ( $is\_marketplace == 'dokan' ) ) {
230
230
update\_user\_meta( $vendor\_id, '\_dps\_ship\_policy', $wcfm\_policy\_vendor\_options\['shipping\_policy'\] );
…
…
233
233
234
234
if( isset( $\_POST\['refund\_policy'\] ) ) {
235
$wcfm\_policy\_vendor\_options\['refund\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
235
$wcfm\_policy\_vendor\_options\['refund\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
236
236
if( $is\_marketplace && ( $is\_marketplace == 'dokan' ) ) {
237
237
update\_user\_meta( $vendor\_id, '\_dps\_refund\_policy', $wcfm\_policy\_vendor\_options\['refund\_policy'\] );
…
…
240
240
241
241
if( isset( $\_POST\['cancellation\_policy'\] ) ) {
242
$wcfm\_policy\_vendor\_options\['cancellation\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
242
$wcfm\_policy\_vendor\_options\['cancellation\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
243
243
}
244
244
…
…
373
373
374
374
if( isset( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\] ) && !empty( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\] ) ) {
375
$wcfm\_policy\_product\_options\['shipping\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
375
$wcfm\_policy\_product\_options\['shipping\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
376
376
if( $is\_marketplace && ($is\_marketplace == 'wcmarketplace') ) {
377
377
update\_post\_meta( $new\_product\_id, '\_wcmp\_shipping\_policy', $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\] );
…
…
379
379
}
380
380
if( isset( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\] ) && !empty( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\] ) ) {
381
$wcfm\_policy\_product\_options\['refund\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
381
$wcfm\_policy\_product\_options\['refund\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
382
382
if( $is\_marketplace && ($is\_marketplace == 'wcmarketplace') ) {
383
383
update\_post\_meta( $new\_product\_id, '\_wcmp\_refund\_policy', $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\] );
…
…
385
385
}
386
386
if( isset( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\] ) && !empty( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\] ) ) {
387
$wcfm\_policy\_product\_options\['cancellation\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
387
$wcfm\_policy\_product\_options\['cancellation\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
388
388
if( $is\_marketplace && ($is\_marketplace == 'wcmarketplace') ) {
389
389
update\_post\_meta( $new\_product\_id, '\_wcmp\_cancellation\_policy', $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\] );
…
…
603
603
<div class="wcfm-shipping-policies">
604
604
<h2 class="wcfm\_policies\_heading"><?php echo apply\_filters('wcfm\_shipping\_policies\_heading', \_\_('Shipping Policy', 'wc-frontend-manager')); ?></h2>
605
<div class="wcfm\_policies\_description" ><?php echo $shipping\_policy; ?></div>
605
<div class="wcfm\_policies\_description" ><?php echo wp\_kses\_post($shipping\_policy); ?></div>
606
606
</div>
607
607
<?php } if( !wcfm\_empty( $refund\_policy ) ) { ?>
608
608
<div class="wcfm-refund-policies">
609
609
<h2 class="wcfm\_policies\_heading"><?php echo apply\_filters('wcfm\_refund\_policies\_heading', \_\_('Refund Policy', 'wc-frontend-manager')); ?></h2>
610
<div class="wcfm\_policies\_description" ><?php echo $refund\_policy; ?></div>
610
<div class="wcfm\_policies\_description" ><?php echo wp\_kses\_post($refund\_policy); ?></div>
611
611
</div>
612
612
<?php } if( !wcfm\_empty( $cancellation\_policy ) ) { ?>
613
613
<div class="wcfm-cancellation-policies">
614
614
<h2 class="wcfm\_policies\_heading"><?php echo apply\_filters('wcfm\_cancellation\_policies\_heading', \_\_('Cancellation / Return / Exchange Policy', 'wc-frontend-manager')); ?></h2>
615
<div class="wcfm\_policies\_description" ><?php echo $cancellation\_policy; ?></div>
615
<div class="wcfm\_policies\_description" ><?php echo wp\_kses\_post($cancellation\_policy); ?></div>
616
616
</div>
617
617
<?php } ?>
wc-frontend-manager/tags/6.5.13/core/class-wcfm-query.php
r2629284
r2630745
305
305
foreach ( $this->query\_vars as $key => $var ) {
306
306
if ( isset( $\_GET\[ $var \] ) ) {
307
$wp->query\_vars\[ $key \] = $\_GET\[ $var \];
307
$wp->query\_vars\[ $key \] = wc\_clean( $\_GET\[ $var \] );
308
308
}
309
309
wc-frontend-manager/tags/6.5.13/core/class-wcfm-vendor-support.php
r2629284
r2630745
460
460
?>
461
461
<!-- collapsible 11.5 - WCFM Vendor Association -->
462
<div class="page\_collapsible products\_manage\_vendor\_association simple variable grouped external booking <?php echo $wcfm\_wpml\_edit\_disable\_element; ?>" id="wcfm\_products\_manage\_form\_vendor\_association\_head"><label class="wcfmfa fa-user-alt fa-user-alt"></label><?php echo apply\_filters( 'wcfm\_sold\_by\_label', $wcfm\_associate\_vendor, \_\_( 'Store', 'wc-frontend-manager' ) ); ?><span></span></div>
462
<div class="page\_collapsible products\_manage\_vendor\_association simple variable grouped external booking <?php echo esc\_attr($wcfm\_wpml\_edit\_disable\_element); ?>" id="wcfm\_products\_manage\_form\_vendor\_association\_head"><label class="wcfmfa fa-user-alt fa-user-alt"></label><?php echo esc\_attr(apply\_filters( 'wcfm\_sold\_by\_label', $wcfm\_associate\_vendor, \_\_( 'Store', 'wc-frontend-manager' ) )); ?><span></span></div>
463
463
<div class="wcfm-container simple variable external grouped booking">
464
464
<div id="wcfm\_products\_manage\_form\_vendor\_association\_expander" class="wcfm-content">
wc-frontend-manager/tags/6.5.13/core/class-wcfm-wcbookings.php
r2629284
r2630745
344
344
?>
345
345
<!-- collapsible Booking 1 -->
346
<div class="page\_collapsible products\_manage\_wcbokings\_general <?php echo $wcfm\_pm\_block\_class\_wcbokings\_general; ?>" id="wcfm\_products\_manage\_form\_booking\_options\_head"><label class="wcfmfa fa-calendar"></label><?php \_e('Booking Options', 'wc-frontend-manager'); ?><span></span></div>
347
<div class="wcfm-container <?php echo $wcfm\_pm\_block\_class\_wcbokings\_general; ?>">
346
<div class="page\_collapsible products\_manage\_wcbokings\_general <?php echo esc\_attr($wcfm\_pm\_block\_class\_wcbokings\_general); ?>" id="wcfm\_products\_manage\_form\_booking\_options\_head"><label class="wcfmfa fa-calendar"></label><?php \_e('Booking Options', 'wc-frontend-manager'); ?><span></span></div>
347
<div class="wcfm-container <?php echo esc\_attr($wcfm\_pm\_block\_class\_wcbokings\_general); ?>">
348
348
<div id="wcfm\_products\_manage\_form\_booking\_options\_expander" class="wcfm-content">
349
349
<?php
wc-frontend-manager/tags/6.5.13/core/class-wcfm-wcfmmarketplace.php
r2629284
r2630745
751
751
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_subtotal', $order\_id, $this->vendor\_id ); ?>
752
752
<tr>
753
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Subtotal', 'wc-frontend-manager' ); ?>:</th>
754
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
753
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Subtotal', 'wc-frontend-manager' ); ?>:</th>
754
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
755
755
<div class="view">
756
756
<?php
…
…
803
803
?>
804
804
<tr>
805
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php echo $tax\_breakup\['label'\]; ?>:</th>
806
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
805
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php echo esc\_html($tax\_breakup\['label'\]); ?>:</th>
806
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
807
807
<div class="view">
808
808
<?php
…
…
828
828
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_tax', $order\_id, $this->vendor\_id ); ?>
829
829
<tr>
830
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>">
831
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo \_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
832
<?php \_e( 'Tax', 'wc-frontend-manager' ); ?>:
830
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>">
831
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo esc\_html\_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
832
<?php esc\_html\_e( 'Tax', 'wc-frontend-manager' ); ?>:
833
833
</th>
834
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
834
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
835
835
<div class="view">
836
836
<?php
…
…
853
853
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_shipping', $order\_id, $this->vendor\_id ); ?>
854
854
<tr>
855
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Shipping', 'wc-frontend-manager' ); ?>:</th>
856
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
855
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Shipping', 'wc-frontend-manager' ); ?>:</th>
856
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
857
857
<div class="view">
858
858
<?php
…
…
903
903
?>
904
904
<tr>
905
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php echo \_\_( 'Shipping Tax', 'wc-frontend-manager' ) . ' ' . $tax\_breakup\['label'\]; ?>:</th>
906
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
905
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php echo esc\_html\_\_( 'Shipping Tax', 'wc-frontend-manager' ) . ' ' . $tax\_breakup\['label'\]; ?>:</th>
906
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
907
907
<div class="view">
908
908
<?php
…
…
922
922
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_shipping\_tax', $order\_id, $this->vendor\_id ); ?>
923
923
<tr>
924
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>">
925
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo \_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
926
<?php \_e( 'Shipping Tax', 'wc-frontend-manager' ); ?>:
924
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>">
925
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo esc\_html\_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
926
<?php esc\_html\_e( 'Shipping Tax', 'wc-frontend-manager' ); ?>:
927
927
</th>
928
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
928
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
929
929
<div class="view">
930
930
<?php
…
…
947
947
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_refund', $order\_id, $this->vendor\_id ); ?>
948
948
<tr>
949
<th class="label refunded-total" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Refunded', 'wc-frontend-manager' ); ?>:</th>
950
<td class="total refunded-total" style="text-align:center; <?php echo $td\_style; ?>">-<?php echo wc\_price( $refund\_total, array( 'currency' => $order\_currency ) ); ?></td>
949
<th class="label refunded-total" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Refunded', 'wc-frontend-manager' ); ?>:</th>
950
<td class="total refunded-total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">-<?php echo wc\_price( $refund\_total, array( 'currency' => $order\_currency ) ); ?></td>
951
951
</tr>
952
952
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_refund', $order\_id, $this->vendor\_id ); ?>
…
…
956
956
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_discount', $order\_id, $this->vendor\_id ); ?>
957
957
<tr>
958
<th class="label discount-total" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Discount', 'wc-frontend-manager' ); ?>:</th>
959
<td class="total discount-total" style="text-align:center; <?php echo $td\_style; ?>"><?php echo wc\_price( $discount\_total, array( 'currency' => $order\_currency ) ); ?></td>
958
<th class="label discount-total" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Discount', 'wc-frontend-manager' ); ?>:</th>
959
<td class="total discount-total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>"><?php echo wc\_price( $discount\_total, array( 'currency' => $order\_currency ) ); ?></td>
960
960
</tr>
961
961
<?php do\_action( 'wcfm\_vendor\_order\_details\_after\_discount', $order\_id, $this->vendor\_id ); ?>
…
…
965
965
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_total', $order\_id, $this->vendor\_id ); ?>
966
966
<tr class="total\_cost">
967
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Total', 'wc-frontend-manager' ); ?>:</th>
968
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
967
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Total', 'wc-frontend-manager' ); ?>:</th>
968
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
969
969
<div class="view">
970
970
<?php
…
…
990
990
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_earning', $order\_id, $this->vendor\_id ); ?>
991
991
<tr>
992
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
993
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
992
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
993
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
994
994
<div class="view">
995
995
<?php
…
…
1006
1006
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_affiliate\_commission', $order\_id, $this->vendor\_id ); ?>
1007
1007
<tr>
1008
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1009
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1008
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1009
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1010
1010
<div class="view">
1011
1011
<?php
…
…
1022
1022
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_commission\_tax', $order\_id, $this->vendor\_id ); ?>
1023
1023
<tr>
1024
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php echo $commission\_rule\['tax\_name'\] . ' ('. $commission\_rule\['tax\_percent'\] .'%)'; ?>:</th>
1025
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1024
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php echo esc\_html($commission\_rule\['tax\_name'\]) . ' ('. $commission\_rule\['tax\_percent'\] .'%)'; ?>:</th>
1025
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1026
1026
<div class="view">
1027
1027
<?php
…
…
1039
1039
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_earning', $order\_id, $this->vendor\_id ); ?>
1040
1040
<tr>
1041
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1042
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1041
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1042
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1043
1043
<div class="view">
1044
1044
<?php
…
…
1052
1052
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_affiliate\_commission', $order\_id, $this->vendor\_id ); ?>
1053
1053
<tr>
1054
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1055
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1054
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1055
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1056
1056
<div class="view">
1057
1057
<?php
…
…
1076
1076
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_earning', $order\_id, $this->vendor\_id ); ?>
1077
1077
<tr>
1078
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1079
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1078
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1079
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1080
1080
<div class="view">
1081
1081
<?php
…
…
1091
1091
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_transaction\_charge', $order\_id, $this->vendor\_id ); ?>
1092
1092
<tr>
1093
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Transaction Charge', 'wc-frontend-manager' ); ?>:</th>
1094
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1093
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Transaction Charge', 'wc-frontend-manager' ); ?>:</th>
1094
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1095
1095
<div class="view">
1096
1096
<?php
…
…
1108
1108
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_total\_earning', $order\_id, $this->vendor\_id ); ?>
1109
1109
<tr>
1110
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Total Earning', 'wc-frontend-manager' ); ?>:</th>
1111
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1110
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Total Earning', 'wc-frontend-manager' ); ?>:</th>
1111
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1112
1112
<div class="view">
1113
1113
<?php
…
…
1128
1128
?>
1129
1129
<tr>
1130
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Admin Fee', 'wc-frontend-manager' ); ?>:</th>
1131
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1130
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Admin Fee', 'wc-frontend-manager' ); ?>:</th>
1131
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1132
1132
<div class="view">
1133
1133
<?php
wc-frontend-manager/tags/6.5.13/core/class-wcfm-wcmarketplace.php
r2629284
r2630745
827
827
foreach( $wcmp\_knowledgebases as $wcmp\_knowledgebase ) {
828
828
?>
829
<div class="page\_collapsible" id="wcfm\_knowledgebase\_listing\_head-<?php echo $wcmp\_knowledgebase->ID; ?>">
829
<div class="page\_collapsible" id="wcfm\_knowledgebase\_listing\_head-<?php echo esc\_attr($wcmp\_knowledgebase->ID); ?>">
830
830
<label class="wcfmfa fa-bookmark"></label>
831
<?php echo $wcmp\_knowledgebase->post\_title; ?><span></span>
831
<?php echo wp\_kses\_post($wcmp\_knowledgebase->post\_title); ?><span></span>
832
832
</div>
833
833
<div class="wcfm-container">
834
<div id="wcfm\_knowledgebase\_listing\_expander-<?php echo $wcmp\_knowledgebase->ID; ?>" class="wcfm\_knowledgebase wcfm-content">
835
<?php echo $wcmp\_knowledgebase->post\_content; ?>
834
<div id="wcfm\_knowledgebase\_listing\_expander-<?php echo esc\_attr($wcmp\_knowledgebase->ID); ?>" class="wcfm\_knowledgebase wcfm-content">
835
<?php echo wp\_kses\_post($wcmp\_knowledgebase->post\_content); ?>
836
836
</div>
837
837
</div>
…
…
851
851
function wcmarketplace\_auto\_suggesion\_product() {
852
852
global $WCFM, $WCMp, $wpdb;
853
854
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
855
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
856
wp\_die();
857
}
858
853
859
$searchstr = $\_POST\['protitle'\];
854
860
$querystr = "select DISTINCT post\_title, ID from {$wpdb->prefix}posts where post\_title like '{$searchstr}%' and post\_status = 'publish' and post\_type = 'product' GROUP BY post\_title order by post\_title LIMIT 0,10";
…
…
857
863
echo "<ul>";
858
864
foreach ($results as $result) {
859
echo '<li data-element="' . $result->ID . '"><a class="wcfm\_product\_multi\_seller\_associate" href="#" data-proid="' . $result->ID . '">' . $result->post\_title . '</a></li>';
865
echo '<li data-element="' . esc\_attr($result->ID) . '"><a class="wcfm\_product\_multi\_seller\_associate" href="#" data-proid="' . esc\_attr($result->ID) . '">' . wp\_kses\_post($result->post\_title) . '</a></li>';
860
866
}
861
867
echo "</ul>";
…
…
869
875
public function wcfm\_product\_multi\_seller\_associate() {
870
876
global $WCFM, $WCFMu, $\_POST;
877
878
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
879
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
880
wp\_die();
881
}
871
882
872
883
if( !class\_exists( 'WC\_Admin\_Duplicate\_Product' ) ) {
wc-frontend-manager/tags/6.5.13/core/class-wcfm-wcvendors.php
r2629284
r2630745
194
194
global $WCFM;
195
195
196
echo '<a href="' . get\_wcfm\_page() . '"><img class="text\_tip" data-tip="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
196
echo '<a href="' . esc\_url(get\_wcfm\_page()) . '"><img class="text\_tip" data-tip="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
197
197
}
198
198
wc-frontend-manager/tags/6.5.13/core/class-wcfm.php
r2629284
r2630745
483
483
$is\_export = false;
484
484
$is\_import = false;
485
if( isset($\_GET\['page'\]) && ( $\_GET\['page'\] == 'product\_exporter' ) ) { $is\_export = true; }
486
if( isset($\_GET\['page'\]) && ( $\_GET\['page'\] == 'product\_importer' ) ) { $is\_import = true; }
487
if( isset($\_GET\['page'\]) && ( $\_GET\['page'\] == 'store-setup' ) ) { $is\_setup = true; }
485
if( isset($\_GET\['page'\]) && ( wc\_clean($\_GET\['page'\]) == 'product\_exporter' ) ) { $is\_export = true; }
486
if( isset($\_GET\['page'\]) && ( wc\_clean($\_GET\['page'\]) == 'product\_importer' ) ) { $is\_import = true; }
487
if( isset($\_GET\['page'\]) && ( wc\_clean($\_GET\['page'\]) == 'store-setup' ) ) { $is\_setup = true; }
488
488
489
489
if( ( 'yes' == $wcfm\_vnd\_wpadmin ) && !$is\_export && !$is\_import && !$is\_setup ) {
wc-frontend-manager/tags/6.5.13/helpers/wcfm-core-functions.php
r2629284
r2630745
1992
1992
?>
1993
1993
<p class="wcfm\_tutorials\_wrapper">
1994
<a class="wcfm\_tutorials" href="<?php echo $video\_url; ?>">
1994
<a class="wcfm\_tutorials" href="<?php echo esc\_url($video\_url); ?>">
1995
1995
<span class="wcfm\_tutorials\_icon wcfmfa fa-video"></span>
1996
1996
<span class='wcfm\_tutorials\_label'><?php \_e( 'Tutorial', 'wc-frontend-manager' ); ?></span>
…
…
2291
2291
if( !is\_admin() ) {
2292
2292
if( isset( $\_SESSION\['wcfm\_my\_locale'\] ) && !empty( $\_SESSION\['wcfm\_my\_locale'\] ) ) {
2293
$locale = $\_SESSION\['wcfm\_my\_locale'\];
2293
$locale = wc\_clean($\_SESSION\['wcfm\_my\_locale'\]);
2294
2294
}
2295
2295
}
wc-frontend-manager/tags/6.5.13/includes/libs/php/class-wcfm-fields.php
r2629284
r2630745
768
768
$placeholder = apply\_filters( 'wcfm\_default\_placeholder\_image', $WCFM->plugin\_url . 'includes/libs/upload/images/Placeholder.png' );
769
769
if( !$img\_src ) $img\_src = $placeholder;
770
$mimeProp = '<img id="'.esc\_attr($field\['id'\]).'\_display" data-placeholder="'.$placeholder.'" src="'.esc\_attr( $img\_src ).'" width="'.absint( $field\['prwidth'\] ).'" class="'.$placeHolder.'" />';
770
$mimeProp = '<img id="'.esc\_attr($field\['id'\]).'\_display" data-placeholder="'.$placeholder.'" src="'.esc\_url( $img\_src ).'" width="'.absint( $field\['prwidth'\] ).'" class="'.$placeHolder.'" />';
771
771
} else {
772
772
if($field\['value'\])
wc-frontend-manager/tags/6.5.13/includes/shortcodes/class-wcfm-shortcode-enquiry.php
r2629284
r2630745
96
96
<div class="wcfm\_ele\_wrapper wcfm\_enquiry\_widget">
97
97
<div class="wcfm-clearfix"></div>
98
<a href="#" class="wcfm\_catalog\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $vendor\_id; ?>" data-product="<?php echo $product\_id; ?>" style="<?php echo $button\_style; ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $ask\_question\_label, 'wc-frontend-manager' ); ?></span></a>
98
<a href="#" class="wcfm\_catalog\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="<?php echo esc\_attr($product\_id); ?>" style="<?php echo esc\_attr($button\_style); ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $ask\_question\_label, 'wc-frontend-manager' ); ?></span></a>
99
99
<?php if( $hover\_color ) { ?>
100
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo $hover\_color; ?> !important;background-color: <?php echo $hover\_color; ?> !important;border-bottom-color: <?php echo $hover\_color; ?> !important;color: <?php echo $hover\_text\_color; ?> !important;}</style>
100
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo esc\_attr($hover\_color); ?> !important;background-color: <?php echo esc\_attr($hover\_color); ?> !important;border-bottom-color: <?php echo esc\_attr($hover\_color); ?> !important;color: <?php echo esc\_attr($hover\_text\_color); ?> !important;}</style>
101
101
<?php } ?>
102
102
<div class="wcfm-clearfix"></div><br />
wc-frontend-manager/tags/6.5.13/includes/shortcodes/class-wcfm-shortcode-follow.php
r2629284
r2630745
86
86
<div class="wcfm\_ele\_wrapper wcfm\_follow\_widget">
87
87
<div class="wcfm-clearfix"></div>
88
<a href="#" class="wcfm\_follow\_me" data-count="<?php echo $followers; ?>" data-vendor\_id="<?php echo $vendor\_id; ?>" data-user\_id="<?php echo $user\_id; ?>" style="<?php echo $button\_style; ?>"><span class="wcfmfa fa-child"></span> <span class="add\_enquiry\_label wcfm\_follow\_me\_lable"><?php echo $follow\_button\_label; ?></span></a>
88
<a href="#" class="wcfm\_follow\_me" data-count="<?php echo $followers; ?>" data-vendor\_id="<?php echo esc\_attr($vendor\_id); ?>" data-user\_id="<?php echo esc\_attr($user\_id); ?>" style="<?php echo esc\_attr($button\_style); ?>"><span class="wcfmfa fa-child"></span> <span class="add\_enquiry\_label wcfm\_follow\_me\_lable"><?php echo esc\_html($follow\_button\_label); ?></span></a>
89
89
<?php if( $base\_color ) { ?>
90
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo $base\_color; ?> !important;border-bottom-color: <?php echo $base\_color; ?> !important;}</style>
90
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo esc\_attr($base\_color); ?> !important;border-bottom-color: <?php echo esc\_attr($base\_color); ?> !important;}</style>
91
91
<?php } ?>
92
92
<div class="wcfm-clearfix"></div><br />
wc-frontend-manager/tags/6.5.13/includes/shortcodes/class-wcfm-shortcode-notification.php
r2629284
r2630745
49
49
<div class="wcfm\_sc\_notifications">
50
50
<?php if( $message && apply\_filters( 'wcfm\_is\_pref\_direct\_message', true ) && apply\_filters( 'wcfm\_is\_allow\_notifications', true ) && apply\_filters( 'wcfm\_is\_allow\_sc\_notifications', true ) ) { ?>
51
<a href="<?php echo get\_wcfm\_messages\_url( ); ?>" class="wcfmfa fa-bell text\_tip" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count message\_count"><?php echo $unread\_message; ?></span></a>
51
<a href="<?php echo esc\_url(get\_wcfm\_messages\_url( )); ?>" class="wcfmfa fa-bell text\_tip" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count message\_count"><?php echo esc\_attr($unread\_message); ?></span></a>
52
52
<?php } ?>
53
53
54
54
<?php if( $enquiry && apply\_filters( 'wcfm\_is\_pref\_enquiry', true ) && apply\_filters( 'wcfm\_is\_allow\_enquiry', true ) && apply\_filters( 'wcfm\_is\_allow\_sc\_enquiry\_notifications', true ) ) { ?>
55
<a href="<?php echo get\_wcfm\_enquiry\_url(); ?>" class="wcfmfa fa-question-circle text\_tip" data-tip="<?php \_e( 'Enquiry Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count enquiry\_count"><?php echo $unread\_enquiry; ?></span></a>
55
<a href="<?php echo esc\_url(get\_wcfm\_enquiry\_url()); ?>" class="wcfmfa fa-question-circle text\_tip" data-tip="<?php \_e( 'Enquiry Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count enquiry\_count"><?php echo esc\_attr($unread\_enquiry); ?></span></a>
56
56
<?php } ?>
57
57
58
58
<?php if( $notice && apply\_filters( 'wcfm\_is\_pref\_notice', true ) && apply\_filters( 'wcfm\_is\_allow\_notice', true ) && apply\_filters( 'wcfm\_is\_allow\_sc\_notice\_notifications', true ) ) { ?>
59
<a href="<?php echo get\_wcfm\_notices\_url( ); ?>" class="wcfmfa fa-bullhorn text\_tip" data-tip="<?php \_e( 'Notice Board', 'wc-frontend-manager' ); ?>"><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo $unread\_notice; ?></span><?php } ?></a>
59
<a href="<?php echo esc\_url(get\_wcfm\_notices\_url( )); ?>" class="wcfmfa fa-bullhorn text\_tip" data-tip="<?php \_e( 'Notice Board', 'wc-frontend-manager' ); ?>"><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo esc\_attr($unread\_notice); ?></span><?php } ?></a>
60
60
<?php } ?>
61
61
</div>
wc-frontend-manager/tags/6.5.13/templates/classic/header.php
r2629284
r2630745
24
24
<div class="wcfm-site-name">
25
25
<?php do\_action( 'wcfm\_dasboard\_header\_before' ); ?>
26
<a class="wcfm\_header\_site\_name" href="<?php echo $blog\_link; ?>"><?php echo $blog\_title; ?></a>
26
<a class="wcfm\_header\_site\_name" href="<?php echo esc\_url($blog\_link); ?>"><?php echo wp\_kses\_post($blog\_title); ?></a>
27
27
<?php do\_action( 'wcfm\_dasboard\_header\_after' ); ?>
28
28
</div>
wc-frontend-manager/tags/6.5.13/templates/default/header.php
r2629284
r2630745
24
24
<div class="wcfm-site-name">
25
25
<?php do\_action( 'wcfm\_dasboard\_header\_before' ); ?>
26
<a href="<?php echo $blog\_link; ?>"><?php echo $blog\_title; ?></a>
26
<a href="<?php echo esc\_url($blog\_link); ?>"><?php echo wp\_kses\_post($blog\_title); ?></a>
27
27
<?php do\_action( 'wcfm\_dasboard\_header\_after' ); ?>
28
28
</div>
wc-frontend-manager/tags/6.5.13/views/articles/wcfm-view-articles.php
r2629284
r2630745
48
48
else echo " | ";
49
49
?>
50
<a class="<?php echo ( $wcfmu\_articles\_menu\_key == $article\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_articles\_url( $wcfmu\_articles\_menu\_key ); ?>"><?php echo $wcfmu\_articles\_menu . ' ('. $count\_articles\[$wcfmu\_articles\_menu\_key\] .')'; ?></a>
50
<a class="<?php echo ( $wcfmu\_articles\_menu\_key == $article\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_articles\_url( $wcfmu\_articles\_menu\_key ); ?>"><?php echo esc\_html($wcfmu\_articles\_menu . ' ('. $count\_articles\[$wcfmu\_articles\_menu\_key\] .')' ); ?></a>
51
51
</li>
52
52
<?php
wc-frontend-manager/tags/6.5.13/views/customers/wcfm-view-customers-details.php
r2629284
r2630745
126
126
</div>
127
127
<div class="wcfm-clearfix"></div><br />
128
<input type="hidden" name="wcfm\_customer\_id" value="<?php echo $customer\_id; ?>" />
128
<input type="hidden" name="wcfm\_customer\_id" value="<?php echo esc\_attr($customer\_id); ?>" />
129
129
130
130
<?php do\_action( 'begin\_wcfm\_customers\_details' ); ?>
wc-frontend-manager/tags/6.5.13/views/customers/wcfm-view-customers-manage.php
r2629284
r2630745
259
259
</form>
260
260
<script type="text/javascript">
261
var selected\_bstate = '<?php echo $bstate; ?>';
262
var input\_selected\_bstate = '<?php echo $bstate; ?>';
263
var selected\_sstate = '<?php echo $sstate; ?>';
264
var input\_selected\_sstate = '<?php echo $sstate; ?>';
261
var selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
262
var input\_selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
263
var selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
264
var input\_selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
265
265
</script>
266
266
</div>
wc-frontend-manager/tags/6.5.13/views/dashboard/wcfm-view-dashboard-welcome-box.php
r2629284
r2630745
76
76
<div class="vrgt wcfm\_welcomebox\_user\_right">
77
77
<?php if( apply\_filters( 'wcfm\_is\_allow\_manage\_products', true ) ) { ?>
78
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-cube img\_tip" data-tip="<?php \_e( 'Product Limit Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo $WCFM->wcfm\_vendor\_support->wcfm\_vendor\_product\_limit\_stat( $user\_id ); ?></mark></span></div>
78
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-cube img\_tip" data-tip="<?php \_e( 'Product Limit Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo wp\_kses\_post($WCFM->wcfm\_vendor\_support->wcfm\_vendor\_product\_limit\_stat( $user\_id ) ); ?></mark></span></div>
79
79
<?php } ?>
80
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-hdd img\_tip" data-tip="<?php \_e('Disk Space Usage Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo $WCFM->wcfm\_vendor\_support->wcfm\_vendor\_space\_limit\_stat( $user\_id ); ?></mark></span></div>
80
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-hdd img\_tip" data-tip="<?php \_e('Disk Space Usage Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo wp\_kses\_post($WCFM->wcfm\_vendor\_support->wcfm\_vendor\_space\_limit\_stat( $user\_id ) ); ?></mark></span></div>
81
81
</div>
82
82
<?php } ?>
wc-frontend-manager/tags/6.5.13/views/enquiry/wcfm-view-enquiry-form.php
r2629284
r2630745
41
41
<div id="enquiry\_form\_wrapper">
42
42
<div id="enquiry\_form" class="wcfm\_popup\_wrapper">
43
<div style="margin-bottom: 15px;"><h2 style="float: none;"><?php echo $wcfm\_enquiry\_form\_heading; ?></h2></div>
43
<div style="margin-bottom: 15px;"><h2 style="float: none;"><?php echo wp\_kses\_post($wcfm\_enquiry\_form\_heading); ?></h2></div>
44
44
45
45
<form action="" method="post" id="wcfm\_enquiry\_form" class="enquiry-form" novalidate="">
…
…
213
213
<p class="form-submit">
214
214
<input name="submit" type="submit" id="wcfm\_enquiry\_submit\_button" class="submit wcfm\_popup\_button" value="<?php \_e( 'Submit', 'wc-frontend-manager' ); ?>">
215
<input type="hidden" name="product\_id" value="<?php echo $product\_id; ?>" id="enquiry\_product\_id">
216
<input type="hidden" name="vendor\_id" value="<?php echo $vendor\_id; ?>" id="enquiry\_vendor\_id">
215
<input type="hidden" name="product\_id" value="<?php echo esc\_attr($product\_id); ?>" id="enquiry\_product\_id">
216
<input type="hidden" name="vendor\_id" value="<?php echo esc\_attr($vendor\_id); ?>" id="enquiry\_vendor\_id">
217
217
</p>
218
218
<input type="hidden" name="wcfm\_nonce" value="<?php echo wp\_create\_nonce( 'wcfm\_enquiry' ); ?>" />
wc-frontend-manager/tags/6.5.13/views/enquiry/wcfm-view-enquiry-manage.php
r2629284
r2630745
106
106
<div id="enquiry\_manage\_general\_expander" class="wcfm-content">
107
107
<div class="inquiry\_content">
108
<?php echo $inquiry\_content; ?>
108
<?php echo wp\_kses\_post($inquiry\_content); ?>
109
109
<div class="wcfm\_clearfix"></div>
110
110
</div>
…
…
152
152
?>
153
153
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( $wcfm\_enquiry\_meta\_value->key, 'wc-frontend-manager'); ?></strong></p>
154
<span class="wcfm\_vendor\_store\_info"><?php echo $wcfm\_enquiry\_meta\_value->value; ?></span>
154
<span class="wcfm\_vendor\_store\_info"><?php echo wp\_kses\_post($wcfm\_enquiry\_meta\_value->value); ?></span>
155
155
<div class="wcfm\_clearfix"></div>
156
156
<?php
…
…
173
173
<?php } ?>
174
174
<?php if( apply\_filters( 'wcfm\_allow\_view\_customer\_email', true ) ) { ?>
175
<br /><?php echo $inquiry\_customer\_email; ?>
175
<br /><?php echo esc\_attr($inquiry\_customer\_email); ?>
176
176
<?php } ?>
177
177
</span>
…
…
197
197
<!-- collapsible -->
198
198
<div class="wcfm-container">
199
<div id="inquiry\_reply\_<?php echo $wcfm\_enquiry\_reply->ID; ?>" class="inquiry\_reply wcfm-content">
199
<div id="inquiry\_reply\_<?php echo esc\_attr($wcfm\_enquiry\_reply->ID); ?>" class="inquiry\_reply wcfm-content">
200
200
<div class="inquiry\_reply\_author">
201
201
<?php
…
…
227
227
$display\_name = $userdata->display\_name;
228
228
if( $first\_name ) {
229
echo $first\_name . ' ' . $last\_name;
229
echo esc\_html($first\_name . ' ' . $last\_name);
230
230
} else {
231
echo $display\_name;
231
echo esc\_html($display\_name);
232
232
}
233
233
}
…
…
237
237
</div>
238
238
<div class="inquiry\_reply\_content">
239
<?php echo $wcfm\_enquiry\_reply->reply; ?>
239
<?php echo wp\_kses\_post($wcfm\_enquiry\_reply->reply); ?>
240
240
241
241
<?php
wc-frontend-manager/tags/6.5.13/views/enquiry/wcfm-view-enquiry-tab.php
r2629284
r2630745
43
43
<?php if( !apply\_filters( 'wcfm\_is\_pref\_enquiry\_button', true ) ) { ?>
44
44
<div class="wcfm-clearfix"></div>
45
<p><span class="add\_enquiry" data-store="<?php echo $vendor\_id; ?>" data-product="<?php echo $product\_id; ?>"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></span></p>
45
<p><span class="add\_enquiry" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="<?php echo esc\_attr($product\_id); ?>"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></span></p>
46
46
<div class="wcfm-clearfix"></div>
47
47
<?php } ?>
…
…
55
55
foreach( $enquiries as $enquiry\_data ) {
56
56
?>
57
<li class="wcfm\_enquiry\_item comment byuser comment-author-vnd bypostauthor even thread-even depth-1" id="li-enquiry-<?php echo $enquiry\_data->ID; ?>">
58
<div id="enquiry-<?php echo $enquiry\_data->ID; ?>" class="wcfm\_enquiry\_container comment\_container">
57
<li class="wcfm\_enquiry\_item comment byuser comment-author-vnd bypostauthor even thread-even depth-1" id="li-enquiry-<?php echo esc\_attr($enquiry\_data->ID); ?>">
58
<div id="enquiry-<?php echo esc\_attr($enquiry\_data->ID); ?>" class="wcfm\_enquiry\_container comment\_container">
59
59
<div class="comment-text">
60
60
<div class="enquiry-by"><span style="width:60%"><span class="wcfmfa fa-clock"></span> <?php echo date\_i18n( wc\_date\_format(), strtotime( $enquiry\_data->posted ) ); ?></span></div>
61
61
<p class="meta">
62
<strong class="woocommerce-review\_\_author"><?php echo $enquiry\_data->enquiry; ?></strong>
62
<strong class="woocommerce-review\_\_author"><?php echo wp\_kses\_post($enquiry\_data->enquiry); ?></strong>
63
63
<?php if( apply\_filters( 'wcfm\_is\_allow\_enquery\_tab\_customer\_show', true ) ) { ?>
64
64
<span class="woocommerce-review\_\_dash">–</span>
wc-frontend-manager/tags/6.5.13/views/enquiry/wcfm-view-my-account-enquiry-manage.php
r2629284
r2630745
81
81
<div id="inquiry\_manage\_general\_expander" class="wcfm-content">
82
82
<div class="inquiry\_content">
83
<?php echo $inquiry\_content; ?>
83
<?php echo wp\_kses\_post($inquiry\_content); ?>
84
84
<div class="wcfm\_clearfix"></div>
85
85
</div>
…
…
129
129
?>
130
130
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( $wcfm\_enquiry\_meta\_value->key, 'wc-frontend-manager'); ?></strong></p>
131
<span class="wcfm\_vendor\_store\_info"><?php echo $wcfm\_enquiry\_meta\_value->value; ?></span>
131
<span class="wcfm\_vendor\_store\_info"><?php echo wp\_kses\_post($wcfm\_enquiry\_meta\_value->value); ?></span>
132
132
<div class="wcfm\_clearfix"></div>
133
133
<?php
…
…
158
158
<!-- collapsible -->
159
159
<div class="wcfm-container">
160
<div id="inquiry\_reply\_<?php echo $wcfm\_inquiry\_reply->ID; ?>" class="inquiry\_reply wcfm-content">
160
<div id="inquiry\_reply\_<?php echo esc\_attr($wcfm\_inquiry\_reply->ID); ?>" class="inquiry\_reply wcfm-content">
161
161
<div class="inquiry\_reply\_author">
162
162
<?php
…
…
194
194
}
195
195
}
196
echo $author\_label;
196
echo esc\_html($author\_label);
197
197
} else {
198
198
\_e( 'Keymaster', 'wc-frontend-manager' );
…
…
202
202
</div>
203
203
<div class="inquiry\_reply\_content">
204
<?php echo $wcfm\_inquiry\_reply->reply; ?>
204
<?php echo wp\_kses\_post($wcfm\_inquiry\_reply->reply); ?>
205
205
206
206
<?php
wc-frontend-manager/tags/6.5.13/views/enquiry/wcfm-view-my-account-enquiry.php
r2629284
r2630745
53
53
<tr class="woocommerce-enquiry-table\_\_row woocommerce-enquiry-table\_\_row--status-completed enquiry">
54
54
<td class="woocommerce-enquiry-table\_\_cell woocommerce-enquiry-table\_\_cell-enquiry-number" data-title="<?php \_e( 'Query', 'wc-frontend-manager' ); ?>">
55
<a href="<?php echo $myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID; ?>"><?php echo $wcfm\_enquiry->enquiry; ?></a>
55
<a href="<?php echo esc\_url($myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID); ?>"><?php echo $wcfm\_enquiry->enquiry; ?></a>
56
56
</td>
57
57
<td class="woocommerce-enquiry-table\_\_cell woocommerce-enquiry-table\_\_cell-enquiry-category" data-title="<?php \_e( 'Product', 'wc-frontend-manager' ); ?>">
…
…
73
73
$additional\_info = '–';
74
74
}
75
echo $additional\_info;
75
echo wp\_kses\_post($additional\_info);
76
76
?>
77
77
</td>
78
78
<?php } ?>
79
79
<td class="woocommerce-enquiry-table\_\_cell woocommerce-enquiry-table\_\_cell-enquiry-actions" data-title="<?php \_e( 'Actions', 'wc-frontend-manager' ); ?>">
80
<a href="<?php echo $myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID; ?>" class="woocommerce-button button view"><?php \_e( 'View', 'wc-frontend-manager' ); ?></a>
80
<a href="<?php echo esc\_url($myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID); ?>" class="woocommerce-button button view"><?php \_e( 'View', 'wc-frontend-manager' ); ?></a>
81
81
</td>
82
82
</tr>
wc-frontend-manager/tags/6.5.13/views/integrations/wcfm-view-epeken-products-manage.php
r2629284
r2630745
59
59
foreach($origins as $origin) {
60
60
?>
61
<option value=<?php echo $origin\["origin\_code"\]; ?> <?php if ($product\_origin === $origin\["origin\_code"\]) echo " selected";?>> <?php echo $origin\["kota\_kabupaten"\];?></option>
61
<option value=<?php echo esc\_attr($origin\["origin\_code"\]); ?> <?php if ($product\_origin === $origin\["origin\_code"\]) echo " selected";?>> <?php echo esc\_html($origin\["kota\_kabupaten"\]);?></option>
62
62
<?php
63
63
}
wc-frontend-manager/tags/6.5.13/views/listings/wcfm-view-listings.php
r2629284
r2630745
63
63
else echo " | ";
64
64
?>
65
<a class="<?php echo ( $wcfm\_listings\_menus\_key == $listing\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_listings\_url( $wcfm\_listings\_menus\_key ); ?>"><?php echo $wcfm\_listings\_menu . ' ('. $count\_listings\[$wcfm\_listings\_menus\_key\] .')'; ?></a>
65
<a class="<?php echo ( $wcfm\_listings\_menus\_key == $listing\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_listings\_url( $wcfm\_listings\_menus\_key ); ?>"><?php echo esc\_html($wcfm\_listings\_menu . ' ('. $count\_listings\[$wcfm\_listings\_menus\_key\] .')'); ?></a>
66
66
</li>
67
67
<?php
wc-frontend-manager/tags/6.5.13/views/messages/wcfm-view-messages.php
r2629284
r2630745
61
61
<option value='all'><?php esc\_html\_e( 'All', 'wc-frontend-manager' ); ?></option>
62
62
<?php foreach( $message\_types as $message\_type => $message\_type\_label ) { ?>
63
<option value='<?php echo $message\_type; ?>' <?php selected( $message\_type, $selected\_type, true ); ?>><?php echo $message\_type\_label; ?></option>
63
<option value='<?php echo esc\_attr($message\_type); ?>' <?php selected( $message\_type, $selected\_type, true ); ?>><?php echo esc\_html($message\_type\_label); ?></option>
64
64
<?php } ?>
65
65
</select>
wc-frontend-manager/tags/6.5.13/views/notice/wcfm-view-notice-view.php
r2629284
r2630745
59
59
60
60
<div class="wcfm-container wcfm-top-element-container">
61
<h2><?php echo $topic\_title; ?></h2>
61
<h2><?php echo wp\_kses\_post($topic\_title); ?></h2>
62
62
63
63
<?php
64
64
echo '<a id="add\_new\_notice\_dashboard" class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.get\_wcfm\_notices\_url().'" data-tip="' . \_\_('Topics', 'wc-frontend-manager') . '"><span class="wcfmfa fa-bullhorn"></span><span class="text">' . \_\_( 'Topics', 'wc-frontend-manager') . '</span></a>';
65
65
if( current\_user\_can('administrator') ) {
66
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.get\_wcfm\_notice\_manage\_url($notice\_id).'" data-tip="' . \_\_('Edit Topic', 'wc-frontend-manager') . '"><span class="wcfmfa fa-edit"></span><span class="text">' . \_\_( 'Edit', 'wc-frontend-manager') . '</span></a>';
66
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.esc\_url(get\_wcfm\_notice\_manage\_url($notice\_id)).'" data-tip="' . \_\_('Edit Topic', 'wc-frontend-manager') . '"><span class="wcfmfa fa-edit"></span><span class="text">' . \_\_( 'Edit', 'wc-frontend-manager') . '</span></a>';
67
67
}
68
68
?>
…
…
76
76
<div class="wcfm-container">
77
77
<div id="notice\_manage\_general\_expander" class="wcfm-content">
78
<?php echo $topic\_content; ?>
78
<?php echo wp\_kses\_post($topic\_content); ?>
79
79
<div class="topic\_date"><span class="wcfmfa fa-clock"></span> <?php echo date\_i18n( wc\_date\_format() . ' ' . wc\_time\_format(), strtotime( $notice\_post->date\_created ) ); ?></div>
80
80
</div>
…
…
116
116
<!-- collapsible -->
117
117
<div class="wcfm-container">
118
<div id="topic\_reply\_<?php echo $wcfm\_notice\_reply->ID; ?>" class="topic\_reply wcfm-content">
118
<div id="topic\_reply\_<?php echo esc\_attr($wcfm\_notice\_reply->ID); ?>" class="topic\_reply wcfm-content">
119
119
<div class="topic\_reply\_author">
120
120
<?php
…
…
133
133
$display\_name = $userdata->display\_name;
134
134
if( $first\_name ) {
135
echo $first\_name . ' ' . $last\_name;
135
echo esc\_html($first\_name . ' ' . $last\_name);
136
136
} else {
137
echo $display\_name;
137
echo esc\_html($display\_name);
138
138
}
139
139
?>
…
…
141
141
</div>
142
142
<div class="topic\_reply\_content">
143
<?php echo $wcfm\_notice\_reply->post\_content; ?>
143
<?php echo wp\_kses\_post($wcfm\_notice\_reply->post\_content); ?>
144
144
</div>
145
145
</div>
wc-frontend-manager/tags/6.5.13/views/products-manager/wcfm-view-customfield-products-manage.php
r2629284
r2630745
38
38
$exclude\_product\_type\_classes = "non-" . implode( " non-", $exclude\_product\_types );
39
39
?>
40
<div class="page\_collapsible products\_manage\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?> <?php echo $allowed\_product\_type\_classes; ?> <?php echo $exclude\_product\_type\_classes; ?>" id="wcfm\_products\_manage\_form\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?>\_head"><label class="wcfmfa fa-<?php echo ($wpcf\_icons\[$wpcf\_index\]) ? $wpcf\_icons\[$wpcf\_index\] : 'snowflake-o'; ?>"></label><?php echo wcfm\_removeslashes( \_\_( $wcfm\_product\_custom\_field\['block\_name'\], 'wc-frontend-manager') ); ?><span></span></div>
41
<div class="wcfm-container <?php echo $allowed\_product\_type\_classes; ?> <?php echo $exclude\_product\_type\_classes; ?>">
40
<div class="page\_collapsible products\_manage\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?> <?php echo esc\_attr($allowed\_product\_type\_classes); ?> <?php echo esc\_attr($exclude\_product\_type\_classes); ?>" id="wcfm\_products\_manage\_form\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?>\_head"><label class="wcfmfa fa-<?php echo ($wpcf\_icons\[$wpcf\_index\]) ? $wpcf\_icons\[$wpcf\_index\] : 'snowflake-o'; ?>"></label><?php echo wcfm\_removeslashes( \_\_( $wcfm\_product\_custom\_field\['block\_name'\], 'wc-frontend-manager') ); ?><span></span></div>
41
<div class="wcfm-container <?php echo esc\_attr($allowed\_product\_type\_classes); ?> <?php echo esc\_attr($exclude\_product\_type\_classes); ?>">
42
42
<div id="wcfm\_products\_manage\_form\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?>\_expander" class="wcfm-content">
43
43
<h2><?php echo wcfm\_removeslashes( \_\_( $wcfm\_product\_custom\_field\['block\_name'\], 'wc-frontend-manager') ); ?></h2>
wc-frontend-manager/tags/6.5.13/views/products-popup/wcfm-view-product-popup.php
r2629284
r2630745
158
158
<?php if( apply\_filters( 'wcfm\_is\_allow\_product\_category', true ) ) { $ptax\_custom\_arrtibutes = apply\_filters( 'wcfm\_taxonomy\_custom\_attributes', array(), 'product\_cat' ); ?>
159
159
<p class="wcfm\_title"><strong><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( 'Categories', 'wc-frontend-manager' ), 'product\_cat' ); ?></strong></p><label class="screen-reader-text" for="product\_cats"><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( 'Categories', 'wc-frontend-manager' ), 'product\_cat' ); ?></label>
160
<select id="product\_cats" name="product\_cats\[\]" class="wcfm-select wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo $catlimit; ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
160
<select id="product\_cats" name="product\_cats\[\]" class="wcfm-select wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo esc\_attr($catlimit); ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
161
161
<?php
162
162
if ( $product\_categories ) {
…
…
188
188
$taxonomy\_limit = apply\_filters( 'wcfm\_taxonomy\_limit', -1, $product\_taxonomy->name );
189
189
?>
190
<p class="wcfm\_title"><strong><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></strong></p><label class="screen-reader-text" for="<?php echo $product\_taxonomy->name; ?>"><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></label>
191
<select id="<?php echo $product\_taxonomy->name; ?>" name="product\_custom\_taxonomies\[<?php echo $product\_taxonomy->name; ?>\]\[\]" class="wcfm-select product\_taxonomies wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo $taxonomy\_limit; ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
190
<p class="wcfm\_title"><strong><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></strong></p><label class="screen-reader-text" for="<?php echo esc\_attr($product\_taxonomy->name); ?>"><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></label>
191
<select id="<?php echo esc\_attr($product\_taxonomy->name); ?>" name="product\_custom\_taxonomies\[<?php echo esc\_attr($product\_taxonomy->name); ?>\]\[\]" class="wcfm-select product\_taxonomies wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo esc\_attr($taxonomy\_limit); ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
192
192
<?php
193
193
$product\_taxonomy\_terms = get\_terms( $product\_taxonomy->name, 'orderby=name&hide\_empty=0&parent=0' );
wc-frontend-manager/tags/6.5.13/views/products/wcfm-view-products.php
r2629284
r2630745
60
60
else echo " | ";
61
61
?>
62
<a class="<?php echo ( $wcfmu\_products\_menu\_key == $product\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_products\_url( $wcfmu\_products\_menu\_key ); ?>"><?php echo $wcfmu\_products\_menu . ' ('. $count\_products\[$wcfmu\_products\_menu\_key\] .')'; ?></a>
62
<a class="<?php echo ( $wcfmu\_products\_menu\_key == $product\_status ) ? 'active' : ''; ?>" href="<?php echo esc\_url(get\_wcfm\_products\_url( $wcfmu\_products\_menu\_key )); ?>"><?php echo esc\_html( $wcfmu\_products\_menu . ' ('. $count\_products\[$wcfmu\_products\_menu\_key\] .')' ); ?></a>
63
63
</li>
64
64
<?php
wc-frontend-manager/tags/6.5.13/views/profile/wcfm-view-profile.php
r2629284
r2630745
362
362
</form>
363
363
<script type="text/javascript">
364
var selected\_bstate = '<?php echo $bstate; ?>';
365
var input\_selected\_bstate = '<?php echo $bstate; ?>';
366
var selected\_sstate = '<?php echo $sstate; ?>';
367
var input\_selected\_sstate = '<?php echo $sstate; ?>';
364
var selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
365
var input\_selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
366
var selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
367
var input\_selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
368
368
</script>
369
369
<?php
wc-frontend-manager/tags/6.5.13/views/reports/wcfm-html-report-sales-by-date.php
r2629284
r2630745
45
45
<ul class="chart-legend">
46
46
<?php foreach ( $legends as $legend ) : ?>
47
<li style="border-color: <?php echo $legend\['color'\]; ?>" <?php if ( isset( $legend\['highlight\_series'\] ) ) echo 'class="highlight\_series ' . ( isset( $legend\['placeholder'\] ) ? 'tips' : '' ) . '" data-series="' . esc\_attr( $legend\['highlight\_series'\] ) . '"'; ?> data-tip="<?php echo isset( $legend\['placeholder'\] ) ? $legend\['placeholder'\] : ''; ?>">
48
<?php echo $legend\['title'\]; ?>
47
<li style="border-color: <?php echo esc\_attr($legend\['color'\]); ?>" <?php if ( isset( $legend\['highlight\_series'\] ) ) echo 'class="highlight\_series ' . ( isset( $legend\['placeholder'\] ) ? 'tips' : '' ) . '" data-series="' . esc\_attr( $legend\['highlight\_series'\] ) . '"'; ?> data-tip="<?php echo isset( $legend\['placeholder'\] ) ? esc\_attr($legend\['placeholder'\]) : ''; ?>">
48
<?php echo wp\_kses\_post($legend\['title'\]); ?>
49
49
</li>
50
50
<?php endforeach; ?>
…
…
54
54
<?php foreach ( $wcfm\_report\_sales\_by\_date->get\_chart\_widgets() as $widget ) : ?>
55
55
<li class="chart-widget">
56
<?php if ( $widget\['title'\] ) : ?><h4><?php echo $widget\['title'\]; ?></h4><?php endif; ?>
56
<?php if ( $widget\['title'\] ) : ?><h4><?php echo wp\_kses\_post($widget\['title'\]); ?></h4><?php endif; ?>
57
57
<?php call\_user\_func( $widget\['callback'\] ); ?>
58
58
</li>
wc-frontend-manager/tags/6.5.13/views/reports/wcfm-view-reports-menu.php
r2629284
r2630745
27
27
else echo " | ";
28
28
?>
29
<a class="<?php echo isset( $wp->query\_vars\['wcfm-reports-' . $wcfm\_reports\_menu\_key\] ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_reports\_url( '', 'wcfm-reports-' . $wcfm\_reports\_menu\_key ); ?>"><?php echo $wcfm\_reports\_menu; ?></a>
29
<a class="<?php echo isset( $wp->query\_vars\['wcfm-reports-' . $wcfm\_reports\_menu\_key\] ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_reports\_url( '', 'wcfm-reports-' . $wcfm\_reports\_menu\_key ); ?>"><?php echo esc\_html($wcfm\_reports\_menu); ?></a>
30
30
</li>
31
31
<?php
wc-frontend-manager/tags/6.5.13/views/reports/wcfm-view-reports-wcfmmarketplace-sales-by-date.php
r2629284
r2630745
124
124
<h2>
125
125
<?php
126
echo $vendor\_store;
126
echo wp\_kses\_post($vendor\_store);
127
127
?>
128
128
</h2>
wc-frontend-manager/tags/6.5.13/views/settings/wcfm-view-dokan-settings.php
r2629284
r2630745
567
567
?>
568
568
<script type="text/javascript">
569
var selected\_state = '<?php echo $state; ?>';
570
var input\_selected\_state = '<?php echo $state; ?>';
569
var selected\_state = '<?php echo esc\_attr($state); ?>';
570
var input\_selected\_state = '<?php echo esc\_attr($state); ?>';
571
571
var def\_zoomval = 12;
572
var def\_longval = '<?php echo $def\_long; ?>';
573
var def\_latval = '<?php echo $def\_lat; ?>';
572
var def\_longval = '<?php echo esc\_attr($def\_long); ?>';
573
var def\_latval = '<?php echo esc\_attr($def\_lat); ?>';
574
574
</script>
wc-frontend-manager/tags/6.5.13/views/settings/wcfm-view-settings.php
r2629284
r2630745
577
577
$product\_type\_categories = isset( $wcfm\_product\_type\_categories\[$product\_type\] ) ? $wcfm\_product\_type\_categories\[$product\_type\] : array();
578
578
?>
579
<p class="wcfm\_title catlimit\_title"><strong><?php echo $product\_type\_label . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></strong></p><label class="screen-reader-text" for="vendor\_product\_cats"><?php echo $product\_type\_label . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></label>
580
<select id="wcfm\_product\_type\_categories<?php echo $product\_type; ?>" name="wcfm\_product\_type\_categories\[<?php echo $product\_type; ?>\]\[\]" class="wcfm-select wcfm\_ele wcfm\_product\_type\_categories" multiple="multiple" data-catlimit="-1" style="width: 60%; margin-bottom: 10px;">
579
<p class="wcfm\_title catlimit\_title"><strong><?php echo esc\_html($product\_type\_label) . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></strong></p><label class="screen-reader-text" for="vendor\_product\_cats"><?php echo $product\_type\_label . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></label>
580
<select id="wcfm\_product\_type\_categories<?php echo esc\_html($product\_type); ?>" name="wcfm\_product\_type\_categories\[<?php echo $product\_type; ?>\]\[\]" class="wcfm-select wcfm\_ele wcfm\_product\_type\_categories" multiple="multiple" data-catlimit="-1" style="width: 60%; margin-bottom: 10px;">
581
581
<?php
582
582
if ( $product\_categories ) {
wc-frontend-manager/tags/6.5.13/views/settings/wcfm-view-wcfmmarketplace-settings.php
r2629284
r2630745
540
540
if (isset($client\_id) && isset($secret\_key)) {
541
541
if ( !isset( $\_GET\['marketplace\_wirecard'\] ) && isset($\_GET\['code'\])) {
542
$code = $\_GET\['code'\];
542
$code = wc\_clean($\_GET\['code'\]);
543
543
if (!is\_user\_logged\_in()) {
544
544
if (isset($\_GET\['state'\])) {
…
…
783
783
<th></th>
784
784
<td>
785
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
785
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
786
786
</td>
787
787
</tr>
…
…
805
805
<th></th>
806
806
<td>
807
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
807
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
808
808
</td>
809
809
</tr>
…
…
992
992
993
993
<script type="text/javascript">
994
var selected\_state = '<?php echo $state; ?>';
995
var input\_selected\_state = '<?php echo $state; ?>';
996
var csd\_selected\_state = '<?php echo $vendor\_csd\_return\_state; ?>';
997
var input\_csd\_state = '<?php echo $vendor\_csd\_return\_state; ?>';
994
var selected\_state = '<?php echo esc\_attr($state); ?>';
995
var input\_selected\_state = '<?php echo esc\_attr($state); ?>';
996
var csd\_selected\_state = '<?php echo esc\_attr($vendor\_csd\_return\_state); ?>';
997
var input\_csd\_state = '<?php echo esc\_attr($vendor\_csd\_return\_state); ?>';
998
998
</script>
wc-frontend-manager/tags/6.5.13/views/settings/wcfm-view-wcmarketplace-settings.php
r2629284
r2630745
282
282
<li>
283
283
<label>
284
<input type="radio" <?php checked($template, $shop\_template); ?> name="shop\_template" value="<?php echo $template; ?>" />
284
<input type="radio" <?php checked($template, $shop\_template); ?> name="shop\_template" value="<?php echo esc\_attr($template); ?>" />
285
285
<i class="wcfmfa fa-square-o" aria-hidden="true"></i>
286
286
<img src="<?php echo esc\_url($template\_image); ?>" />
…
…
332
332
if (isset($client\_id) && isset($secret\_key)) {
333
333
if (isset($\_GET\['code'\])) {
334
$code = $\_GET\['code'\];
334
$code = wc\_clean($\_GET\['code'\]);
335
335
if (!is\_user\_logged\_in()) {
336
336
if (isset($\_GET\['state'\])) {
…
…
569
569
<th></th>
570
570
<td>
571
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
571
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
572
572
</td>
573
573
</tr>
…
…
591
591
<th></th>
592
592
<td>
593
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
593
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
594
594
</td>
595
595
</tr>
…
…
788
788
</div>
789
789
<script type="text/javascript">
790
var selected\_state = '<?php echo $state; ?>';
791
var input\_selected\_state = '<?php echo $state; ?>';
790
var selected\_state = '<?php echo esc\_attr($state); ?>';
791
var input\_selected\_state = '<?php echo esc\_attr($state); ?>';
792
792
</script>
wc-frontend-manager/tags/6.5.13/views/settings/wcfm-view-wcpvendors-settings.php
r2629284
r2630745
197
197
if (isset($client\_id) && isset($secret\_key)) {
198
198
if (isset($\_GET\['code'\])) {
199
$code = $\_GET\['code'\];
199
$code = wc\_clean($\_GET\['code'\]);
200
200
if (!is\_user\_logged\_in()) {
201
201
if (isset($\_GET\['state'\])) {
…
…
420
420
<th></th>
421
421
<td>
422
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
422
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
423
423
</td>
424
424
</tr>
…
…
442
442
<th></th>
443
443
<td>
444
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
444
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
445
445
</td>
446
446
</tr>
wc-frontend-manager/tags/6.5.13/views/vendors/wcfm-view-vendors-manage.php
r2629284
r2630745
218
218
<div class="wcfm\_dashboard\_stats">
219
219
<div class="wcfm\_dashboard\_stats\_block">
220
<a href="<?php echo $stat\_box\_link; ?>">
220
<a href="<?php echo esc\_url($stat\_box\_link); ?>">
221
221
<span class="wcfmfa fa-currency"><?php echo get\_woocommerce\_currency\_symbol() ; ?></span>
222
222
<div>
…
…
233
233
234
234
<div class="wcfm\_dashboard\_stats\_block">
235
<a href="<?php echo $stat\_box\_link; ?>">
235
<a href="<?php echo esc\_url($stat\_box\_link); ?>">
236
236
<span class="wcfmfa fa-money fa-money-bill-alt"></span>
237
237
<div>
…
…
290
290
<div id="vendors\_manage\_general\_expander" class="wcfm-content">
291
291
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( 'Store', 'wc-frontend-manager' ); ?></strong></p>
292
<span class="wcfm\_vendor\_store"><?php echo $vendor\_store ?></span>
292
<span class="wcfm\_vendor\_store"><?php echo wp\_kses\_post($vendor\_store); ?></span>
293
293
<div class="wcfm\_clearfix"></div>
294
294
<?php
…
…
313
313
?>
314
314
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( 'Seller Info', 'wc-frontend-manager' ); ?></strong></p>
315
<span class="wcfm\_vendor\_store\_info"><?php echo $seller\_info ?></span>
315
<span class="wcfm\_vendor\_store\_info"><?php echo wp\_kses\_post($seller\_info); ?></span>
316
316
<div class="wcfm\_clearfix"></div>
317
317
<?php
wc-frontend-manager/tags/6.5.13/views/wc_bookings/wcfm-view-wcbookings-details.php
r2629284
r2630745
68
68
69
69
<div class="wcfm-container wcfm-top-element-container">
70
<h2><?php \_e( 'Booking #', 'wc-frontend-manager' ); echo $booking\_id; ?></h2>
70
<h2><?php \_e( 'Booking #', 'wc-frontend-manager' ); echo esc\_attr($booking\_id); ?></h2>
71
71
72
72
<?php
…
…
151
151
?>
152
152
</select>
153
<button class="wcfm\_modify\_booking\_status button" id="wcfm\_modify\_booking\_status" data-bookingid="<?php echo $booking\_id; ?>"><?php \_e( 'Update', 'wc-frontend-manager' ); ?></button>
153
<button class="wcfm\_modify\_booking\_status button" id="wcfm\_modify\_booking\_status" data-bookingid="<?php echo esc\_attr($booking\_id); ?>"><?php \_e( 'Update', 'wc-frontend-manager' ); ?></button>
154
154
</p>
155
155
<div class="wcfm-message" tabindex="-1"></div>
…
…
157
157
<div class="wcfm\_clearfix"></div><br/>
158
158
<p class="form-field form-field-wide wcfm\_booking\_confirmed\_cancel\_wrapper" style="text-align: center;">
159
<a id="wcfm\_booking\_confirmed\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo $booking\_id; ?>"><?php \_e( 'Confirm', 'wc-frontend-manager' ); ?></a>
160
<a id="wcfm\_booking\_declined\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo $booking\_id; ?>"><?php \_e( 'Decline', 'wc-frontend-manager' ); ?></a>
159
<a id="wcfm\_booking\_confirmed\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo esc\_attr($booking\_id); ?>"><?php \_e( 'Confirm', 'wc-frontend-manager' ); ?></a>
160
<a id="wcfm\_booking\_declined\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo esc\_attr($booking\_id); ?>"><?php \_e( 'Decline', 'wc-frontend-manager' ); ?></a>
161
161
<div class="wcfm\_clearfix"></div>
162
162
</p>
…
…
245
245
<?php if( apply\_filters( 'wcfm\_is\_allow\_booking\_schedule\_update', true ) ) { ?>
246
246
<form id="wcfm\_wcb\_schedule\_update\_form">
247
<input type="hidden" name="booking\_id" id="booking\_id" value="<?php echo $booking\_id; ?>" />
247
<input type="hidden" name="booking\_id" id="booking\_id" value="<?php echo esc\_attr($booking\_id); ?>" />
248
248
<p class="form-field form-field-wide">
249
249
<?php
wc-frontend-manager/tags/6.5.13/views/wc_bookings/wcfm-view-wcbookings.php
r2629284
r2630745
51
51
else echo " | ";
52
52
?>
53
<a class="<?php echo ( $wcfmu\_bookings\_menu\_key == $booking\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_bookings\_url( $wcfmu\_bookings\_menu\_key ); ?>"><?php echo $wcfmu\_bookings\_menu; ?></a>
53
<a class="<?php echo ( $wcfmu\_bookings\_menu\_key == $booking\_status ) ? 'active' : ''; ?>" href="<?php echo esc\_url(get\_wcfm\_bookings\_url( $wcfmu\_bookings\_menu\_key )); ?>"><?php echo esc\_html($wcfmu\_bookings\_menu); ?></a>
54
54
</li>
55
55
<?php
…
…
68
68
if( $wcfm\_is\_allow\_manual\_booking = apply\_filters( 'wcfm\_is\_allow\_manual\_booking', true ) ) {
69
69
if( WCFM\_Dependencies::wcfmu\_plugin\_active\_check() ) {
70
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.get\_wcfm\_create\_bookings\_url().'" data-tip="' . \_\_( 'Create Booking', 'wc-frontend-manager' ) . '"><span class="wcfmfa fa-calendar-plus"></span></a>';
70
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.esc\_url(get\_wcfm\_create\_bookings\_url()).'" data-tip="' . \_\_( 'Create Booking', 'wc-frontend-manager' ) . '"><span class="wcfmfa fa-calendar-plus"></span></a>';
71
71
}
72
72
}
…
…
101
101
<optgroup label="<?php \_e( 'By appointable product', 'wc-frontend-manager' ); ?>">
102
102
<?php foreach ( $product\_filters as $product\_filter ) : ?>
103
<option value="<?php echo $product\_filter->get\_id(); ?>"><?php echo $product\_filter->get\_name(); ?></option>
103
<option value="<?php echo esc\_attr($product\_filter->get\_id()); ?>"><?php echo wp\_kses\_post($product\_filter->get\_name()); ?></option>
104
104
<?php endforeach; ?>
105
105
</optgroup>
wc-frontend-manager/tags/6.5.13/views/wcfm-view-header-panels.php
r2629284
r2630745
62
62
63
63
<?php if( ( apply\_filters( 'wcfm\_is\_pref\_direct\_message', true ) && apply\_filters( 'wcfm\_is\_allow\_direct\_message', true ) ) || ( apply\_filters( 'wcfm\_is\_pref\_notification', true ) && apply\_filters( 'wcfm\_is\_allow\_notifications', true ) ) ) { ?>
64
<a href="<?php echo get\_wcfm\_messages\_url( ); ?>" class="wcfm\_header\_panel\_messages text\_tip <?php if( isset( $wp->query\_vars\['wcfm-messages'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bell"></i><span class="unread\_notification\_count message\_count"><?php echo $unread\_message; ?></span><div class="notification-ring"></div></a>
64
<a href="<?php echo get\_wcfm\_messages\_url( ); ?>" class="wcfm\_header\_panel\_messages text\_tip <?php if( isset( $wp->query\_vars\['wcfm-messages'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bell"></i><span class="unread\_notification\_count message\_count"><?php echo esc\_attr($unread\_message); ?></span><div class="notification-ring"></div></a>
65
65
<?php } ?>
66
66
67
67
<?php if( apply\_filters( 'wcfm\_is\_pref\_enquiry', true ) && apply\_filters( 'wcfm\_is\_allow\_enquiry', true ) ) { ?>
68
<a href="<?php echo get\_wcfm\_enquiry\_url(); ?>" class="wcfm\_header\_panel\_enquiry text\_tip <?php if( isset( $wp->query\_vars\['wcfm-enquiry'\] ) || isset( $wp->query\_vars\['wcfm-enquiry-manage'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Inquiry Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-question-circle"></i><span class="unread\_notification\_count enquiry\_count"><?php echo $unread\_enquiry; ?></span><div class="notification-ring"></div></a>
68
<a href="<?php echo get\_wcfm\_enquiry\_url(); ?>" class="wcfm\_header\_panel\_enquiry text\_tip <?php if( isset( $wp->query\_vars\['wcfm-enquiry'\] ) || isset( $wp->query\_vars\['wcfm-enquiry-manage'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Inquiry Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-question-circle"></i><span class="unread\_notification\_count enquiry\_count"><?php echo esc\_attr($unread\_enquiry); ?></span><div class="notification-ring"></div></a>
69
69
<?php } ?>
70
70
71
71
<?php if( apply\_filters( 'wcfm\_is\_pref\_notice', true ) && apply\_filters( 'wcfm\_is\_allow\_notice', true ) ) { ?>
72
<a href="<?php echo get\_wcfm\_notices\_url( ); ?>" class="wcfm\_header\_panel\_notice text\_tip <?php if( isset( $wp->query\_vars\['wcfm-notices'\] ) || isset( $wp->query\_vars\['wcfm-notice-manage'\] ) || isset( $wp->query\_vars\['wcfm-notice-view'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Announcement', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bullhorn"></i><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo $unread\_notice; ?></span><?php } ?><div class="notification-ring"></div></a>
72
<a href="<?php echo get\_wcfm\_notices\_url( ); ?>" class="wcfm\_header\_panel\_notice text\_tip <?php if( isset( $wp->query\_vars\['wcfm-notices'\] ) || isset( $wp->query\_vars\['wcfm-notice-manage'\] ) || isset( $wp->query\_vars\['wcfm-notice-view'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Announcement', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bullhorn"></i><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo esc\_attr($unread\_notice); ?></span><?php } ?><div class="notification-ring"></div></a>
73
73
<?php } ?>
74
74
wc-frontend-manager/tags/6.5.13/views/withdrawal/dokan/wcfm-view-payments.php
r2629284
r2630745
33
33
<h2>
34
34
<?php \_e( 'Transactions for: ', 'wc-frontend-manager' ); ?>
35
<span class="trans\_start\_date"><?php echo $start\_date; ?></span>
35
<span class="trans\_start\_date"><?php echo esc\_attr($start\_date); ?></span>
36
36
<?php echo ' - '; ?>
37
<span class="trans\_end\_date"><?php echo $end\_date; ?>
37
<span class="trans\_end\_date"><?php echo esc\_attr($end\_dat); ?>
38
38
</h2>
39
39
40
40
<?php
41
41
if( $wcfm\_is\_allow\_withdrawal = apply\_filters( 'wcfm\_is\_allow\_withdrawal', true ) ) {
42
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.wcfm\_withdrawal\_url().'" data-tip="'. \_\_('Withdrawal Request', 'wc-frontend-manager') .'"><span class="wcfmfa fa-currency">' . get\_woocommerce\_currency\_symbol() . '</span><span class="text">' . \_\_('Withdrawal', 'wc-frontend-manager' ) . '</span></a>';
42
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.esc\_url(wcfm\_withdrawal\_url()).'" data-tip="'. \_\_('Withdrawal Request', 'wc-frontend-manager') .'"><span class="wcfmfa fa-currency">' . get\_woocommerce\_currency\_symbol() . '</span><span class="text">' . \_\_('Withdrawal', 'wc-frontend-manager' ) . '</span></a>';
43
43
}
44
44
?>
…
…
54
54
<option value="2"><?php \_e( 'Cancelled', 'wc-frontend-manager' ); ?></option>
55
55
</select>
56
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $start\_date; ?>" style="width: 160px;" />
57
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $end\_date; ?>" style="width: 160px;" />
56
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($start\_date); ?>" style="width: 160px;" />
57
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($end\_date); ?>" style="width: 160px;" />
58
58
</div>
59
59
wc-frontend-manager/tags/6.5.13/views/withdrawal/dokan/wcfm-view-withdrawal.php
r2629284
r2630745
58
58
59
59
<div class="wcfm-container wcfm-top-element-container">
60
<h2 style="text-align: left;"><?php echo $message; ?></h2>
60
<h2 style="text-align: left;"><?php echo esc\_html($message); ?></h2>
61
61
62
62
<?php
wc-frontend-manager/tags/6.5.13/views/withdrawal/wcfm/wcfm-view-payments.php
r2629284
r2630745
39
39
<h2>
40
40
<?php \_e( 'Transactions for: ', 'wc-frontend-manager' ); ?>
41
<span class="trans\_start\_date"><?php echo $start\_date; ?></span>
41
<span class="trans\_start\_date"><?php echo esc\_attr($start\_date); ?></span>
42
42
<?php echo ' - '; ?>
43
<span class="trans\_end\_date"><?php echo $end\_date; ?>
43
<span class="trans\_end\_date"><?php echo esc\_attr($end\_date); ?>
44
44
</h2>
45
45
wc-frontend-manager/tags/6.5.13/views/withdrawal/wcmp/wcfm-view-payments.php
r2629284
r2630745
33
33
<h2>
34
34
<?php \_e( 'Transactions for: ', 'wc-frontend-manager' ); ?>
35
<span class="trans\_start\_date"><?php echo $start\_date; ?></span>
35
<span class="trans\_start\_date"><?php echo esc\_attr($start\_date); ?></span>
36
36
<?php echo ' - '; ?>
37
<span class="trans\_end\_date"><?php echo $end\_date; ?>
37
<span class="trans\_end\_date"><?php echo esc\_attr($end\_date); ?>
38
38
</h2>
39
39
…
…
50
50
51
51
<div class="wcfm\_payments\_filter\_wrap wcfm\_filters\_wrap">
52
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $start\_date; ?>" style="width: 160px;" />
53
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $end\_date; ?>" style="width: 160px;" />
52
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($start\_date); ?>" style="width: 160px;" />
53
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($end\_date); ?>" style="width: 160px;" />
54
54
</div>
55
55
wc-frontend-manager/tags/6.5.13/views/withdrawal/wcmp/wcfm-view-transaction-details.php
r2629284
r2630745
41
41
42
42
<div class="wcfm-container wcfm-top-element-container">
43
<h2><?php \_e( 'Transaction #', 'wc-frontend-manager' ); echo $transaction\_id; ?></h2>
43
<h2><?php \_e( 'Transaction #', 'wc-frontend-manager' ); echo esc\_attr($transaction\_id); ?></h2>
44
44
<span class="transaction-status transaction-status-<?php echo sanitize\_title( $transaction->post\_status ); ?>"><?php echo ucfirst( str\_replace( 'wcmp\_', '', $transaction->post\_status ) ); ?></span>
45
45
wc-frontend-manager/trunk/controllers/articles/wcfm-controller-articles-manage.php
r2571321
r2630745
70
70
'post\_status' => $article\_status,
71
71
'post\_type' => 'post',
72
'post\_excerpt' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
73
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
72
'post\_excerpt' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
73
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
74
74
'post\_author' => $current\_user\_id,
75
75
'post\_name' => sanitize\_title($wcfm\_articles\_manage\_form\_data\['title'\])
wc-frontend-manager/trunk/controllers/articles/wcfm-controller-articles.php
r2629284
r2630745
116
116
// Thumb
117
117
if( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) {
118
$wcfm\_articles\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '"><img width="40" height="40" class="attachment-thumbnail size-thumbnail wp-post-image" src="' . esc\_url(get\_the\_post\_thumbnail\_url( $wcfm\_articles\_single->ID )) . '" /></a>';
118
$wcfm\_articles\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '"><img width="40" height="40" class="attachment-thumbnail size-thumbnail wp-post-image" src="' . esc\_url(get\_the\_post\_thumbnail\_url( $wcfm\_articles\_single->ID )) . '" /></a>';
119
119
} else {
120
120
$wcfm\_articles\_json\_arr\[$index\]\[\] = '<img width="40" height="40" class="attachment-thumbnail size-thumbnail wp-post-image" src="' . esc\_url(get\_the\_post\_thumbnail\_url( $wcfm\_articles\_single->ID )) . '" />';
…
…
123
123
// Title
124
124
if( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) {
125
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
125
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
126
126
} else {
127
127
if( $wcfm\_articles\_single->post\_status == 'publish' ) {
128
128
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', $wcfm\_articles\_single->post\_title, $wcfm\_articles\_single->ID );
129
129
} elseif( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) {
130
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
130
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', '<a href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '" class="wcfm\_article\_title wcfm\_dashboard\_item\_title">' . $wcfm\_articles\_single->post\_title . '</a>', $wcfm\_articles\_single->ID );
131
131
} else {
132
132
$wcfm\_articles\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_article\_title\_dashboard', $wcfm\_articles\_single->post\_title, $wcfm\_articles\_single->ID );
…
…
164
164
165
165
// Action
166
$actions = '<a class="wcfm-action-icon" target="\_blank" href="' . get\_permalink( $wcfm\_articles\_single->ID ) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View', 'wc-frontend-manager' ) . '"></span></a>';
166
$actions = '<a class="wcfm-action-icon" target="\_blank" href="' . esc\_url(get\_permalink( $wcfm\_articles\_single->ID )) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View', 'wc-frontend-manager' ) . '"></span></a>';
167
167
168
168
if( $wcfm\_articles\_single->post\_status == 'publish' ) {
169
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
170
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm-action-icon wcfm\_article\_delete" href="#" data-articleid="' . $wcfm\_articles\_single->ID . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
169
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
170
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm-action-icon wcfm\_article\_delete" href="#" data-articleid="' . esc\_attr($wcfm\_articles\_single->ID) . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
171
171
} else {
172
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID ) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
173
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm\_article\_delete wcfm-action-icon" href="#" data-articleid="' . $wcfm\_articles\_single->ID . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
172
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_edit\_articles', true ) ) ? '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_articles\_manage\_url( $wcfm\_articles\_single->ID )) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
173
$actions .= ( apply\_filters( 'wcfm\_is\_allow\_delete\_articles', true ) ) ? '<a class="wcfm\_article\_delete wcfm-action-icon" href="#" data-articleid="' . esc\_attr($wcfm\_articles\_single->ID) . '"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="' . esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ) . '"></span></a>' : '';
174
174
}
175
175
wc-frontend-manager/trunk/controllers/coupons/wcfm-controller-coupons.php
r2160755
r2630745
83
83
// Code
84
84
if( $wcfm\_coupons\_single->post\_status != 'publish' ) {
85
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>' . ' -- ' . \_\_( ucfirst( $wcfm\_coupons\_single->post\_status ), 'wc-frontend-manager' );
85
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>' . ' -- ' . \_\_( ucfirst( $wcfm\_coupons\_single->post\_status ), 'wc-frontend-manager' );
86
86
} elseif( current\_user\_can( 'edit\_published\_shop\_coupons' ) && apply\_filters( 'wcfm\_is\_allow\_edit\_coupons', true ) ) {
87
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>';
87
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</a>';
88
88
} else {
89
89
$wcfm\_coupons\_json\_arr\[$index\]\[\] = '<span class="wcfm\_dashboard\_item\_title">' . $wcfm\_coupons\_single->post\_title . '</span>';
…
…
117
117
$actions = '';
118
118
if( $wcfm\_coupons\_single->post\_status == 'publish' ) {
119
$actions .= ( current\_user\_can( 'edit\_published\_shop\_coupons' ) && apply\_filters( 'wcfm\_is\_allow\_edit\_coupons', true ) ) ? '<a class="wcfm-action-icon" href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
119
$actions .= ( current\_user\_can( 'edit\_published\_shop\_coupons' ) && apply\_filters( 'wcfm\_is\_allow\_edit\_coupons', true ) ) ? '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>' : '';
120
120
} else {
121
$actions .= '<a class="wcfm-action-icon" href="' . get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
121
$actions .= '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_coupons\_manage\_url($wcfm\_coupons\_single->ID)) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
122
122
}
123
123
$wcfm\_coupons\_json\_arr\[$index\]\[\] = apply\_filters ( 'wcfm\_coupons\_actions', $actions, $wcfm\_coupons\_single );
wc-frontend-manager/trunk/controllers/customers/wcfm-controller-customers-details.php
r2370721
r2630745
117
117
118
118
if( apply\_filters( 'wcfm\_is\_allow\_order\_details', true ) && $WCFM->wcfm\_vendor\_support->wcfm\_is\_order\_for\_vendor( $wcfm\_orders\_single->order\_id ) ) {
119
$wcfm\_orders\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_view\_order\_url($wcfm\_orders\_single->ID, $the\_order) . '" class="wcfm\_dashboard\_item\_title">#' . esc\_attr( $the\_order->get\_order\_number() ) . '</a>' . ' ' . \_\_( 'by', 'wc-frontend-manager' ) . ' ' . $username;
119
$wcfm\_orders\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_view\_order\_url($wcfm\_orders\_single->ID, $the\_order)) . '" class="wcfm\_dashboard\_item\_title">#' . esc\_attr( $the\_order->get\_order\_number() ) . '</a>' . ' ' . \_\_( 'by', 'wc-frontend-manager' ) . ' ' . $username;
120
120
} else {
121
121
$wcfm\_orders\_json\_arr\[$index\]\[\] = '<span class="wcfm\_dashboard\_item\_title">#' . esc\_attr( $the\_order->get\_order\_number() ) . '</span>' . ' ' . \_\_( 'by', 'wc-frontend-manager' ) . ' ' . $username;
…
…
481
481
482
482
// Appointment
483
$appointment\_label = '<a href="' . get\_wcfm\_view\_appointment\_url($wcfm\_appointments\_single->ID, $the\_appointment) . '" class="wcfm\_appointment\_title">#' . $wcfm\_appointments\_single->ID . '</a>';
483
$appointment\_label = '<a href="' . esc\_url(get\_wcfm\_view\_appointment\_url($wcfm\_appointments\_single->ID, $the\_appointment)) . '" class="wcfm\_appointment\_title">#' . $wcfm\_appointments\_single->ID . '</a>';
484
484
485
485
$customer = $the\_appointment->get\_customer();
…
…
529
529
if ( $the\_order ) {
530
530
if( apply\_filters( 'wcfm\_is\_allow\_order\_details', true ) && $WCFM->wcfm\_vendor\_support->wcfm\_is\_order\_for\_vendor( $the\_order->get\_order\_number() ) ) {
531
$wcfm\_appointments\_json\_arr\[$index\]\[\] = '<span class="appointment-orderno"><a href="' . get\_wcfm\_view\_order\_url( $the\_order->get\_order\_number(), $the\_order ) . '">#' . $the\_order->get\_order\_number() . '</a></span><br />' . esc\_html( wc\_get\_order\_status\_name( $the\_order->get\_status() ) );
531
$wcfm\_appointments\_json\_arr\[$index\]\[\] = '<span class="appointment-orderno"><a href="' . esc\_url(get\_wcfm\_view\_order\_url( $the\_order->get\_order\_number(), $the\_order )) . '">#' . $the\_order->get\_order\_number() . '</a></span><br />' . esc\_html( wc\_get\_order\_status\_name( $the\_order->get\_status() ) );
532
532
} else {
533
533
$wcfm\_appointments\_json\_arr\[$index\]\[\] = '<span class="appointment-orderno">#' . $the\_order->get\_order\_number() . '</span><br /> ' . esc\_html( wc\_get\_order\_status\_name( $the\_order->get\_status() ) );
…
…
548
548
if ( in\_array( $the\_appointment->get\_status(), array( 'pending-confirmation' ) ) ) $actions = '<a class="wcfm\_appointment\_mark\_confirm wcfm-action-icon" href="#" data-appointmentid="' . $wcfm\_appointments\_single->ID . '"><span class="wcfmfa fa-check-circle text\_tip" data-tip="' . esc\_attr\_\_( 'Mark as Confirmed', 'wc-frontend-manager' ) . '"></span></a>';
549
549
}
550
$actions .= apply\_filters ( 'wcfm\_appointments\_actions', '<a class="wcfm-action-icon" href="' . get\_wcfm\_view\_appointment\_url( $wcfm\_appointments\_single->ID, $the\_appointment ) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View Details', 'wc-frontend-manager' ) . '"></span></a>', $wcfm\_appointments\_single, $the\_appointment );
550
$actions .= apply\_filters ( 'wcfm\_appointments\_actions', '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_view\_appointment\_url( $wcfm\_appointments\_single->ID, $the\_appointment )) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View Details', 'wc-frontend-manager' ) . '"></span></a>', $wcfm\_appointments\_single, $the\_appointment );
551
551
$wcfm\_appointments\_json\_arr\[$index\]\[\] = $actions;
552
552
wc-frontend-manager/trunk/controllers/customers/wcfm-controller-customers-manage.php
r2571321
r2630745
199
199
$author\_is\_vendor = 1;
200
200
$message\_to = 0;
201
$wcfm\_messages = sprintf( \_\_( 'A new customer <b>%s</b> added to the store by <b>%s</b>', 'wc-frontend-manager' ), '<a class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_customers\_details\_url( $customer\_id ) . '">' . $wcfm\_customer\_form\_data\['first\_name'\] . ' ' . $wcfm\_customer\_form\_data\['last\_name'\] . '</a>', get\_user\_by( 'id', $author\_id )->display\_name );
201
$wcfm\_messages = sprintf( \_\_( 'A new customer <b>%s</b> added to the store by <b>%s</b>', 'wc-frontend-manager' ), '<a class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_customers\_details\_url( $customer\_id )) . '">' . $wcfm\_customer\_form\_data\['first\_name'\] . ' ' . $wcfm\_customer\_form\_data\['last\_name'\] . '</a>', get\_user\_by( 'id', $author\_id )->display\_name );
202
202
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( $author\_id, $message\_to, $author\_is\_admin, $author\_is\_vendor, $wcfm\_messages, 'new\_customer' );
203
203
}
wc-frontend-manager/trunk/controllers/customers/wcfm-controller-customers.php
r2216216
r2630745
150
150
}
151
151
if( apply\_filters( 'wcfm\_is\_allow\_view\_customer', true ) ) {
152
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_customers\_details\_url($wcfm\_customers\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_customers\_display\_name\_data', $customer\_name, $wcfm\_customers\_single->ID ) . '</a>';
152
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_customers\_details\_url($wcfm\_customers\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_customers\_display\_name\_data', $customer\_name, $wcfm\_customers\_single->ID ) . '</a>';
153
153
} else {
154
154
$wcfm\_customers\_json\_arr\[$index\]\[\] = apply\_filters( 'wcfm\_customers\_display\_name\_data', $customer\_name, $wcfm\_customers\_single->ID );
…
…
220
220
$order = $orders\[0\];
221
221
if( apply\_filters( 'wcfm\_is\_allow\_order\_details', true ) && $WCFM->wcfm\_vendor\_support->wcfm\_is\_order\_for\_vendor( $order->get\_id() ) ) {
222
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<span class="customer-orderno"><a href="' . get\_wcfm\_view\_order\_url( $order->get\_id(), $order ) . '">' . \_x( '#', 'hash before order number', 'woocommerce' ) . $order->get\_order\_number() . '</a></span><br />' . wc\_format\_datetime( $order->get\_date\_created() );
222
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<span class="customer-orderno"><a href="' . esc\_url(get\_wcfm\_view\_order\_url( $order->get\_id(), $order )) . '">' . \_x( '#', 'hash before order number', 'woocommerce' ) . $order->get\_order\_number() . '</a></span><br />' . wc\_format\_datetime( $order->get\_date\_created() );
223
223
} else {
224
224
$wcfm\_customers\_json\_arr\[$index\]\[\] = '<span class="customer-orderno">' . \_x( '#', 'hash before order number', 'woocommerce' ) . $order->get\_order\_number() . '</span><br />' . wc\_format\_datetime( $order->get\_date\_created() );
…
…
232
232
233
233
// Action
234
$actions = '<a class="wcfm-action-icon" href="' . get\_wcfm\_customers\_details\_url( $wcfm\_customers\_single->ID ) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'Manage Customer', 'wc-frontend-manager' ) . '"></span></a>';
234
$actions = '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_customers\_details\_url( $wcfm\_customers\_single->ID )) . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'Manage Customer', 'wc-frontend-manager' ) . '"></span></a>';
235
235
if( apply\_filters( 'wcfm\_is\_allow\_edit\_customer', true ) && apply\_filters( 'wcfm\_is\_vendor\_customer', true, $wcfm\_customers\_single->ID ) ) {
236
$actions .= '<a class="wcfm-action-icon" href="' . get\_wcfm\_customers\_manage\_url( $wcfm\_customers\_single->ID ) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit Customer', 'wc-frontend-manager' ) . '"></span></a>';
236
$actions .= '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_customers\_manage\_url( $wcfm\_customers\_single->ID )) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit Customer', 'wc-frontend-manager' ) . '"></span></a>';
237
237
}
238
238
if ( empty( $orders ) && apply\_filters( 'wcfm\_is\_allow\_edit\_customer', true ) && apply\_filters( 'wcfm\_is\_allow\_delete\_customer', true ) && ( !wcfm\_is\_vendor() || apply\_filters( 'wcfm\_is\_vendor\_customer', true, $wcfm\_customers\_single->ID ) ) ) {
wc-frontend-manager/trunk/controllers/enquiry/wcfm-controller-enquiry-form.php
r2629284
r2630745
146
146
if( $product\_id ) $enquiry\_for\_label = get\_the\_title( $product\_id );
147
147
148
//$enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_url() . '">' . \_\_( 'Store', 'wc-frontend-manager' ) . '</a>';
149
//if( $vendor\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_url() . '">' . wcfm\_get\_vendor\_store\_name( $vendor\_id ) . ' ' . apply\_filters( 'wcfm\_sold\_by\_label', $vendor\_id, \_\_( 'Store', 'wc-frontend-manager' ) ) . '</a>';
150
//if( $product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_url() . '">' . get\_the\_title( $product\_id ) . '</a>';
148
//$enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . \_\_( 'Store', 'wc-frontend-manager' ) . '</a>';
149
//if( $vendor\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . wcfm\_get\_vendor\_store\_name( $vendor\_id ) . ' ' . apply\_filters( 'wcfm\_sold\_by\_label', $vendor\_id, \_\_( 'Store', 'wc-frontend-manager' ) ) . '</a>';
150
//if( $product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . get\_the\_title( $product\_id ) . '</a>';
151
151
152
152
/\*$mail\_to = apply\_filters( 'wcfm\_admin\_email\_notification\_receiver', get\_bloginfo( 'admin\_email' ), 'enquiry' );
…
…
196
196
// Direct message
197
197
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', 0 ) ) {
198
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $enquiry\_id ) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
198
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $enquiry\_id )) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
199
199
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -2, 0, 1, 0, $wcfm\_messages, 'enquiry', false );
200
200
}
…
…
220
220
// Direct message
221
221
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', $vendor\_id ) ) {
222
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $enquiry\_id ) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
222
$wcfm\_messages = sprintf( \_\_( 'New Inquiry <b>%s</b> received for <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $enquiry\_id )) . '">#' . sprintf( '%06u', $enquiry\_id ) . '</a>', $enquiry\_for\_label );
223
223
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -1, $vendor\_id, 1, 0, $wcfm\_messages, 'enquiry', false );
224
224
}
wc-frontend-manager/trunk/controllers/enquiry/wcfm-controller-enquiry-manage.php
r2629284
r2630745
47
47
$attchments = wcfm\_handle\_file\_upload();
48
48
49
$inquiry\_reply = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
49
$inquiry\_reply = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
50
50
$inquiry\_reply\_by = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
51
51
$inquiry\_id = absint( $wcfm\_enquiry\_reply\_form\_data\['inquiry\_id'\] );
…
…
128
128
$enquiry\_for = \_\_( 'Store', 'wc-frontend-manager' );
129
129
if( $inquiry\_vendor\_id ) $enquiry\_for = wcfm\_get\_vendor\_store( $inquiry\_vendor\_id );
130
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_permalink( $inquiry\_product\_id ) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
130
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_permalink( $inquiry\_product\_id )) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
131
131
132
132
$myaccount\_page\_id = get\_option( 'woocommerce\_myaccount\_page\_id' );
…
…
196
196
if( wcfm\_is\_vendor() ) {
197
197
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', 0 ) ) {
198
$wcfm\_messages = sprintf( \_\_( 'New reply posted for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $inquiry\_id ) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
198
$wcfm\_messages = sprintf( \_\_( 'New reply posted for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $inquiry\_id )) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
199
199
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( $inquiry\_vendor\_id, 0, 0, 1, $wcfm\_messages, 'enquiry', false );
200
200
}
…
…
241
241
$attchments = wcfm\_handle\_file\_upload();
242
242
243
$inquiry\_reply = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
243
$inquiry\_reply = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['inquiry\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
244
244
$inquiry\_reply\_by = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
245
245
$inquiry\_id = absint( $wcfm\_enquiry\_reply\_form\_data\['inquiry\_id'\] );
…
…
307
307
$enquiry\_for = \_\_( 'Store', 'wc-frontend-manager' );
308
308
if( $inquiry\_vendor\_id ) $enquiry\_for = wcfm\_get\_vendor\_store( $inquiry\_vendor\_id );
309
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_permalink( $inquiry\_product\_id ) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
309
if( $inquiry\_product\_id ) $enquiry\_for = '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_permalink( $inquiry\_product\_id )) . '">' . get\_the\_title( $inquiry\_product\_id ) . '</a>';
310
310
311
311
$mail\_to = apply\_filters( 'wcfm\_admin\_email\_notification\_receiver', get\_bloginfo( 'admin\_email' ), 'enquiry' );
…
…
345
345
// Direct message
346
346
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', 0 ) ) {
347
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $inquiry\_id ) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
347
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $inquiry\_id )) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
348
348
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -2, 0, 1, 0, $wcfm\_messages, 'enquiry', false );
349
349
}
…
…
365
365
// Direct message
366
366
if( apply\_filters( 'wcfm\_is\_allow\_notification\_message', true, 'enquiry', $inquiry\_vendor\_id ) ) {
367
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . get\_wcfm\_enquiry\_manage\_url( $inquiry\_id ) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
367
$wcfm\_messages = sprintf( \_\_( 'New reply received for Inquiry <b>%s</b>', 'wc-frontend-manager' ), '<a target="\_blank" class="wcfm\_dashboard\_item\_title" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url( $inquiry\_id )) . '">#' . sprintf( '%06u', $inquiry\_id ) . '</a>' );
368
368
$WCFM->wcfm\_notification->wcfm\_send\_direct\_message( -1, $inquiry\_vendor\_id, 1, 0, $wcfm\_messages, 'enquiry', false );
369
369
}
wc-frontend-manager/trunk/controllers/enquiry/wcfm-controller-enquiry.php
r2414751
r2630745
45
45
$time\_filter = '';
46
46
47
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
47
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
48
48
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === wc\_clean($\_POST\['order'\]) ) ? 'ASC' : 'DESC';
49
49
…
…
121
121
foreach($wcfm\_enquirys\_array as $wcfm\_enquirys\_single) {
122
122
// Enquiry
123
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_enquiry\_message\_display', $wcfm\_enquirys\_single->enquiry, $wcfm\_enquirys\_single->ID ) . '</a>';
123
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . apply\_filters( 'wcfm\_enquiry\_message\_display', $wcfm\_enquirys\_single->enquiry, $wcfm\_enquirys\_single->ID ) . '</a>';
124
124
125
125
// Product
126
126
if( $wcfm\_enquirys\_single->product\_id ) {
127
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a class="wcfm-enquiry-product" target="\_blank" href="' . get\_permalink($wcfm\_enquirys\_single->product\_id) . '">' . get\_the\_title($wcfm\_enquirys\_single->product\_id) . '</a>';
127
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '<a class="wcfm-enquiry-product" target="\_blank" href="' . esc\_url(get\_permalink($wcfm\_enquirys\_single->product\_id)) . '">' . get\_the\_title($wcfm\_enquirys\_single->product\_id) . '</a>';
128
128
} else {
129
129
$wcfm\_enquirys\_json\_arr\[$index\]\[\] = '–';
…
…
134
134
if( apply\_filters( 'wcfm\_allow\_view\_customer\_name', true ) ) {
135
135
if( $wcfm\_enquirys\_single->customer\_id && apply\_filters( 'wcfm\_is\_allow\_view\_customer', true ) ) {
136
$customer\_details = '<a target="\_blank" href="' . get\_wcfm\_customers\_details\_url($wcfm\_enquirys\_single->customer\_id) . '" class="wcfm\_inquiry\_by\_customer">' . $wcfm\_enquirys\_single->customer\_name . '</a>';
136
$customer\_details = '<a target="\_blank" href="' . esc\_url(get\_wcfm\_customers\_details\_url($wcfm\_enquirys\_single->customer\_id)) . '" class="wcfm\_inquiry\_by\_customer">' . $wcfm\_enquirys\_single->customer\_name . '</a>';
137
137
} else {
138
138
$customer\_details = $wcfm\_enquirys\_single->customer\_name;
…
…
207
207
208
208
// Action
209
$actions = '<a class="wcfm-action-icon" href="' . get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID) . '"><span class="wcfmfa fa-reply-all text\_tip" data-tip="' . esc\_attr\_\_( 'Reply', 'wc-frontend-manager' ) . '"></span></a>';
209
$actions = '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID)) . '"><span class="wcfmfa fa-reply-all text\_tip" data-tip="' . esc\_attr\_\_( 'Reply', 'wc-frontend-manager' ) . '"></span></a>';
210
210
211
211
if( apply\_filters( 'wcfm\_is\_allow\_eniquiry\_delete', true ) ) {
wc-frontend-manager/trunk/controllers/knowledgebase/wcfm-controller-knowledgebase-manage.php
r2571321
r2630745
48
48
'post\_status' => $knowledgebase\_status,
49
49
'post\_type' => 'wcfm\_knowledgebase',
50
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ),
50
'post\_content' => wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ),
51
51
'post\_author' => $current\_user\_id
52
52
);
wc-frontend-manager/trunk/controllers/knowledgebase/wcfm-controller-knowledgebase.php
r2414751
r2630745
98
98
// Knowledgebase
99
99
if( !wcfm\_is\_vendor() ) {
100
$wcfm\_knowledgebases\_json\_arr\[$index\]\[\] = '<a href="' . get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_knowledgebases\_single->post\_title . '</a>';
100
$wcfm\_knowledgebases\_json\_arr\[$index\]\[\] = '<a href="' . esc\_url(get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID)) . '" class="wcfm\_dashboard\_item\_title">' . $wcfm\_knowledgebases\_single->post\_title . '</a>';
101
101
} else {
102
102
$wcfm\_knowledgebases\_json\_arr\[$index\]\[\] = '<span class="wcfm\_dashboard\_item\_title">' . $wcfm\_knowledgebases\_single->post\_title . '</span>';
…
…
119
119
$actions = '<a class="wcfm-action-icon wcfm\_knowledgebase\_view" href="#" data-knowledgebaseid="' . $wcfm\_knowledgebases\_single->ID . '"><span class="wcfmfa fa-eye text\_tip" data-tip="' . esc\_attr\_\_( 'View', 'wc-frontend-manager' ) . '"></span></a>';
120
120
if( !wcfm\_is\_vendor() && apply\_filters( 'wcfm\_is\_allow\_edit\_knowledgebase', true ) ) {
121
$actions .= '<a class="wcfm-action-icon" href="' . get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
121
$actions .= '<a class="wcfm-action-icon" href="' . esc\_url(get\_wcfm\_knowledgebase\_manage\_url($wcfm\_knowledgebases\_single->ID)) . '"><span class="wcfmfa fa-edit text\_tip" data-tip="' . esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ) . '"></span></a>';
122
122
if( $wcfm\_knowledgebases\_single->post\_status != 'publish' ) {
123
123
$actions .= '<a class="wcfm\_knowledgebase\_publish wcfm-action-icon" href="#" data-knowledgebaseid="' . $wcfm\_knowledgebases\_single->ID . '"><span class="wcfmfa fa-check-circle text\_tip" data-tip="' . esc\_attr\_\_( 'Publish - on line this now', 'wc-frontend-manager' ) . '"></span></a>';
wc-frontend-manager/trunk/controllers/messages/wcfm-controller-message-sent.php
r2571321
r2630745
21
21
global $WCFM, $wpdb, $\_POST;
22
22
23
$wcfm\_messages = ! empty( $\_POST\['wcfm\_messages'\] ) ? sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['wcfm\_messages'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
23
$wcfm\_messages = ! empty( $\_POST\['wcfm\_messages'\] ) ? wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['wcfm\_messages'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
24
24
$author\_id = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
25
25
wc-frontend-manager/trunk/controllers/messages/wcfm-controller-messages.php
r2629284
r2630745
37
37
}
38
38
39
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
39
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
40
40
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
41
41
wc-frontend-manager/trunk/controllers/notice/wcfm-controller-notice-manage.php
r2571321
r2630745
39
39
'post\_status' => $notice\_status,
40
40
'post\_type' => 'wcfm\_notice',
41
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
41
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['content'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
42
42
'post\_author' => $current\_user\_id
43
43
);
wc-frontend-manager/trunk/controllers/notice/wcfm-controller-notice-reply.php
r2571321
r2630745
35
35
'post\_status' => $notice\_status,
36
36
'post\_type' => 'wcfm\_notice',
37
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['topic\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
37
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['topic\_reply'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
38
38
'post\_author' => $current\_user\_id
39
39
);
wc-frontend-manager/trunk/controllers/orders/wcfm-controller-dokan-orders.php
r2629284
r2630745
36
36
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'seller\_id' );
37
37
38
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
38
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
39
39
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
40
40
wc-frontend-manager/trunk/controllers/orders/wcfm-controller-wcfmmarketplace-itemized-orders.php
r2611994
r2630745
47
47
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
48
48
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
50
50
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
51
51
$allowed\_status = get\_wcfm\_marketplace\_active\_withdrwal\_order\_status\_in\_comma();
wc-frontend-manager/trunk/controllers/orders/wcfm-controller-wcfmmarketplace-orders.php
r2611994
r2630745
47
47
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
48
48
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
49
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
50
50
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
51
51
$allowed\_status = get\_wcfm\_marketplace\_active\_withdrwal\_order\_status\_in\_comma();
wc-frontend-manager/trunk/controllers/orders/wcfm-controller-wcmarketplace-orders.php
r2153814
r2630745
38
38
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
39
39
40
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
40
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
41
41
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
42
42
wc-frontend-manager/trunk/controllers/orders/wcfm-controller-wcpvendors-orders.php
r2153814
r2630745
35
35
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
36
36
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
38
38
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
39
39
wc-frontend-manager/trunk/controllers/orders/wcfm-controller-wcvendors-orders.php
r2153814
r2630745
41
41
$group\_manager\_filter = apply\_filters( 'wcfm\_orders\_group\_manager\_filter', '', 'vendor\_id' );
42
42
43
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
43
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
44
44
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
45
45
wc-frontend-manager/trunk/controllers/products-manager/wcfm-controller-products-manage.php
r2571325
r2630745
75
75
'post\_status' => $product\_status,
76
76
'post\_type' => 'product',
77
'post\_excerpt' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
78
'post\_content' => sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
77
'post\_excerpt' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['excerpt'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
78
'post\_content' => wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['description'\], ENT\_QUOTES, 'UTF-8' ) ) ) ),
79
79
'post\_author' => $current\_user\_id,
80
80
'post\_name' => sanitize\_title($wcfm\_products\_manage\_form\_data\['pro\_title'\])
wc-frontend-manager/trunk/controllers/profile/wcfm-controller-profile.php
r2571322
r2630745
84
84
//$wcfm\_profile\_form = array\_map( 'stripslashes', $wcfm\_profile\_form );
85
85
86
$description = ! empty( $\_POST\['about'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['about'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
86
$description = ! empty( $\_POST\['about'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['about'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
87
87
update\_user\_meta( $user\_id, 'description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $description ) );
88
88
wc-frontend-manager/trunk/controllers/settings/wcfm-controller-wcfmmarketplace-settings.php
r2571323
r2630745
147
147
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
148
148
if( isset( $\_POST\['profile'\] ) && !empty( $\_POST\['profile'\] ) ) {
149
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
149
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
150
150
wcfm\_update\_user\_meta( $user\_id, '\_store\_description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $wcfm\_settings\_form\['shop\_description'\] ) );
151
151
}
wc-frontend-manager/trunk/controllers/settings/wcfm-controller-wcmarketplace-settings.php
r2571323
r2630745
43
43
// sanitize html editor content
44
44
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
45
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
45
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
46
46
update\_user\_meta( $user\_id, '\_vendor\_description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $wcfm\_settings\_form\['shop\_description'\] ) );
47
47
}
wc-frontend-manager/trunk/controllers/settings/wcfm-controller-wcpvendors-settings.php
r2571323
r2630745
48
48
// sanitize html editor content
49
49
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
50
$wcfm\_settings\_form\['profile'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
50
$wcfm\_settings\_form\['profile'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
51
51
}
52
52
wc-frontend-manager/trunk/controllers/settings/wcfm-controller-wcvendors-settings.php
r2571323
r2630745
40
40
41
41
// sanitize html editor content
42
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
42
$wcfm\_settings\_form\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) ) : '';
43
43
44
44
if( apply\_filters( 'wcfm\_is\_allow\_store\_name', true ) ) {
wc-frontend-manager/trunk/controllers/vendors/wcfm-controller-vendors-new.php
r2571322
r2630745
172
172
if( apply\_filters( 'wcfm\_is\_allow\_store\_description', true ) ) {
173
173
if( isset( $\_POST\['profile'\] ) && !empty( $\_POST\['profile'\] ) ) {
174
$wcfm\_vendor\_form\_data\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? sanitize\_option( 'wcfm\_editor\_content', stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
174
$wcfm\_vendor\_form\_data\['shop\_description'\] = ! empty( $\_POST\['profile'\] ) ? wp\_filter\_post\_kses( stripslashes( html\_entity\_decode( $\_POST\['profile'\], ENT\_QUOTES, 'UTF-8' ) ) ) : '';
175
175
wcfm\_update\_user\_meta( $vendor\_id, '\_store\_description', apply\_filters( 'wcfm\_editor\_content\_before\_save', $wcfm\_vendor\_form\_data\['shop\_description'\] ) );
176
176
}
wc-frontend-manager/trunk/controllers/withdrawal/dokan/wcfm-controller-withdrawal-requests.php
r2160755
r2630745
24
24
$offset = wc\_clean($\_POST\['start'\]);
25
25
26
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
26
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
27
27
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
28
28
wc-frontend-manager/trunk/controllers/withdrawal/wcfm/wcfm-controller-payments.php
r2300280
r2630745
39
39
}
40
40
41
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
41
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
42
42
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
43
43
wc-frontend-manager/trunk/controllers/withdrawal/wcfm/wcfm-controller-withdrawal-requests.php
r2300280
r2630745
35
35
}
36
36
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
38
38
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
39
39
wc-frontend-manager/trunk/controllers/withdrawal/wcfm/wcfm-controller-withdrawal-reverse.php
r2611994
r2630745
35
35
}
36
36
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'ID';
37
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'ID';
38
38
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
39
39
wc-frontend-manager/trunk/controllers/withdrawal/wcfm/wcfm-controller-withdrawal.php
r2370721
r2630745
48
48
}
49
49
50
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_text\_field( $\_POST\['orderby'\] ) : 'order\_id';
50
$the\_orderby = ! empty( $\_POST\['orderby'\] ) ? sanitize\_sql\_orderby( $\_POST\['orderby'\] ) : 'order\_id';
51
51
$the\_order = ( ! empty( $\_POST\['order'\] ) && 'asc' === $\_POST\['order'\] ) ? 'ASC' : 'DESC';
52
52
wc-frontend-manager/trunk/core/class-wcfm-admin.php
r2629284
r2630745
118
118
<div class="notice is-dismissible wcfm\_addon\_inactive\_notice\_box wcfm\_ultimate\_inactive\_notice\_box" id="wcfm-ultimate-notice">
119
119
<img class="wcfm\_logo" src="<?php echo esc\_url( $WCFM->plugin\_url ); ?>assets/images/wcfm\_marketplace\_white\_logo.png" alt="">
120
<?php echo $offer\_msg; ?>
120
<?php echo wp\_kses\_post($offer\_msg); ?>
121
121
<span class="dashicons dashicons-megaphone"></span>
122
122
<a href="https://wclovers.com/product/woocommerce-frontend-manager-ultimate/?utm\_source=wp-admin&utm\_medium=banner&utm\_campaign=promotion&utm\_content=ultimate" class=" button-primary promo-btn" target="\_blank"><?php \_e( 'GET Ultimate', 'wc-multivendor-marketplace' ); ?></a>
…
…
164
164
<div class="notice is-dismissible wcfm\_addon\_inactive\_notice\_box" id="wcfm-membership-notice">
165
165
<img src="<?php echo esc\_url( $WCFM->plugin\_url ) . 'assets/images/wcfm\_membership\_logo.jpg'; ?>" alt="">
166
<?php echo $offer\_msg; ?>
166
<?php echo wp\_kses\_post($offer\_msg); ?>
167
167
<span class="dashicons dashicons-groups"></span>
168
168
<a href="https://wordpress.org/plugins/wc-multivendor-membership/" class="button button-primary promo-btn" target="\_blank"><?php \_e( 'View Details', 'wc-frontend-manager' ); ?></a>
…
…
216
216
<div class="notice is-dismissible wcfm\_addon\_inactive\_notice\_box wcfm\_group\_inactive\_notice\_box" id="wcfm-groups-sttafs-notice">
217
217
<img src="<?php echo esc\_url( $WCFM->plugin\_url ); ?>assets/images/wcfm\_marketplace\_white\_logo.png" alt="">
218
<?php echo $offer\_msg; ?>
218
<?php echo wp\_kses\_post($offer\_msg); ?>
219
219
<span class="dashicons dashicons-groups1"></span>
220
220
<a href="https://wclovers.com/product/woocommerce-frontend-manager-groups-staffs/?utm\_source=wp-admin&utm\_medium=banner&utm\_campaign=promotion&utm\_content=groups-staffs" class="promo-btn wcfmgs\_promo\_button" target="\_blank"></a>
…
…
262
262
</style>
263
263
<div class="postbox">
264
<a href="<?php echo get\_wcfm\_page(); ?>">
264
<a href="<?php echo esc\_usrl(get\_wcfm\_page()); ?>">
265
265
<div id="sales-piechart"><canvas id="sales-piechart-canvas"></canvas></div>
266
266
<div id="wcfm-logo"><img src="<?php echo esc\_url( $WCFM->plugin\_url ); ?>/assets/images/wcfm-30x30.png" alt="WCFM Home" /></div>
…
…
297
297
}
298
298
299
echo '<div style="text-align: center;"><a href="' . $wcfm\_url . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a></div>';
299
echo '<div style="text-align: center;"><a href="' . esc\_url($wcfm\_url) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a></div>';
300
300
}
301
301
…
…
307
307
308
308
if ( in\_array( $typenow, wc\_get\_order\_types( 'order-meta-boxes' ) ) ) {
309
echo '<a style="float: right;" href="' . get\_wcfm\_orders\_url() . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
309
echo '<a style="float: right;" href="' . esc\_url(get\_wcfm\_orders\_url()) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
310
310
} elseif ( 'product' == $typenow ) {
311
echo '<a style="float: right;" href="' . get\_wcfm\_products\_url() . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
311
echo '<a style="float: right;" href="' . esc\_url(get\_wcfm\_products\_url()) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
312
312
} elseif ( 'shop\_coupon' == $typenow ) {
313
echo '<a style="float: right;" href="' . get\_wcfm\_coupons\_url() . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
313
echo '<a style="float: right;" href="' . esc\_url(get\_wcfm\_coupons\_url()) . '"><img src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
314
314
}
315
315
}
…
…
387
387
foreach($pages\_array as $p\_id => $p\_name) {
388
388
?>
389
<option value="<?php echo $p\_id; ?>" <?php echo isset( $options\[ $args\['label\_for'\] \] ) ? ( selected( $options\[ $args\['label\_for'\] \], $p\_id, false ) ) : ( '' ); ?>>
389
<option value="<?php echo esc\_attr($p\_id); ?>" <?php echo isset( $options\[ $args\['label\_for'\] \] ) ? ( selected( $options\[ $args\['label\_for'\] \], $p\_id, false ) ) : ( '' ); ?>>
390
390
<?php esc\_html\_e( $p\_name, $WCFM->text\_domain ); ?>
391
391
</option>
…
…
395
395
</select>
396
396
<div class="wcfm\_setting\_warning\_box">
397
<p><?php \_e( 'DO NOT USE WCFM DASHBOARD PAGE FOR OTHER PAGE SETTINGS, you will break your site if you do.', 'wc-frontend-manager' ); ?></p>
397
<p><?php esc\_html\_e( 'DO NOT USE WCFM DASHBOARD PAGE FOR OTHER PAGE SETTINGS, you will break your site if you do.', 'wc-frontend-manager' ); ?></p>
398
398
</div>
399
399
<?php
…
…
437
437
?>
438
438
<div class="wrap">
439
<h1><?php echo esc\_html( get\_admin\_page\_title() ); ?></h1>
439
<h1><?php echo wp\_kses\_post( get\_admin\_page\_title() ); ?></h1>
440
440
<form action="options.php" method="post">
441
441
<div style="float: left; display: inline-block; width: 60%;">
wc-frontend-manager/trunk/core/class-wcfm-ajax.php
r2629284
r2630745
157
157
} else {
158
158
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
159
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
159
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
160
160
wp\_die();
161
161
}
…
…
173
173
case 'wcfm-coupons-manage':
174
174
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
175
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
175
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
176
176
wp\_die();
177
177
}
…
…
235
235
case 'wcfm-profile':
236
236
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
237
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
237
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
238
238
wp\_die();
239
239
}
…
…
245
245
case 'wcfm-settings':
246
246
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
247
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
247
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
248
248
wp\_die();
249
249
}
…
…
264
264
case 'wcfm-capability':
265
265
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
266
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
266
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
267
267
wp\_die();
268
268
}
…
…
279
279
case 'wcfm-knowledgebase-manage':
280
280
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
281
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
281
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
282
282
wp\_die();
283
283
}
…
…
294
294
case 'wcfm-notice-manage':
295
295
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
296
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
296
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
297
297
wp\_die();
298
298
}
…
…
304
304
case 'wcfm-notice-reply':
305
305
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
306
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
306
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
307
307
wp\_die();
308
308
}
…
…
339
339
case 'wcfm-vendors-new':
340
340
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
341
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
341
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
342
342
wp\_die();
343
343
}
…
…
389
389
global $WCFM, $WCFMu, $\_POST;
390
390
391
$taxonomy = esc\_attr( wc\_clean( $\_POST\['taxonomy'\] ) );
391
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
392
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
393
wp\_die();
394
}
395
396
$taxonomy = wc\_clean( $\_POST\['taxonomy'\] );
392
397
$new\_term = wc\_clean( $\_POST\['new\_term'\] );
393
398
$parent\_term = wc\_clean( $\_POST\['parent\_term'\] );
…
…
506
511
}
507
512
513
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
514
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
515
wp\_die();
516
}
517
508
518
$product\_id = absint($\_POST\['proid'\]);
509
519
…
…
511
521
$product = wc\_get\_product( $product\_id );
512
522
if( !$product || !is\_object( $product ) ) {
513
echo 'failed';
523
echo esc\_html('failed');
514
524
die;
515
525
}
…
…
522
532
if( apply\_filters( 'wcfm\_is\_allow\_product\_delete' , false ) ) {
523
533
if(wp\_delete\_post($product\_id)) {
524
echo 'success';
534
echo esc\_html('success');
525
535
die;
526
536
}
527
537
} else {
528
538
if(wp\_trash\_post($product\_id)) {
529
echo 'success';
539
echo esc\_html('success');
530
540
die;
531
541
}
…
…
545
555
wp\_die();
546
556
}
557
558
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
559
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
560
wp\_die();
561
}
547
562
548
563
if( isset( $\_POST\['proid'\] ) && !empty( $\_POST\['proid'\] ) ) {
…
…
573
588
wp\_die();
574
589
}
590
591
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
592
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
593
wp\_die();
594
}
575
595
576
596
if( isset( $\_POST\['proid'\] ) && !empty( $\_POST\['proid'\] ) ) {
…
…
603
623
}
604
624
625
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
626
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
627
wp\_die();
628
}
629
605
630
if( isset( $\_POST\['proid'\] ) && !empty( $\_POST\['proid'\] ) ) {
606
631
$product\_id = absint( $\_POST\['proid'\] );
…
…
626
651
global $WCFM, $WCFMu, $\_POST;
627
652
653
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
654
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
655
wp\_die();
656
}
657
628
658
if( isset( $\_POST\['listid'\] ) && !empty( $\_POST\['listid'\] ) ) {
629
659
$listing\_id = absint($\_POST\['listid'\]);
…
…
637
667
}
638
668
639
echo 'sucess';
669
echo esc\_html('sucess');
640
670
die;
641
671
}
…
…
648
678
649
679
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
650
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
680
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
651
681
wp\_die();
652
682
}
683
684
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
685
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
686
wp\_die();
687
}
653
688
654
689
$order\_id = absint( $\_POST\['orderid'\] );
…
…
689
724
690
725
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
691
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
726
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
692
727
wp\_die();
693
728
}
729
730
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
731
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
732
wp\_die();
733
}
694
734
695
735
$order\_id = absint( $\_POST\['order\_id'\] );
…
…
723
763
724
764
if( defined('WCFM\_REST\_API\_CALL') ) {
725
return '{"status": true, "message": "' . \_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
726
}
727
728
echo '{"status": true, "message": "' . \_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
765
return '{"status": true, "message": "' . esc\_html\_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
766
}
767
768
echo '{"status": true, "message": "' . esc\_html\_\_( 'Order status updated.', 'wc-frontend-manager' ) . '"}';
729
769
}
730
770
die;
…
…
742
782
wp\_die();
743
783
}
784
785
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
786
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
787
wp\_die();
788
}
744
789
745
790
$knowledgebaseid = absint( $\_POST\['knowledgebaseid'\] );
…
…
765
810
}
766
811
812
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
813
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
814
wp\_die();
815
}
816
767
817
$knowledgebaseid = absint( $\_POST\['knowledgebaseid'\] );
768
818
…
…
787
837
}
788
838
839
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
840
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
841
wp\_die();
842
}
843
789
844
$knowledgebaseid = absint( $\_POST\['knowledgebaseid'\] );
790
845
791
846
if($knowledgebaseid) {
792
847
if(wp\_delete\_post($knowledgebaseid)) {
793
echo 'success';
848
echo esc\_html('success');
794
849
die;
795
850
}
…
…
808
863
wp\_die();
809
864
}
865
866
if ( !current\_user\_can( 'manage\_woocommerce' ) ) {
867
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
868
wp\_die();
869
}
810
870
811
871
$noticeid = absint( $\_POST\['noticeid'\] );
…
…
831
891
}
832
892
893
if ( !current\_user\_can( 'manage\_woocommerce' ) ) {
894
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
895
wp\_die();
896
}
897
833
898
$noticeid = absint( $\_POST\['noticeid'\] );
834
899
…
…
853
918
}
854
919
920
if ( !current\_user\_can( 'manage\_woocommerce' ) ) {
921
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
922
wp\_die();
923
}
924
855
925
$noticeid = absint( $\_POST\['noticeid'\] );
856
926
857
927
if($noticeid) {
858
928
if(wp\_delete\_post($noticeid)) {
859
echo 'success';
929
echo esc\_html('success');
860
930
die;
861
931
}
…
…
925
995
update\_user\_meta( $user\_id, '\_wcfm\_menu\_toggle\_state', $toggle\_state );
926
996
927
echo "success";
997
echo esc\_html("success");
928
998
die;
929
999
}
…
…
1189
1259
wp\_mail( $user\_email, $subject, $message );
1190
1260
1191
echo '{"status": true, "message": "' . \_\_( 'Email verification code send to your email.', 'wc-frontend-manager' ) . '"}';
1261
echo '{"status": true, "message": "' . esc\_html\_\_( 'Email verification code send to your email.', 'wc-frontend-manager' ) . '"}';
1192
1262
} else {
1193
echo '{"status": false, "message": "' . \_\_( 'Email verification not working right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1263
echo '{"status": false, "message": "' . esc\_html\_\_( 'Email verification not working right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1194
1264
}
1195
1265
die;
…
…
1203
1273
1204
1274
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
1205
wp\_send\_json\_error( \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) );
1275
wp\_send\_json\_error( esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) );
1206
1276
wp\_die();
1207
1277
}
1278
1279
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
1280
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
1281
wp\_die();
1282
}
1208
1283
1209
1284
if( isset( $\_POST\['memberid'\] ) ) {
…
…
1234
1309
do\_action( 'wcfm\_vendor\_disable\_after', $member\_id );
1235
1310
1236
echo '{"status": true, "message": "' . \_\_( 'Vendor successfully disabled.', 'wc-frontend-manager' ) . '"}';
1311
echo '{"status": true, "message": "' . esc\_html\_\_( 'Vendor successfully disabled.', 'wc-frontend-manager' ) . '"}';
1237
1312
die;
1238
1313
}
1239
echo '{"status": false, "message": "' . \_\_( 'Vendor can not be disabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1314
echo '{"status": false, "message": "' . esc\_html\_\_( 'Vendor can not be disabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1240
1315
die;
1241
1316
}
…
…
1251
1326
wp\_die();
1252
1327
}
1328
1329
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
1330
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
1331
wp\_die();
1332
}
1253
1333
1254
1334
if( isset( $\_POST\['memberid'\] ) ) {
…
…
1287
1367
do\_action( 'wcfm\_vendor\_enable\_after', $member\_id );
1288
1368
1289
echo '{"status": true, "message": "' . \_\_( 'Vendor successfully enabled.', 'wc-frontend-manager' ) . '"}';
1369
echo '{"status": true, "message": "' . esc\_html\_\_( 'Vendor successfully enabled.', 'wc-frontend-manager' ) . '"}';
1290
1370
die;
1291
1371
}
1292
echo '{"status": false, "message": "' . \_\_( 'Vendor can not be enabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1372
echo '{"status": false, "message": "' . esc\_html\_\_( 'Vendor can not be enabled right now, please try after sometime.', 'wc-frontend-manager' ) . '"}';
1293
1373
die;
1294
1374
}
…
…
1300
1380
global $WCFM;
1301
1381
1382
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
1383
esc\_html\_e( 'You don’t have permission to do this.', 'woocommerce' );
1384
wp\_die();
1385
}
1386
1302
1387
$knowledgebase\_id = '';
1303
1388
if( isset($\_POST\['knowledgebaseid'\]) ) {
…
…
1307
1392
1308
1393
echo '<table><tbody><tr><td><h2 style="font-size: 18px;line-height: 20px;color:#00798b;text-decoration:underline;">';
1309
echo $knowledgebase\_post->post\_title;
1394
echo wp\_kses\_post($knowledgebase\_post->post\_title);
1310
1395
echo '</h2></td></tr><tr><td>';
1311
echo $knowledgebase\_post->post\_content;
1396
echo ($knowledgebase\_post->post\_content);
1312
1397
echo '</td></tr></tbody></table>';
1313
1398
}
…
…
1344
1429
1345
1430
if ( empty( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\] ) ) {
1346
echo '{"status": false, "message": "' . \_\_( 'Please insert username before submit.', 'wc-frontend-manager' ) . '"}';
1431
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please insert username before submit.', 'wc-frontend-manager' ) . '"}';
1347
1432
die;
1348
1433
}
…
…
1362
1447
1363
1448
if( !email\_exists( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\]) ) {
1364
echo '{"status": false, "message": "' . \_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1449
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1365
1450
die;
1366
1451
}
…
…
1373
1458
1374
1459
if ( is\_wp\_error( $user ) ) {
1375
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . $user->get\_error\_message() . '"}';
1460
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . $user->get\_error\_message() . '"}';
1376
1461
} else {
1377
echo '{"status": true, "message": "' . \_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1462
echo '{"status": true, "message": "' . esc\_html\_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1378
1463
}
1379
1464
} else {
1380
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1465
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1381
1466
}
1382
1467
1383
1468
} else {
1384
1469
if ( !validate\_username( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\] ) || !username\_exists( $wcfm\_login\_popup\_form\_data\['wcfm\_login\_popup\_username'\] ) ) {
1385
echo '{"status": false, "message": "' . \_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1470
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please insert a valid username / e-mail address.', 'wc-frontend-manager' ) . '"}';
1386
1471
die;
1387
1472
}
…
…
1394
1479
1395
1480
if ( is\_wp\_error( $user ) ) {
1396
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1481
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1397
1482
} else {
1398
echo '{"status": true, "message": "' . \_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1483
echo '{"status": true, "message": "' . esc\_html\_\_( 'Login successfully ...', 'wc-frontend-manager' ) . '"}';
1399
1484
}
1400
1485
} else {
1401
echo '{"status": false, "message": "' . \_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1486
echo '{"status": false, "message": "' . esc\_html\_\_( 'Please try again!', 'wc-frontend-manager' ) . '"}';
1402
1487
}
1403
1488
}
wc-frontend-manager/trunk/core/class-wcfm-article.php
r2571322
r2630745
232
232
case 'wcfm-articles-manage':
233
233
if ( ! check\_ajax\_referer( 'wcfm\_ajax\_nonce', 'wcfm\_ajax\_nonce', false ) ) {
234
echo '{"status": false, "message": "' . \_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
234
echo '{"status": false, "message": "' . esc\_html\_\_( 'Invalid nonce! Refresh your page and try again.', 'wc-frontend-manager' ) . '"}';
235
235
wp\_die();
236
236
}
…
…
254
254
}
255
255
256
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
257
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
258
wp\_die();
259
}
260
256
261
$articleid = absint( $\_POST\['articleid'\] );
257
262
…
…
260
265
if( apply\_filters( 'wcfm\_is\_allow\_article\_delete' , false ) ) {
261
266
if(wp\_delete\_post($articleid)) {
262
echo 'success';
267
echo esc\_html('success');
263
268
die;
264
269
}
265
270
} else {
266
271
if(wp\_trash\_post($articleid)) {
267
echo 'success';
272
echo esc\_html('success');
268
273
die;
269
274
}
wc-frontend-manager/trunk/core/class-wcfm-customer.php
r2571322
r2630745
363
363
}
364
364
365
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
366
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
367
wp\_die();
368
}
369
365
370
$customerid = absint( $\_POST\['customerid'\] );
366
371
367
372
if($customerid) {
368
373
if(wp\_delete\_user($customerid)) {
369
echo 'success';
374
echo esc\_html('success');
370
375
die;
371
376
}
wc-frontend-manager/trunk/core/class-wcfm-enquiry.php
r2571322
r2630745
380
380
}
381
381
382
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
383
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
384
wp\_die();
385
}
386
382
387
if( isset( $\_POST\['enquiryid'\] ) && !empty( $\_POST\['enquiryid'\] ) ) {
383
388
$enquiryid = absint( $\_POST\['enquiryid'\] );
…
…
387
392
}
388
393
389
echo "success";
394
echo esc\_html("success");
390
395
die;
391
396
}
…
…
402
407
}
403
408
409
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
410
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
411
wp\_die();
412
}
413
404
414
if( isset( $\_POST\['responseid'\] ) && !empty( $\_POST\['responseid'\] ) ) {
405
415
$responseid = absint( $\_POST\['responseid'\] );
…
…
408
418
}
409
419
410
echo "success";
420
echo esc\_html("success");
411
421
die;
412
422
}
…
…
468
478
<div class="wcfm\_ele\_wrapper wcfm\_catalog\_enquiry\_button\_wrapper">
469
479
<div class="wcfm-clearfix"></div>
470
<a href="#" class="wcfm\_catalog\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $vendor\_id; ?>" data-product="<?php echo $product\_id; ?>" style="<?php echo $button\_style; ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a>
480
<a href="#" class="wcfm\_catalog\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="<?php echo esc\_attr($product\_id); ?>" style="<?php echo esc\_attr($button\_style); ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a>
471
481
<?php do\_action( 'wcfm\_after\_product\_catalog\_enquiry\_button' ); ?>
472
482
<?php if( $hover\_color ) { ?>
473
483
<style>
474
a.wcfm\_catalog\_enquiry:hover{background: <?php echo $hover\_color; ?> !important;background-color: <?php echo $hover\_color; ?> !important;border-bottom-color: <?php echo $hover\_color; ?> !important;color: <?php echo $hover\_text\_color; ?> !important;}
484
a.wcfm\_catalog\_enquiry:hover{background: <?php echo esc\_attr($hover\_color); ?> !important;background-color: <?php echo esc\_attr($hover\_color); ?> !important;border-bottom-color: <?php echo esc\_attr($hover\_color); ?> !important;color: <?php echo esc\_attr($hover\_text\_color); ?> !important;}
475
485
</style>
476
486
<?php } ?>
…
…
504
514
}
505
515
?>
506
<div class="lft bd\_icon\_box"><a class="wcfm\_store\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $vendor\_id; ?>" data-product="0" href="#"><i class="wcfmfa fa-question" aria-hidden="true"></i><span><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></div>
516
<div class="lft bd\_icon\_box"><a class="wcfm\_store\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="0" href="#"><i class="wcfmfa fa-question" aria-hidden="true"></i><span><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></div>
507
517
<?php
508
518
}
…
…
527
537
}
528
538
?>
529
<p class="store-enquiry"><a class="wcfm\_catalog\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $store\_id; ?>" data-product="0" href="#"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></p>
539
<p class="store-enquiry"><a class="wcfm\_catalog\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($store\_id); ?>" data-product="0" href="#"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></a></p>
530
540
<?php
531
541
}
…
…
566
576
foreach($wcfm\_enquirys\_array as $wcfm\_enquirys\_single) {
567
577
if( $counter == 5 ) break;
568
echo '<div class="wcfm\_dashboard\_enquiry"><a href="' . get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID) . '" class="wcfm\_dashboard\_item\_title"><span class="wcfmfa fa-question-circle"></span>' . substr( $wcfm\_enquirys\_single->enquiry, 0, 60 ) . ' ...</a></div>';
578
echo '<div class="wcfm\_dashboard\_enquiry"><a href="' . esc\_url(get\_wcfm\_enquiry\_manage\_url($wcfm\_enquirys\_single->ID)). '" class="wcfm\_dashboard\_item\_title"><span class="wcfmfa fa-question-circle"></span>' . wp\_kses\_post(substr( $wcfm\_enquirys\_single->enquiry, 0, 60 )) . ' ...</a></div>';
569
579
$counter++;
570
580
}
571
581
if( count( $wcfm\_enquirys\_array ) > 5 ) {
572
echo '<div class="wcfm\_dashboard\_enquiry\_show\_all"><a class="wcfm\_submit\_button" href="' . get\_wcfm\_enquiry\_url() . '">' . \_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div>';
582
echo '<div class="wcfm\_dashboard\_enquiry\_show\_all"><a class="wcfm\_submit\_button" href="' . esc\_url(get\_wcfm\_enquiry\_url()) . '">' . esc\_html\_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div>';
573
583
}
574
584
} else {
575
\_e( 'There is no enquiry yet!!', 'wc-frontend-manager' );
585
esc\_html\_e( 'There is no enquiry yet!!', 'wc-frontend-manager' );
576
586
}
577
587
?>
…
…
615
625
if( $attachments && is\_array( $attachments ) && !empty( $attachments ) ) {
616
626
if( $context == 'view' ) {
617
echo '<div class="wcfm\_clearfix"></div><br /><h2 style="font-size:15px;">' . \_\_( 'Attachment(s)', 'wc-frontend-manager' ) . '</h2><div class="wcfm\_clearfix"></div>';
627
echo '<div class="wcfm\_clearfix"></div><br /><h2 style="font-size:15px;">' . esc\_html\_\_( 'Attachment(s)', 'wc-frontend-manager' ) . '</h2><div class="wcfm\_clearfix"></div>';
618
628
foreach( $attachments as $attachment ) {
619
echo '<a class="wcfm-wp-fields-uploader wcfm\_linked\_attached" target="\_blank" style="width:32px;height:32px;margin-right:10px;" href="' . $attachment . '"><span style="font-size:32px;color: #f86c6b;display:inline-block;" class="wcfmfa fa-file-image"></span></a>';
629
echo '<a class="wcfm-wp-fields-uploader wcfm\_linked\_attached" target="\_blank" style="width:32px;height:32px;margin-right:10px;" href="' . esc\_url($attachment) . '"><span style="font-size:32px;color: #f86c6b;display:inline-block;" class="wcfmfa fa-file-image"></span></a>';
620
630
}
621
631
return;
wc-frontend-manager/trunk/core/class-wcfm-frontend.php
r2629284
r2630745
317
317
318
318
$quick\_access\_image\_url = isset( $wcfm\_options\['wcfm\_quick\_access\_icon'\] ) ? wcfm\_get\_attachment\_url( $wcfm\_options\['wcfm\_quick\_access\_icon'\] ) : esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png';
319
echo '<a href="' . get\_wcfm\_page() . '"><img class="text\_tip" data-tip="' . \_\_( 'Dashboard', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($quick\_access\_image\_url) . '" width="30" alt="' . \_\_( 'Dashboard', 'wc-frontend-manager' ) . '" /></a>';
319
echo '<a href="' . esc\_url(get\_wcfm\_page()) . '"><img class="text\_tip" data-tip="' . esc\_html\_\_( 'Dashboard', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($quick\_access\_image\_url) . '" width="30" alt="' . esc\_html\_\_( 'Dashboard', 'wc-frontend-manager' ) . '" /></a>';
320
320
}
321
321
…
…
352
352
<?php do\_action( 'wcfm\_product\_manage', $pro\_id, $\_product ); ?>
353
353
<?php if( apply\_filters( 'wcfm\_is\_allow\_edit\_products', true ) && apply\_filters( 'wcfm\_is\_allow\_edit\_specific\_products', true, $pro\_id ) ) { ?>
354
<a class="wcfm\_button" href="<?php echo get\_wcfm\_edit\_product\_url( $pro\_id, $\_product ); ?>"> <span class="wcfmfa fa-edit text\_tip" data-tip="<?php echo esc\_attr\_\_( 'Edit', 'wc-frontend-manager' ); ?>"></span> </a>
354
<a class="wcfm\_button" href="<?php echo esc\_url(get\_wcfm\_edit\_product\_url( $pro\_id, $\_product )); ?>"> <span class="wcfmfa fa-edit text\_tip" data-tip="<?php echo esc\_html\_\_( 'Edit', 'wc-frontend-manager' ); ?>"></span> </a>
355
355
<?php } ?>
356
356
<?php if( apply\_filters( 'wcfm\_is\_allow\_delete\_products', true ) && apply\_filters( 'wcfm\_is\_allow\_delete\_specific\_products', true, $pro\_id ) ) { ?>
357
357
<span class="wcfm\_button\_separator">|</span>
358
<a class="wcfm\_button wcfm\_delete\_product" href="#" data-proid="<?php echo $pro\_id; ?>"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="<?php echo esc\_attr\_\_( 'Delete', 'wc-frontend-manager' ); ?>"></span> </a>
358
<a class="wcfm\_button wcfm\_delete\_product" href="#" data-proid="<?php echo esc\_attr($pro\_id); ?>"><span class="wcfmfa fa-trash-alt text\_tip" data-tip="<?php echo esc\_html\_\_( 'Delete', 'wc-frontend-manager' ); ?>"></span> </a>
359
359
<?php } ?>
360
360
</div>
…
…
820
820
821
821
if( apply\_filters( 'wcfm\_is\_force\_category\_attributes\_mapping', false ) ) {
822
echo '<p class="wcfm\_category\_attributes\_mapping\_msg description instructions">' . \_\_( 'First choose product category to get associated attributes.', 'wc-frontend-manager' ) . '</p>';
822
echo '<p class="wcfm\_category\_attributes\_mapping\_msg description instructions">' . esc\_html\_\_( 'First choose product category to get associated attributes.', 'wc-frontend-manager' ) . '</p>';
823
823
}
824
824
wc-frontend-manager/trunk/core/class-wcfm-integrations.php
r2370721
r2630745
1218
1218
$idx=$origin\['origin\_code'\];
1219
1219
?>
1220
<option value=<?php echo '"'.$idx.'"'; if($vendor\_data\_asal\_kota === $idx){echo ' selected';}?>><?php echo $origin\["kota\_kabupaten"\]; ?></option>
1220
<option value=<?php echo '"'.$idx.'"'; if($vendor\_data\_asal\_kota === $idx){echo ' selected';}?>><?php echo esc\_html($origin\["kota\_kabupaten"\]); ?></option>
1221
1221
<?php
1222
1222
}
…
…
1592
1592
\*/
1593
1593
function wcfm\_listing\_approve() {
1594
1595
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'shop\_staff' ) ) {
1596
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
1597
wp\_die();
1598
}
1599
1594
1600
if ( !empty( $\_GET\['listing\_id'\] ) && !wcfm\_is\_vendor() ) {
1595
1601
$listing\_id = absint( $\_GET\['listing\_id'\] );
wc-frontend-manager/trunk/core/class-wcfm-library.php
r2504634
r2630745
1348
1348
?>
1349
1349
<div class="wcfm-date-range-field">
1350
<input type="text" name="wcfm-date-range" class="wcfm-date-range" autocomplete="off" placeholder="<?php \_e( 'Choose Date Range', 'wc-frontend-manager' ); ?> ..." value="<?php echo $wcfm\_date\_range; ?>">
1350
<input type="text" name="wcfm-date-range" class="wcfm-date-range" autocomplete="off" placeholder="<?php esc\_html\_e( 'Choose Date Range', 'wc-frontend-manager' ); ?> ..." value="<?php echo esc\_html($wcfm\_date\_range); ?>">
1351
1351
1352
1352
<input type="hidden" name="wcfm-date\_from" autocomplete="off" value="">
wc-frontend-manager/trunk/core/class-wcfm-non-ajax.php
r2629284
r2630745
44
44
$draft\_count = wcfm\_get\_user\_posts\_count( $current\_user\_id, 'product', 'draft' );
45
45
46
$product\_stat = '{"online" : ' . $publish\_count . ', "pending" : ' . $pending\_count . ', "draft" : ' . $draft\_count . '}';
46
$product\_stat = '{"online" : ' . esc\_attr($publish\_count) . ', "pending" : ' . esc\_attr($pending\_count) . ', "draft" : ' . esc\_attr($draft\_count) . '}';
47
47
?>
48
48
<script type="text/javascript">
wc-frontend-manager/trunk/core/class-wcfm-notification.php
r2629284
r2630745
247
247
$wcfm\_dashboard\_message\_content\_length = (int) apply\_filters( 'wcfm\_is\_allow\_dashboard\_message\_content\_length', 80 );
248
248
if( $wcfm\_message->message\_type == 'direct' ) $message\_text = substr( strip\_tags( $message\_text ), 0, $wcfm\_dashboard\_message\_content\_length ) . ' ...';
249
echo '<div class="wcfm\_dashboard\_notification">' . $message\_icon . ' ' . $message\_text . '</div>';
249
echo '<div class="wcfm\_dashboard\_notification">' . wp\_kses\_post($message\_icon) . ' ' . wp\_kses\_post($message\_text) . '</div>';
250
250
$counter++;
251
251
}
252
252
if( count( $wcfm\_messages ) > 5 ) {
253
echo '<div class="wcfm\_dashboard\_notifications\_show\_all"><a class="wcfm\_submit\_button" href="' . get\_wcfm\_messages\_url() . '">' . \_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div><div class="wcfm-clearfix"></div>';
253
echo '<div class="wcfm\_dashboard\_notifications\_show\_all"><a class="wcfm\_submit\_button" href="' . esc\_url(get\_wcfm\_messages\_url()) . '">' . esc\_html\_\_( 'Show All', 'wc-frontend-manager' ) . '</a></div><div class="wcfm-clearfix"></div>';
254
254
}
255
255
} else {
…
…
273
273
274
274
if( is\_user\_logged\_in() ) {
275
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
276
//wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
277
wp\_die();
278
}
279
275
280
$unread\_notice = $this->wcfm\_direct\_message\_count( 'notice' );
276
281
$unread\_message = $this->wcfm\_direct\_message\_count( 'message' );
277
282
$unread\_enquiry = $this->wcfm\_direct\_message\_count( 'enquiry' );
278
283
279
echo '{ "status": true, "notice": ' . $unread\_notice . ', "message": ' .$unread\_message . ', "enquiry": ' .$unread\_enquiry . ' }';
284
echo '{ "status": true, "notice": ' . esc\_attr($unread\_notice) . ', "message": ' . esc\_attr($unread\_message) . ', "enquiry": ' . esc\_attr($unread\_enquiry) . ' }';
280
285
} else {
281
286
echo '{ "status": false, "redirect": "' . esc\_url( get\_permalink( wc\_get\_page\_id( 'myaccount' ) ) ) . '" }';
…
…
516
521
global $WCFM, $wpdb;
517
522
523
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
524
//wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
525
wp\_die();
526
}
527
518
528
if( isset( $\_POST\['limit'\] ) && $\_POST\['limit'\] ) {
519
529
$limit = absint( $\_POST\['limit'\] );
…
…
570
580
global $WCFM, $wpdb, $\_POST;
571
581
582
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
583
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
584
wp\_die();
585
}
586
572
587
$messageid = absint( $\_POST\['messageid'\] );
573
588
$message\_to = apply\_filters( 'wcfm\_message\_author', get\_current\_user\_id() );
…
…
597
612
function wcfm\_messages\_bulk\_mark\_read() {
598
613
global $WCFM, $wpdb, $\_POST;
614
615
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
616
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
617
wp\_die();
618
}
599
619
600
620
if( isset($\_POST\['selected\_messages'\]) ) {
…
…
633
653
global $WCFM, $wpdb, $\_POST;
634
654
655
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
656
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
657
wp\_die();
658
}
659
635
660
$messageid = absint( $\_POST\['messageid'\] );
636
661
$wpdb->query( "DELETE FROM {$wpdb->prefix}wcfm\_messages WHERE \`ID\` = {$messageid}" );
…
…
656
681
function wcfm\_messages\_bulk\_mark\_delete() {
657
682
global $WCFM, $wpdb, $\_POST;
683
684
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) && !current\_user\_can( 'wcfm\_delivery\_boy' ) && !current\_user\_can( 'wcfm\_affiliate' ) ) {
685
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
686
wp\_die();
687
}
658
688
659
689
if( isset($\_POST\['selected\_messages'\]) ) {
wc-frontend-manager/trunk/core/class-wcfm-policy.php
r2571322
r2630745
66
66
<div class="page\_collapsible" id="wcfm\_settings\_form\_policies\_head">
67
67
<label class="wcfmfa fa-ambulance"></label>
68
<?php echo apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Policies', 'wc-frontend-manager'); ?><span></span>
68
<?php echo esc\_attr( apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Policies', 'wc-frontend-manager') ); ?><span></span>
69
69
</div>
70
70
<div class="wcfm-container">
71
71
<div id="wcfm\_settings\_form\_policies\_expander" class="wcfm-content">
72
<h2><?php echo apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Store Policies Setting', 'wc-frontend-manager'); ?></h2>
72
<h2><?php echo esc\_attr( apply\_filters( 'wcfm\_sold\_by\_label', '', \_\_( 'Store', 'wc-frontend-manager' ) ) . ' ' . \_\_('Store Policies Setting', 'wc-frontend-manager') ); ?></h2>
73
73
<?php wcfm\_video\_tutorial( 'https://wclovers.com/knowledgebase/wcfm-store-policies/' ); ?>
74
74
<div class="wcfm\_clearfix"></div>
…
…
109
109
110
110
if( isset( $\_POST\['shipping\_policy'\] ) ) {
111
$wcfm\_policy\_options\['shipping\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
111
$wcfm\_policy\_options\['shipping\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
112
112
}
113
113
114
114
if( isset( $\_POST\['refund\_policy'\] ) ) {
115
$wcfm\_policy\_options\['refund\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
115
$wcfm\_policy\_options\['refund\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
116
116
}
117
117
118
118
if( isset( $\_POST\['cancellation\_policy'\] ) ) {
119
$wcfm\_policy\_options\['cancellation\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
119
$wcfm\_policy\_options\['cancellation\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
120
120
}
121
121
…
…
226
226
227
227
if( isset( $\_POST\['shipping\_policy'\] ) ) {
228
$wcfm\_policy\_vendor\_options\['shipping\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
228
$wcfm\_policy\_vendor\_options\['shipping\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
229
229
if( $is\_marketplace && ( $is\_marketplace == 'dokan' ) ) {
230
230
update\_user\_meta( $vendor\_id, '\_dps\_ship\_policy', $wcfm\_policy\_vendor\_options\['shipping\_policy'\] );
…
…
233
233
234
234
if( isset( $\_POST\['refund\_policy'\] ) ) {
235
$wcfm\_policy\_vendor\_options\['refund\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
235
$wcfm\_policy\_vendor\_options\['refund\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
236
236
if( $is\_marketplace && ( $is\_marketplace == 'dokan' ) ) {
237
237
update\_user\_meta( $vendor\_id, '\_dps\_refund\_policy', $wcfm\_policy\_vendor\_options\['refund\_policy'\] );
…
…
240
240
241
241
if( isset( $\_POST\['cancellation\_policy'\] ) ) {
242
$wcfm\_policy\_vendor\_options\['cancellation\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
242
$wcfm\_policy\_vendor\_options\['cancellation\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $\_POST\['cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
243
243
}
244
244
…
…
373
373
374
374
if( isset( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\] ) && !empty( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\] ) ) {
375
$wcfm\_policy\_product\_options\['shipping\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
375
$wcfm\_policy\_product\_options\['shipping\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
376
376
if( $is\_marketplace && ($is\_marketplace == 'wcmarketplace') ) {
377
377
update\_post\_meta( $new\_product\_id, '\_wcmp\_shipping\_policy', $wcfm\_products\_manage\_form\_data\['wcfm\_shipping\_policy'\] );
…
…
379
379
}
380
380
if( isset( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\] ) && !empty( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\] ) ) {
381
$wcfm\_policy\_product\_options\['refund\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
381
$wcfm\_policy\_product\_options\['refund\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
382
382
if( $is\_marketplace && ($is\_marketplace == 'wcmarketplace') ) {
383
383
update\_post\_meta( $new\_product\_id, '\_wcmp\_refund\_policy', $wcfm\_products\_manage\_form\_data\['wcfm\_refund\_policy'\] );
…
…
385
385
}
386
386
if( isset( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\] ) && !empty( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\] ) ) {
387
$wcfm\_policy\_product\_options\['cancellation\_policy'\] = sanitize\_option( 'wcfm\_editor\_content', apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
387
$wcfm\_policy\_product\_options\['cancellation\_policy'\] = wp\_filter\_post\_kses( apply\_filters( 'wcfm\_editor\_content\_before\_save', stripslashes( html\_entity\_decode( $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\], ENT\_QUOTES, 'UTF-8' ) ) ) );
388
388
if( $is\_marketplace && ($is\_marketplace == 'wcmarketplace') ) {
389
389
update\_post\_meta( $new\_product\_id, '\_wcmp\_cancellation\_policy', $wcfm\_products\_manage\_form\_data\['wcfm\_cancellation\_policy'\] );
…
…
603
603
<div class="wcfm-shipping-policies">
604
604
<h2 class="wcfm\_policies\_heading"><?php echo apply\_filters('wcfm\_shipping\_policies\_heading', \_\_('Shipping Policy', 'wc-frontend-manager')); ?></h2>
605
<div class="wcfm\_policies\_description" ><?php echo $shipping\_policy; ?></div>
605
<div class="wcfm\_policies\_description" ><?php echo wp\_kses\_post($shipping\_policy); ?></div>
606
606
</div>
607
607
<?php } if( !wcfm\_empty( $refund\_policy ) ) { ?>
608
608
<div class="wcfm-refund-policies">
609
609
<h2 class="wcfm\_policies\_heading"><?php echo apply\_filters('wcfm\_refund\_policies\_heading', \_\_('Refund Policy', 'wc-frontend-manager')); ?></h2>
610
<div class="wcfm\_policies\_description" ><?php echo $refund\_policy; ?></div>
610
<div class="wcfm\_policies\_description" ><?php echo wp\_kses\_post($refund\_policy); ?></div>
611
611
</div>
612
612
<?php } if( !wcfm\_empty( $cancellation\_policy ) ) { ?>
613
613
<div class="wcfm-cancellation-policies">
614
614
<h2 class="wcfm\_policies\_heading"><?php echo apply\_filters('wcfm\_cancellation\_policies\_heading', \_\_('Cancellation / Return / Exchange Policy', 'wc-frontend-manager')); ?></h2>
615
<div class="wcfm\_policies\_description" ><?php echo $cancellation\_policy; ?></div>
615
<div class="wcfm\_policies\_description" ><?php echo wp\_kses\_post($cancellation\_policy); ?></div>
616
616
</div>
617
617
<?php } ?>
wc-frontend-manager/trunk/core/class-wcfm-query.php
r2102784
r2630745
305
305
foreach ( $this->query\_vars as $key => $var ) {
306
306
if ( isset( $\_GET\[ $var \] ) ) {
307
$wp->query\_vars\[ $key \] = $\_GET\[ $var \];
307
$wp->query\_vars\[ $key \] = wc\_clean( $\_GET\[ $var \] );
308
308
}
309
309
wc-frontend-manager/trunk/core/class-wcfm-vendor-support.php
r2629284
r2630745
460
460
?>
461
461
<!-- collapsible 11.5 - WCFM Vendor Association -->
462
<div class="page\_collapsible products\_manage\_vendor\_association simple variable grouped external booking <?php echo $wcfm\_wpml\_edit\_disable\_element; ?>" id="wcfm\_products\_manage\_form\_vendor\_association\_head"><label class="wcfmfa fa-user-alt fa-user-alt"></label><?php echo apply\_filters( 'wcfm\_sold\_by\_label', $wcfm\_associate\_vendor, \_\_( 'Store', 'wc-frontend-manager' ) ); ?><span></span></div>
462
<div class="page\_collapsible products\_manage\_vendor\_association simple variable grouped external booking <?php echo esc\_attr($wcfm\_wpml\_edit\_disable\_element); ?>" id="wcfm\_products\_manage\_form\_vendor\_association\_head"><label class="wcfmfa fa-user-alt fa-user-alt"></label><?php echo esc\_attr(apply\_filters( 'wcfm\_sold\_by\_label', $wcfm\_associate\_vendor, \_\_( 'Store', 'wc-frontend-manager' ) )); ?><span></span></div>
463
463
<div class="wcfm-container simple variable external grouped booking">
464
464
<div id="wcfm\_products\_manage\_form\_vendor\_association\_expander" class="wcfm-content">
wc-frontend-manager/trunk/core/class-wcfm-wcbookings.php
r2370721
r2630745
344
344
?>
345
345
<!-- collapsible Booking 1 -->
346
<div class="page\_collapsible products\_manage\_wcbokings\_general <?php echo $wcfm\_pm\_block\_class\_wcbokings\_general; ?>" id="wcfm\_products\_manage\_form\_booking\_options\_head"><label class="wcfmfa fa-calendar"></label><?php \_e('Booking Options', 'wc-frontend-manager'); ?><span></span></div>
347
<div class="wcfm-container <?php echo $wcfm\_pm\_block\_class\_wcbokings\_general; ?>">
346
<div class="page\_collapsible products\_manage\_wcbokings\_general <?php echo esc\_attr($wcfm\_pm\_block\_class\_wcbokings\_general); ?>" id="wcfm\_products\_manage\_form\_booking\_options\_head"><label class="wcfmfa fa-calendar"></label><?php \_e('Booking Options', 'wc-frontend-manager'); ?><span></span></div>
347
<div class="wcfm-container <?php echo esc\_attr($wcfm\_pm\_block\_class\_wcbokings\_general); ?>">
348
348
<div id="wcfm\_products\_manage\_form\_booking\_options\_expander" class="wcfm-content">
349
349
<?php
wc-frontend-manager/trunk/core/class-wcfm-wcfmmarketplace.php
r2629284
r2630745
751
751
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_subtotal', $order\_id, $this->vendor\_id ); ?>
752
752
<tr>
753
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Subtotal', 'wc-frontend-manager' ); ?>:</th>
754
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
753
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Subtotal', 'wc-frontend-manager' ); ?>:</th>
754
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
755
755
<div class="view">
756
756
<?php
…
…
803
803
?>
804
804
<tr>
805
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php echo $tax\_breakup\['label'\]; ?>:</th>
806
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
805
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php echo esc\_html($tax\_breakup\['label'\]); ?>:</th>
806
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
807
807
<div class="view">
808
808
<?php
…
…
828
828
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_tax', $order\_id, $this->vendor\_id ); ?>
829
829
<tr>
830
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>">
831
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo \_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
832
<?php \_e( 'Tax', 'wc-frontend-manager' ); ?>:
830
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>">
831
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo esc\_html\_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
832
<?php esc\_html\_e( 'Tax', 'wc-frontend-manager' ); ?>:
833
833
</th>
834
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
834
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
835
835
<div class="view">
836
836
<?php
…
…
853
853
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_shipping', $order\_id, $this->vendor\_id ); ?>
854
854
<tr>
855
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Shipping', 'wc-frontend-manager' ); ?>:</th>
856
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
855
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Shipping', 'wc-frontend-manager' ); ?>:</th>
856
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
857
857
<div class="view">
858
858
<?php
…
…
903
903
?>
904
904
<tr>
905
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php echo \_\_( 'Shipping Tax', 'wc-frontend-manager' ) . ' ' . $tax\_breakup\['label'\]; ?>:</th>
906
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
905
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php echo esc\_html\_\_( 'Shipping Tax', 'wc-frontend-manager' ) . ' ' . $tax\_breakup\['label'\]; ?>:</th>
906
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
907
907
<div class="view">
908
908
<?php
…
…
922
922
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_shipping\_tax', $order\_id, $this->vendor\_id ); ?>
923
923
<tr>
924
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>">
925
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo \_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
926
<?php \_e( 'Shipping Tax', 'wc-frontend-manager' ); ?>:
924
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>">
925
<?php if( apply\_filters( 'wcfm\_is\_allow\_vendor\_order\_details\_tax\_breakup', false ) ) { echo esc\_html\_\_( 'Total', 'wc-frontend-manager' ) . ' '; } ?>
926
<?php esc\_html\_e( 'Shipping Tax', 'wc-frontend-manager' ); ?>:
927
927
</th>
928
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
928
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
929
929
<div class="view">
930
930
<?php
…
…
947
947
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_refund', $order\_id, $this->vendor\_id ); ?>
948
948
<tr>
949
<th class="label refunded-total" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Refunded', 'wc-frontend-manager' ); ?>:</th>
950
<td class="total refunded-total" style="text-align:center; <?php echo $td\_style; ?>">-<?php echo wc\_price( $refund\_total, array( 'currency' => $order\_currency ) ); ?></td>
949
<th class="label refunded-total" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Refunded', 'wc-frontend-manager' ); ?>:</th>
950
<td class="total refunded-total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">-<?php echo wc\_price( $refund\_total, array( 'currency' => $order\_currency ) ); ?></td>
951
951
</tr>
952
952
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_refund', $order\_id, $this->vendor\_id ); ?>
…
…
956
956
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_discount', $order\_id, $this->vendor\_id ); ?>
957
957
<tr>
958
<th class="label discount-total" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Discount', 'wc-frontend-manager' ); ?>:</th>
959
<td class="total discount-total" style="text-align:center; <?php echo $td\_style; ?>"><?php echo wc\_price( $discount\_total, array( 'currency' => $order\_currency ) ); ?></td>
958
<th class="label discount-total" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Discount', 'wc-frontend-manager' ); ?>:</th>
959
<td class="total discount-total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>"><?php echo wc\_price( $discount\_total, array( 'currency' => $order\_currency ) ); ?></td>
960
960
</tr>
961
961
<?php do\_action( 'wcfm\_vendor\_order\_details\_after\_discount', $order\_id, $this->vendor\_id ); ?>
…
…
965
965
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_total', $order\_id, $this->vendor\_id ); ?>
966
966
<tr class="total\_cost">
967
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Total', 'wc-frontend-manager' ); ?>:</th>
968
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
967
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Total', 'wc-frontend-manager' ); ?>:</th>
968
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
969
969
<div class="view">
970
970
<?php
…
…
990
990
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_earning', $order\_id, $this->vendor\_id ); ?>
991
991
<tr>
992
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
993
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
992
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
993
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
994
994
<div class="view">
995
995
<?php
…
…
1006
1006
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_affiliate\_commission', $order\_id, $this->vendor\_id ); ?>
1007
1007
<tr>
1008
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1009
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1008
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1009
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1010
1010
<div class="view">
1011
1011
<?php
…
…
1022
1022
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_commission\_tax', $order\_id, $this->vendor\_id ); ?>
1023
1023
<tr>
1024
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php echo $commission\_rule\['tax\_name'\] . ' ('. $commission\_rule\['tax\_percent'\] .'%)'; ?>:</th>
1025
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1024
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php echo esc\_html($commission\_rule\['tax\_name'\]) . ' ('. $commission\_rule\['tax\_percent'\] .'%)'; ?>:</th>
1025
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1026
1026
<div class="view">
1027
1027
<?php
…
…
1039
1039
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_earning', $order\_id, $this->vendor\_id ); ?>
1040
1040
<tr>
1041
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1042
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1041
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1042
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1043
1043
<div class="view">
1044
1044
<?php
…
…
1052
1052
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_affiliate\_commission', $order\_id, $this->vendor\_id ); ?>
1053
1053
<tr>
1054
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1055
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1054
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Affiliate Commission', 'wc-frontend-manager' ); ?>:</th>
1055
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1056
1056
<div class="view">
1057
1057
<?php
…
…
1076
1076
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_gross\_earning', $order\_id, $this->vendor\_id ); ?>
1077
1077
<tr>
1078
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1079
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1078
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Gross Earning', 'wc-frontend-manager' ); ?>:</th>
1079
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1080
1080
<div class="view">
1081
1081
<?php
…
…
1091
1091
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_transaction\_charge', $order\_id, $this->vendor\_id ); ?>
1092
1092
<tr>
1093
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Transaction Charge', 'wc-frontend-manager' ); ?>:</th>
1094
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1093
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Transaction Charge', 'wc-frontend-manager' ); ?>:</th>
1094
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1095
1095
<div class="view">
1096
1096
<?php
…
…
1108
1108
<?php do\_action( 'wcfm\_vendor\_order\_details\_before\_total\_earning', $order\_id, $this->vendor\_id ); ?>
1109
1109
<tr>
1110
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Total Earning', 'wc-frontend-manager' ); ?>:</th>
1111
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1110
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Total Earning', 'wc-frontend-manager' ); ?>:</th>
1111
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1112
1112
<div class="view">
1113
1113
<?php
…
…
1128
1128
?>
1129
1129
<tr>
1130
<th class="label" colspan="2" style="text-align:right; <?php echo $td\_style; ?>"><?php \_e( 'Admin Fee', 'wc-frontend-manager' ); ?>:</th>
1131
<td class="total" style="text-align:center; <?php echo $td\_style; ?>">
1130
<th class="label" colspan="2" style="text-align:right; <?php echo esc\_attr($td\_style); ?>"><?php esc\_html\_e( 'Admin Fee', 'wc-frontend-manager' ); ?>:</th>
1131
<td class="total" style="text-align:center; <?php echo esc\_attr($td\_style); ?>">
1132
1132
<div class="view">
1133
1133
<?php
wc-frontend-manager/trunk/core/class-wcfm-wcmarketplace.php
r2629284
r2630745
827
827
foreach( $wcmp\_knowledgebases as $wcmp\_knowledgebase ) {
828
828
?>
829
<div class="page\_collapsible" id="wcfm\_knowledgebase\_listing\_head-<?php echo $wcmp\_knowledgebase->ID; ?>">
829
<div class="page\_collapsible" id="wcfm\_knowledgebase\_listing\_head-<?php echo esc\_attr($wcmp\_knowledgebase->ID); ?>">
830
830
<label class="wcfmfa fa-bookmark"></label>
831
<?php echo $wcmp\_knowledgebase->post\_title; ?><span></span>
831
<?php echo wp\_kses\_post($wcmp\_knowledgebase->post\_title); ?><span></span>
832
832
</div>
833
833
<div class="wcfm-container">
834
<div id="wcfm\_knowledgebase\_listing\_expander-<?php echo $wcmp\_knowledgebase->ID; ?>" class="wcfm\_knowledgebase wcfm-content">
835
<?php echo $wcmp\_knowledgebase->post\_content; ?>
834
<div id="wcfm\_knowledgebase\_listing\_expander-<?php echo esc\_attr($wcmp\_knowledgebase->ID); ?>" class="wcfm\_knowledgebase wcfm-content">
835
<?php echo wp\_kses\_post($wcmp\_knowledgebase->post\_content); ?>
836
836
</div>
837
837
</div>
…
…
851
851
function wcmarketplace\_auto\_suggesion\_product() {
852
852
global $WCFM, $WCMp, $wpdb;
853
854
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
855
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
856
wp\_die();
857
}
858
853
859
$searchstr = $\_POST\['protitle'\];
854
860
$querystr = "select DISTINCT post\_title, ID from {$wpdb->prefix}posts where post\_title like '{$searchstr}%' and post\_status = 'publish' and post\_type = 'product' GROUP BY post\_title order by post\_title LIMIT 0,10";
…
…
857
863
echo "<ul>";
858
864
foreach ($results as $result) {
859
echo '<li data-element="' . $result->ID . '"><a class="wcfm\_product\_multi\_seller\_associate" href="#" data-proid="' . $result->ID . '">' . $result->post\_title . '</a></li>';
865
echo '<li data-element="' . esc\_attr($result->ID) . '"><a class="wcfm\_product\_multi\_seller\_associate" href="#" data-proid="' . esc\_attr($result->ID) . '">' . wp\_kses\_post($result->post\_title) . '</a></li>';
860
866
}
861
867
echo "</ul>";
…
…
869
875
public function wcfm\_product\_multi\_seller\_associate() {
870
876
global $WCFM, $WCFMu, $\_POST;
877
878
if ( !current\_user\_can( 'manage\_woocommerce' ) && !current\_user\_can( 'wcfm\_vendor' ) && !current\_user\_can( 'seller' ) && !current\_user\_can( 'vendor' ) && !current\_user\_can( 'shop\_staff' ) ) {
879
wp\_send\_json\_error( esc\_html\_\_( 'You don’t have permission to do this.', 'woocommerce' ) );
880
wp\_die();
881
}
871
882
872
883
if( !class\_exists( 'WC\_Admin\_Duplicate\_Product' ) ) {
wc-frontend-manager/trunk/core/class-wcfm-wcvendors.php
r2629284
r2630745
194
194
global $WCFM;
195
195
196
echo '<a href="' . get\_wcfm\_page() . '"><img class="text\_tip" data-tip="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
196
echo '<a href="' . esc\_url(get\_wcfm\_page()) . '"><img class="text\_tip" data-tip="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" id="wcfm\_home" src="' . esc\_url($WCFM->plugin\_url) . '/assets/images/wcfm-30x30.png" alt="' . \_\_( 'WCFM Home', 'wc-frontend-manager' ) . '" /></a>';
197
197
}
198
198
wc-frontend-manager/trunk/core/class-wcfm.php
r2629284
r2630745
483
483
$is\_export = false;
484
484
$is\_import = false;
485
if( isset($\_GET\['page'\]) && ( $\_GET\['page'\] == 'product\_exporter' ) ) { $is\_export = true; }
486
if( isset($\_GET\['page'\]) && ( $\_GET\['page'\] == 'product\_importer' ) ) { $is\_import = true; }
487
if( isset($\_GET\['page'\]) && ( $\_GET\['page'\] == 'store-setup' ) ) { $is\_setup = true; }
485
if( isset($\_GET\['page'\]) && ( wc\_clean($\_GET\['page'\]) == 'product\_exporter' ) ) { $is\_export = true; }
486
if( isset($\_GET\['page'\]) && ( wc\_clean($\_GET\['page'\]) == 'product\_importer' ) ) { $is\_import = true; }
487
if( isset($\_GET\['page'\]) && ( wc\_clean($\_GET\['page'\]) == 'store-setup' ) ) { $is\_setup = true; }
488
488
489
489
if( ( 'yes' == $wcfm\_vnd\_wpadmin ) && !$is\_export && !$is\_import && !$is\_setup ) {
wc-frontend-manager/trunk/helpers/wcfm-core-functions.php
r2611994
r2630745
1992
1992
?>
1993
1993
<p class="wcfm\_tutorials\_wrapper">
1994
<a class="wcfm\_tutorials" href="<?php echo $video\_url; ?>">
1994
<a class="wcfm\_tutorials" href="<?php echo esc\_url($video\_url); ?>">
1995
1995
<span class="wcfm\_tutorials\_icon wcfmfa fa-video"></span>
1996
1996
<span class='wcfm\_tutorials\_label'><?php \_e( 'Tutorial', 'wc-frontend-manager' ); ?></span>
…
…
2291
2291
if( !is\_admin() ) {
2292
2292
if( isset( $\_SESSION\['wcfm\_my\_locale'\] ) && !empty( $\_SESSION\['wcfm\_my\_locale'\] ) ) {
2293
$locale = $\_SESSION\['wcfm\_my\_locale'\];
2293
$locale = wc\_clean($\_SESSION\['wcfm\_my\_locale'\]);
2294
2294
}
2295
2295
}
wc-frontend-manager/trunk/includes/libs/php/class-wcfm-fields.php
r2370721
r2630745
768
768
$placeholder = apply\_filters( 'wcfm\_default\_placeholder\_image', $WCFM->plugin\_url . 'includes/libs/upload/images/Placeholder.png' );
769
769
if( !$img\_src ) $img\_src = $placeholder;
770
$mimeProp = '<img id="'.esc\_attr($field\['id'\]).'\_display" data-placeholder="'.$placeholder.'" src="'.esc\_attr( $img\_src ).'" width="'.absint( $field\['prwidth'\] ).'" class="'.$placeHolder.'" />';
770
$mimeProp = '<img id="'.esc\_attr($field\['id'\]).'\_display" data-placeholder="'.$placeholder.'" src="'.esc\_url( $img\_src ).'" width="'.absint( $field\['prwidth'\] ).'" class="'.$placeHolder.'" />';
771
771
} else {
772
772
if($field\['value'\])
wc-frontend-manager/trunk/includes/shortcodes/class-wcfm-shortcode-enquiry.php
r2240772
r2630745
96
96
<div class="wcfm\_ele\_wrapper wcfm\_enquiry\_widget">
97
97
<div class="wcfm-clearfix"></div>
98
<a href="#" class="wcfm\_catalog\_enquiry <?php echo $button\_class; ?>" data-store="<?php echo $vendor\_id; ?>" data-product="<?php echo $product\_id; ?>" style="<?php echo $button\_style; ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $ask\_question\_label, 'wc-frontend-manager' ); ?></span></a>
98
<a href="#" class="wcfm\_catalog\_enquiry <?php echo esc\_attr($button\_class); ?>" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="<?php echo esc\_attr($product\_id); ?>" style="<?php echo esc\_attr($button\_style); ?>"><span class="wcfmfa fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $ask\_question\_label, 'wc-frontend-manager' ); ?></span></a>
99
99
<?php if( $hover\_color ) { ?>
100
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo $hover\_color; ?> !important;background-color: <?php echo $hover\_color; ?> !important;border-bottom-color: <?php echo $hover\_color; ?> !important;color: <?php echo $hover\_text\_color; ?> !important;}</style>
100
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo esc\_attr($hover\_color); ?> !important;background-color: <?php echo esc\_attr($hover\_color); ?> !important;border-bottom-color: <?php echo esc\_attr($hover\_color); ?> !important;color: <?php echo esc\_attr($hover\_text\_color); ?> !important;}</style>
101
101
<?php } ?>
102
102
<div class="wcfm-clearfix"></div><br />
wc-frontend-manager/trunk/includes/shortcodes/class-wcfm-shortcode-follow.php
r2240772
r2630745
86
86
<div class="wcfm\_ele\_wrapper wcfm\_follow\_widget">
87
87
<div class="wcfm-clearfix"></div>
88
<a href="#" class="wcfm\_follow\_me" data-count="<?php echo $followers; ?>" data-vendor\_id="<?php echo $vendor\_id; ?>" data-user\_id="<?php echo $user\_id; ?>" style="<?php echo $button\_style; ?>"><span class="wcfmfa fa-child"></span> <span class="add\_enquiry\_label wcfm\_follow\_me\_lable"><?php echo $follow\_button\_label; ?></span></a>
88
<a href="#" class="wcfm\_follow\_me" data-count="<?php echo $followers; ?>" data-vendor\_id="<?php echo esc\_attr($vendor\_id); ?>" data-user\_id="<?php echo esc\_attr($user\_id); ?>" style="<?php echo esc\_attr($button\_style); ?>"><span class="wcfmfa fa-child"></span> <span class="add\_enquiry\_label wcfm\_follow\_me\_lable"><?php echo esc\_html($follow\_button\_label); ?></span></a>
89
89
<?php if( $base\_color ) { ?>
90
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo $base\_color; ?> !important;border-bottom-color: <?php echo $base\_color; ?> !important;}</style>
90
<style>a.wcfm\_catalog\_enquiry:hover{background: <?php echo esc\_attr($base\_color); ?> !important;border-bottom-color: <?php echo esc\_attr($base\_color); ?> !important;}</style>
91
91
<?php } ?>
92
92
<div class="wcfm-clearfix"></div><br />
wc-frontend-manager/trunk/includes/shortcodes/class-wcfm-shortcode-notification.php
r2040425
r2630745
49
49
<div class="wcfm\_sc\_notifications">
50
50
<?php if( $message && apply\_filters( 'wcfm\_is\_pref\_direct\_message', true ) && apply\_filters( 'wcfm\_is\_allow\_notifications', true ) && apply\_filters( 'wcfm\_is\_allow\_sc\_notifications', true ) ) { ?>
51
<a href="<?php echo get\_wcfm\_messages\_url( ); ?>" class="wcfmfa fa-bell text\_tip" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count message\_count"><?php echo $unread\_message; ?></span></a>
51
<a href="<?php echo esc\_url(get\_wcfm\_messages\_url( )); ?>" class="wcfmfa fa-bell text\_tip" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count message\_count"><?php echo esc\_attr($unread\_message); ?></span></a>
52
52
<?php } ?>
53
53
54
54
<?php if( $enquiry && apply\_filters( 'wcfm\_is\_pref\_enquiry', true ) && apply\_filters( 'wcfm\_is\_allow\_enquiry', true ) && apply\_filters( 'wcfm\_is\_allow\_sc\_enquiry\_notifications', true ) ) { ?>
55
<a href="<?php echo get\_wcfm\_enquiry\_url(); ?>" class="wcfmfa fa-question-circle text\_tip" data-tip="<?php \_e( 'Enquiry Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count enquiry\_count"><?php echo $unread\_enquiry; ?></span></a>
55
<a href="<?php echo esc\_url(get\_wcfm\_enquiry\_url()); ?>" class="wcfmfa fa-question-circle text\_tip" data-tip="<?php \_e( 'Enquiry Board', 'wc-frontend-manager' ); ?>"><span class="unread\_notification\_count enquiry\_count"><?php echo esc\_attr($unread\_enquiry); ?></span></a>
56
56
<?php } ?>
57
57
58
58
<?php if( $notice && apply\_filters( 'wcfm\_is\_pref\_notice', true ) && apply\_filters( 'wcfm\_is\_allow\_notice', true ) && apply\_filters( 'wcfm\_is\_allow\_sc\_notice\_notifications', true ) ) { ?>
59
<a href="<?php echo get\_wcfm\_notices\_url( ); ?>" class="wcfmfa fa-bullhorn text\_tip" data-tip="<?php \_e( 'Notice Board', 'wc-frontend-manager' ); ?>"><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo $unread\_notice; ?></span><?php } ?></a>
59
<a href="<?php echo esc\_url(get\_wcfm\_notices\_url( )); ?>" class="wcfmfa fa-bullhorn text\_tip" data-tip="<?php \_e( 'Notice Board', 'wc-frontend-manager' ); ?>"><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo esc\_attr($unread\_notice); ?></span><?php } ?></a>
60
60
<?php } ?>
61
61
</div>
wc-frontend-manager/trunk/templates/classic/header.php
r2256162
r2630745
24
24
<div class="wcfm-site-name">
25
25
<?php do\_action( 'wcfm\_dasboard\_header\_before' ); ?>
26
<a class="wcfm\_header\_site\_name" href="<?php echo $blog\_link; ?>"><?php echo $blog\_title; ?></a>
26
<a class="wcfm\_header\_site\_name" href="<?php echo esc\_url($blog\_link); ?>"><?php echo wp\_kses\_post($blog\_title); ?></a>
27
27
<?php do\_action( 'wcfm\_dasboard\_header\_after' ); ?>
28
28
</div>
wc-frontend-manager/trunk/templates/default/header.php
r2246149
r2630745
24
24
<div class="wcfm-site-name">
25
25
<?php do\_action( 'wcfm\_dasboard\_header\_before' ); ?>
26
<a href="<?php echo $blog\_link; ?>"><?php echo $blog\_title; ?></a>
26
<a href="<?php echo esc\_url($blog\_link); ?>"><?php echo wp\_kses\_post($blog\_title); ?></a>
27
27
<?php do\_action( 'wcfm\_dasboard\_header\_after' ); ?>
28
28
</div>
wc-frontend-manager/trunk/views/articles/wcfm-view-articles.php
r2350934
r2630745
48
48
else echo " | ";
49
49
?>
50
<a class="<?php echo ( $wcfmu\_articles\_menu\_key == $article\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_articles\_url( $wcfmu\_articles\_menu\_key ); ?>"><?php echo $wcfmu\_articles\_menu . ' ('. $count\_articles\[$wcfmu\_articles\_menu\_key\] .')'; ?></a>
50
<a class="<?php echo ( $wcfmu\_articles\_menu\_key == $article\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_articles\_url( $wcfmu\_articles\_menu\_key ); ?>"><?php echo esc\_html($wcfmu\_articles\_menu . ' ('. $count\_articles\[$wcfmu\_articles\_menu\_key\] .')' ); ?></a>
51
51
</li>
52
52
<?php
wc-frontend-manager/trunk/views/customers/wcfm-view-customers-details.php
r2370721
r2630745
126
126
</div>
127
127
<div class="wcfm-clearfix"></div><br />
128
<input type="hidden" name="wcfm\_customer\_id" value="<?php echo $customer\_id; ?>" />
128
<input type="hidden" name="wcfm\_customer\_id" value="<?php echo esc\_attr($customer\_id); ?>" />
129
129
130
130
<?php do\_action( 'begin\_wcfm\_customers\_details' ); ?>
wc-frontend-manager/trunk/views/customers/wcfm-view-customers-manage.php
r2225945
r2630745
259
259
</form>
260
260
<script type="text/javascript">
261
var selected\_bstate = '<?php echo $bstate; ?>';
262
var input\_selected\_bstate = '<?php echo $bstate; ?>';
263
var selected\_sstate = '<?php echo $sstate; ?>';
264
var input\_selected\_sstate = '<?php echo $sstate; ?>';
261
var selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
262
var input\_selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
263
var selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
264
var input\_selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
265
265
</script>
266
266
</div>
wc-frontend-manager/trunk/views/dashboard/wcfm-view-dashboard-welcome-box.php
r2629284
r2630745
76
76
<div class="vrgt wcfm\_welcomebox\_user\_right">
77
77
<?php if( apply\_filters( 'wcfm\_is\_allow\_manage\_products', true ) ) { ?>
78
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-cube img\_tip" data-tip="<?php \_e( 'Product Limit Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo $WCFM->wcfm\_vendor\_support->wcfm\_vendor\_product\_limit\_stat( $user\_id ); ?></mark></span></div>
78
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-cube img\_tip" data-tip="<?php \_e( 'Product Limit Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo wp\_kses\_post($WCFM->wcfm\_vendor\_support->wcfm\_vendor\_product\_limit\_stat( $user\_id ) ); ?></mark></span></div>
79
79
<?php } ?>
80
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-hdd img\_tip" data-tip="<?php \_e('Disk Space Usage Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo $WCFM->wcfm\_vendor\_support->wcfm\_vendor\_space\_limit\_stat( $user\_id ); ?></mark></span></div>
80
<div class="wcfm\_welcomebox\_user\_right\_box"><span class="wcfmfa fa-hdd img\_tip" data-tip="<?php \_e('Disk Space Usage Stats', 'wc-frontend-manager' ); ?>"></span><span><mark><?php echo wp\_kses\_post($WCFM->wcfm\_vendor\_support->wcfm\_vendor\_space\_limit\_stat( $user\_id ) ); ?></mark></span></div>
81
81
</div>
82
82
<?php } ?>
wc-frontend-manager/trunk/views/enquiry/wcfm-view-enquiry-form.php
r2261324
r2630745
41
41
<div id="enquiry\_form\_wrapper">
42
42
<div id="enquiry\_form" class="wcfm\_popup\_wrapper">
43
<div style="margin-bottom: 15px;"><h2 style="float: none;"><?php echo $wcfm\_enquiry\_form\_heading; ?></h2></div>
43
<div style="margin-bottom: 15px;"><h2 style="float: none;"><?php echo wp\_kses\_post($wcfm\_enquiry\_form\_heading); ?></h2></div>
44
44
45
45
<form action="" method="post" id="wcfm\_enquiry\_form" class="enquiry-form" novalidate="">
…
…
213
213
<p class="form-submit">
214
214
<input name="submit" type="submit" id="wcfm\_enquiry\_submit\_button" class="submit wcfm\_popup\_button" value="<?php \_e( 'Submit', 'wc-frontend-manager' ); ?>">
215
<input type="hidden" name="product\_id" value="<?php echo $product\_id; ?>" id="enquiry\_product\_id">
216
<input type="hidden" name="vendor\_id" value="<?php echo $vendor\_id; ?>" id="enquiry\_vendor\_id">
215
<input type="hidden" name="product\_id" value="<?php echo esc\_attr($product\_id); ?>" id="enquiry\_product\_id">
216
<input type="hidden" name="vendor\_id" value="<?php echo esc\_attr($vendor\_id); ?>" id="enquiry\_vendor\_id">
217
217
</p>
218
218
<input type="hidden" name="wcfm\_nonce" value="<?php echo wp\_create\_nonce( 'wcfm\_enquiry' ); ?>" />
wc-frontend-manager/trunk/views/enquiry/wcfm-view-enquiry-manage.php
r2629284
r2630745
106
106
<div id="enquiry\_manage\_general\_expander" class="wcfm-content">
107
107
<div class="inquiry\_content">
108
<?php echo $inquiry\_content; ?>
108
<?php echo wp\_kses\_post($inquiry\_content); ?>
109
109
<div class="wcfm\_clearfix"></div>
110
110
</div>
…
…
152
152
?>
153
153
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( $wcfm\_enquiry\_meta\_value->key, 'wc-frontend-manager'); ?></strong></p>
154
<span class="wcfm\_vendor\_store\_info"><?php echo $wcfm\_enquiry\_meta\_value->value; ?></span>
154
<span class="wcfm\_vendor\_store\_info"><?php echo wp\_kses\_post($wcfm\_enquiry\_meta\_value->value); ?></span>
155
155
<div class="wcfm\_clearfix"></div>
156
156
<?php
…
…
173
173
<?php } ?>
174
174
<?php if( apply\_filters( 'wcfm\_allow\_view\_customer\_email', true ) ) { ?>
175
<br /><?php echo $inquiry\_customer\_email; ?>
175
<br /><?php echo esc\_attr($inquiry\_customer\_email); ?>
176
176
<?php } ?>
177
177
</span>
…
…
197
197
<!-- collapsible -->
198
198
<div class="wcfm-container">
199
<div id="inquiry\_reply\_<?php echo $wcfm\_enquiry\_reply->ID; ?>" class="inquiry\_reply wcfm-content">
199
<div id="inquiry\_reply\_<?php echo esc\_attr($wcfm\_enquiry\_reply->ID); ?>" class="inquiry\_reply wcfm-content">
200
200
<div class="inquiry\_reply\_author">
201
201
<?php
…
…
227
227
$display\_name = $userdata->display\_name;
228
228
if( $first\_name ) {
229
echo $first\_name . ' ' . $last\_name;
229
echo esc\_html($first\_name . ' ' . $last\_name);
230
230
} else {
231
echo $display\_name;
231
echo esc\_html($display\_name);
232
232
}
233
233
}
…
…
237
237
</div>
238
238
<div class="inquiry\_reply\_content">
239
<?php echo $wcfm\_enquiry\_reply->reply; ?>
239
<?php echo wp\_kses\_post($wcfm\_enquiry\_reply->reply); ?>
240
240
241
241
<?php
wc-frontend-manager/trunk/views/enquiry/wcfm-view-enquiry-tab.php
r2160755
r2630745
43
43
<?php if( !apply\_filters( 'wcfm\_is\_pref\_enquiry\_button', true ) ) { ?>
44
44
<div class="wcfm-clearfix"></div>
45
<p><span class="add\_enquiry" data-store="<?php echo $vendor\_id; ?>" data-product="<?php echo $product\_id; ?>"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php \_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></span></p>
45
<p><span class="add\_enquiry" data-store="<?php echo esc\_attr($vendor\_id); ?>" data-product="<?php echo esc\_attr($product\_id); ?>"><span class="wcfmfa fa-question-circle fa-question-circle"></span> <span class="add\_enquiry\_label"><?php esc\_html\_e( $wcfm\_enquiry\_button\_label, 'wc-frontend-manager' ); ?></span></span></p>
46
46
<div class="wcfm-clearfix"></div>
47
47
<?php } ?>
…
…
55
55
foreach( $enquiries as $enquiry\_data ) {
56
56
?>
57
<li class="wcfm\_enquiry\_item comment byuser comment-author-vnd bypostauthor even thread-even depth-1" id="li-enquiry-<?php echo $enquiry\_data->ID; ?>">
58
<div id="enquiry-<?php echo $enquiry\_data->ID; ?>" class="wcfm\_enquiry\_container comment\_container">
57
<li class="wcfm\_enquiry\_item comment byuser comment-author-vnd bypostauthor even thread-even depth-1" id="li-enquiry-<?php echo esc\_attr($enquiry\_data->ID); ?>">
58
<div id="enquiry-<?php echo esc\_attr($enquiry\_data->ID); ?>" class="wcfm\_enquiry\_container comment\_container">
59
59
<div class="comment-text">
60
60
<div class="enquiry-by"><span style="width:60%"><span class="wcfmfa fa-clock"></span> <?php echo date\_i18n( wc\_date\_format(), strtotime( $enquiry\_data->posted ) ); ?></span></div>
61
61
<p class="meta">
62
<strong class="woocommerce-review\_\_author"><?php echo $enquiry\_data->enquiry; ?></strong>
62
<strong class="woocommerce-review\_\_author"><?php echo wp\_kses\_post($enquiry\_data->enquiry); ?></strong>
63
63
<?php if( apply\_filters( 'wcfm\_is\_allow\_enquery\_tab\_customer\_show', true ) ) { ?>
64
64
<span class="woocommerce-review\_\_dash">–</span>
wc-frontend-manager/trunk/views/enquiry/wcfm-view-my-account-enquiry-manage.php
r2629284
r2630745
81
81
<div id="inquiry\_manage\_general\_expander" class="wcfm-content">
82
82
<div class="inquiry\_content">
83
<?php echo $inquiry\_content; ?>
83
<?php echo wp\_kses\_post($inquiry\_content); ?>
84
84
<div class="wcfm\_clearfix"></div>
85
85
</div>
…
…
129
129
?>
130
130
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( $wcfm\_enquiry\_meta\_value->key, 'wc-frontend-manager'); ?></strong></p>
131
<span class="wcfm\_vendor\_store\_info"><?php echo $wcfm\_enquiry\_meta\_value->value; ?></span>
131
<span class="wcfm\_vendor\_store\_info"><?php echo wp\_kses\_post($wcfm\_enquiry\_meta\_value->value); ?></span>
132
132
<div class="wcfm\_clearfix"></div>
133
133
<?php
…
…
158
158
<!-- collapsible -->
159
159
<div class="wcfm-container">
160
<div id="inquiry\_reply\_<?php echo $wcfm\_inquiry\_reply->ID; ?>" class="inquiry\_reply wcfm-content">
160
<div id="inquiry\_reply\_<?php echo esc\_attr($wcfm\_inquiry\_reply->ID); ?>" class="inquiry\_reply wcfm-content">
161
161
<div class="inquiry\_reply\_author">
162
162
<?php
…
…
194
194
}
195
195
}
196
echo $author\_label;
196
echo esc\_html($author\_label);
197
197
} else {
198
198
\_e( 'Keymaster', 'wc-frontend-manager' );
…
…
202
202
</div>
203
203
<div class="inquiry\_reply\_content">
204
<?php echo $wcfm\_inquiry\_reply->reply; ?>
204
<?php echo wp\_kses\_post($wcfm\_inquiry\_reply->reply); ?>
205
205
206
206
<?php
wc-frontend-manager/trunk/views/enquiry/wcfm-view-my-account-enquiry.php
r2246149
r2630745
53
53
<tr class="woocommerce-enquiry-table\_\_row woocommerce-enquiry-table\_\_row--status-completed enquiry">
54
54
<td class="woocommerce-enquiry-table\_\_cell woocommerce-enquiry-table\_\_cell-enquiry-number" data-title="<?php \_e( 'Query', 'wc-frontend-manager' ); ?>">
55
<a href="<?php echo $myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID; ?>"><?php echo $wcfm\_enquiry->enquiry; ?></a>
55
<a href="<?php echo esc\_url($myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID); ?>"><?php echo $wcfm\_enquiry->enquiry; ?></a>
56
56
</td>
57
57
<td class="woocommerce-enquiry-table\_\_cell woocommerce-enquiry-table\_\_cell-enquiry-category" data-title="<?php \_e( 'Product', 'wc-frontend-manager' ); ?>">
…
…
73
73
$additional\_info = '–';
74
74
}
75
echo $additional\_info;
75
echo wp\_kses\_post($additional\_info);
76
76
?>
77
77
</td>
78
78
<?php } ?>
79
79
<td class="woocommerce-enquiry-table\_\_cell woocommerce-enquiry-table\_\_cell-enquiry-actions" data-title="<?php \_e( 'Actions', 'wc-frontend-manager' ); ?>">
80
<a href="<?php echo $myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID; ?>" class="woocommerce-button button view"><?php \_e( 'View', 'wc-frontend-manager' ); ?></a>
80
<a href="<?php echo esc\_url($myaccount\_page\_url . $wcfm\_myaccount\_view\_inquiry\_endpoint . '/' . $wcfm\_enquiry->ID); ?>" class="woocommerce-button button view"><?php \_e( 'View', 'wc-frontend-manager' ); ?></a>
81
81
</td>
82
82
</tr>
wc-frontend-manager/trunk/views/integrations/wcfm-view-epeken-products-manage.php
r2261324
r2630745
59
59
foreach($origins as $origin) {
60
60
?>
61
<option value=<?php echo $origin\["origin\_code"\]; ?> <?php if ($product\_origin === $origin\["origin\_code"\]) echo " selected";?>> <?php echo $origin\["kota\_kabupaten"\];?></option>
61
<option value=<?php echo esc\_attr($origin\["origin\_code"\]); ?> <?php if ($product\_origin === $origin\["origin\_code"\]) echo " selected";?>> <?php echo esc\_html($origin\["kota\_kabupaten"\]);?></option>
62
62
<?php
63
63
}
wc-frontend-manager/trunk/views/listings/wcfm-view-listings.php
r2160755
r2630745
63
63
else echo " | ";
64
64
?>
65
<a class="<?php echo ( $wcfm\_listings\_menus\_key == $listing\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_listings\_url( $wcfm\_listings\_menus\_key ); ?>"><?php echo $wcfm\_listings\_menu . ' ('. $count\_listings\[$wcfm\_listings\_menus\_key\] .')'; ?></a>
65
<a class="<?php echo ( $wcfm\_listings\_menus\_key == $listing\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_listings\_url( $wcfm\_listings\_menus\_key ); ?>"><?php echo esc\_html($wcfm\_listings\_menu . ' ('. $count\_listings\[$wcfm\_listings\_menus\_key\] .')'); ?></a>
66
66
</li>
67
67
<?php
wc-frontend-manager/trunk/views/messages/wcfm-view-messages.php
r2246149
r2630745
61
61
<option value='all'><?php esc\_html\_e( 'All', 'wc-frontend-manager' ); ?></option>
62
62
<?php foreach( $message\_types as $message\_type => $message\_type\_label ) { ?>
63
<option value='<?php echo $message\_type; ?>' <?php selected( $message\_type, $selected\_type, true ); ?>><?php echo $message\_type\_label; ?></option>
63
<option value='<?php echo esc\_attr($message\_type); ?>' <?php selected( $message\_type, $selected\_type, true ); ?>><?php echo esc\_html($message\_type\_label); ?></option>
64
64
<?php } ?>
65
65
</select>
wc-frontend-manager/trunk/views/notice/wcfm-view-notice-view.php
r2629284
r2630745
59
59
60
60
<div class="wcfm-container wcfm-top-element-container">
61
<h2><?php echo $topic\_title; ?></h2>
61
<h2><?php echo wp\_kses\_post($topic\_title); ?></h2>
62
62
63
63
<?php
64
64
echo '<a id="add\_new\_notice\_dashboard" class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.get\_wcfm\_notices\_url().'" data-tip="' . \_\_('Topics', 'wc-frontend-manager') . '"><span class="wcfmfa fa-bullhorn"></span><span class="text">' . \_\_( 'Topics', 'wc-frontend-manager') . '</span></a>';
65
65
if( current\_user\_can('administrator') ) {
66
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.get\_wcfm\_notice\_manage\_url($notice\_id).'" data-tip="' . \_\_('Edit Topic', 'wc-frontend-manager') . '"><span class="wcfmfa fa-edit"></span><span class="text">' . \_\_( 'Edit', 'wc-frontend-manager') . '</span></a>';
66
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.esc\_url(get\_wcfm\_notice\_manage\_url($notice\_id)).'" data-tip="' . \_\_('Edit Topic', 'wc-frontend-manager') . '"><span class="wcfmfa fa-edit"></span><span class="text">' . \_\_( 'Edit', 'wc-frontend-manager') . '</span></a>';
67
67
}
68
68
?>
…
…
76
76
<div class="wcfm-container">
77
77
<div id="notice\_manage\_general\_expander" class="wcfm-content">
78
<?php echo $topic\_content; ?>
78
<?php echo wp\_kses\_post($topic\_content); ?>
79
79
<div class="topic\_date"><span class="wcfmfa fa-clock"></span> <?php echo date\_i18n( wc\_date\_format() . ' ' . wc\_time\_format(), strtotime( $notice\_post->date\_created ) ); ?></div>
80
80
</div>
…
…
116
116
<!-- collapsible -->
117
117
<div class="wcfm-container">
118
<div id="topic\_reply\_<?php echo $wcfm\_notice\_reply->ID; ?>" class="topic\_reply wcfm-content">
118
<div id="topic\_reply\_<?php echo esc\_attr($wcfm\_notice\_reply->ID); ?>" class="topic\_reply wcfm-content">
119
119
<div class="topic\_reply\_author">
120
120
<?php
…
…
133
133
$display\_name = $userdata->display\_name;
134
134
if( $first\_name ) {
135
echo $first\_name . ' ' . $last\_name;
135
echo esc\_html($first\_name . ' ' . $last\_name);
136
136
} else {
137
echo $display\_name;
137
echo esc\_html($display\_name);
138
138
}
139
139
?>
…
…
141
141
</div>
142
142
<div class="topic\_reply\_content">
143
<?php echo $wcfm\_notice\_reply->post\_content; ?>
143
<?php echo wp\_kses\_post($wcfm\_notice\_reply->post\_content); ?>
144
144
</div>
145
145
</div>
wc-frontend-manager/trunk/views/products-manager/wcfm-view-customfield-products-manage.php
r2520718
r2630745
38
38
$exclude\_product\_type\_classes = "non-" . implode( " non-", $exclude\_product\_types );
39
39
?>
40
<div class="page\_collapsible products\_manage\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?> <?php echo $allowed\_product\_type\_classes; ?> <?php echo $exclude\_product\_type\_classes; ?>" id="wcfm\_products\_manage\_form\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?>\_head"><label class="wcfmfa fa-<?php echo ($wpcf\_icons\[$wpcf\_index\]) ? $wpcf\_icons\[$wpcf\_index\] : 'snowflake-o'; ?>"></label><?php echo wcfm\_removeslashes( \_\_( $wcfm\_product\_custom\_field\['block\_name'\], 'wc-frontend-manager') ); ?><span></span></div>
41
<div class="wcfm-container <?php echo $allowed\_product\_type\_classes; ?> <?php echo $exclude\_product\_type\_classes; ?>">
40
<div class="page\_collapsible products\_manage\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?> <?php echo esc\_attr($allowed\_product\_type\_classes); ?> <?php echo esc\_attr($exclude\_product\_type\_classes); ?>" id="wcfm\_products\_manage\_form\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?>\_head"><label class="wcfmfa fa-<?php echo ($wpcf\_icons\[$wpcf\_index\]) ? $wpcf\_icons\[$wpcf\_index\] : 'snowflake-o'; ?>"></label><?php echo wcfm\_removeslashes( \_\_( $wcfm\_product\_custom\_field\['block\_name'\], 'wc-frontend-manager') ); ?><span></span></div>
41
<div class="wcfm-container <?php echo esc\_attr($allowed\_product\_type\_classes); ?> <?php echo esc\_attr($exclude\_product\_type\_classes); ?>">
42
42
<div id="wcfm\_products\_manage\_form\_<?php echo sanitize\_title( $wcfm\_product\_custom\_field\['block\_name'\] ); ?>\_expander" class="wcfm-content">
43
43
<h2><?php echo wcfm\_removeslashes( \_\_( $wcfm\_product\_custom\_field\['block\_name'\], 'wc-frontend-manager') ); ?></h2>
wc-frontend-manager/trunk/views/products-popup/wcfm-view-product-popup.php
r2350944
r2630745
158
158
<?php if( apply\_filters( 'wcfm\_is\_allow\_product\_category', true ) ) { $ptax\_custom\_arrtibutes = apply\_filters( 'wcfm\_taxonomy\_custom\_attributes', array(), 'product\_cat' ); ?>
159
159
<p class="wcfm\_title"><strong><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( 'Categories', 'wc-frontend-manager' ), 'product\_cat' ); ?></strong></p><label class="screen-reader-text" for="product\_cats"><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( 'Categories', 'wc-frontend-manager' ), 'product\_cat' ); ?></label>
160
<select id="product\_cats" name="product\_cats\[\]" class="wcfm-select wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo $catlimit; ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
160
<select id="product\_cats" name="product\_cats\[\]" class="wcfm-select wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo esc\_attr($catlimit); ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
161
161
<?php
162
162
if ( $product\_categories ) {
…
…
188
188
$taxonomy\_limit = apply\_filters( 'wcfm\_taxonomy\_limit', -1, $product\_taxonomy->name );
189
189
?>
190
<p class="wcfm\_title"><strong><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></strong></p><label class="screen-reader-text" for="<?php echo $product\_taxonomy->name; ?>"><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></label>
191
<select id="<?php echo $product\_taxonomy->name; ?>" name="product\_custom\_taxonomies\[<?php echo $product\_taxonomy->name; ?>\]\[\]" class="wcfm-select product\_taxonomies wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo $taxonomy\_limit; ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
190
<p class="wcfm\_title"><strong><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></strong></p><label class="screen-reader-text" for="<?php echo esc\_attr($product\_taxonomy->name); ?>"><?php echo apply\_filters( 'wcfm\_taxonomy\_custom\_label', \_\_( $product\_taxonomy->label, 'wc-frontend-manager' ), $product\_taxonomy->name ); ?></label>
191
<select id="<?php echo esc\_attr($product\_taxonomy->name); ?>" name="product\_custom\_taxonomies\[<?php echo esc\_attr($product\_taxonomy->name); ?>\]\[\]" class="wcfm-select product\_taxonomies wcfm\_ele simple variable external grouped booking" multiple="multiple" data-catlimit="<?php echo esc\_attr($taxonomy\_limit); ?>" <?php echo implode( ' ', $ptax\_custom\_arrtibutes ); ?> style="width: 100%; margin-bottom: 10px;">
192
192
<?php
193
193
$product\_taxonomy\_terms = get\_terms( $product\_taxonomy->name, 'orderby=name&hide\_empty=0&parent=0' );
wc-frontend-manager/trunk/views/products/wcfm-view-products.php
r2414751
r2630745
60
60
else echo " | ";
61
61
?>
62
<a class="<?php echo ( $wcfmu\_products\_menu\_key == $product\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_products\_url( $wcfmu\_products\_menu\_key ); ?>"><?php echo $wcfmu\_products\_menu . ' ('. $count\_products\[$wcfmu\_products\_menu\_key\] .')'; ?></a>
62
<a class="<?php echo ( $wcfmu\_products\_menu\_key == $product\_status ) ? 'active' : ''; ?>" href="<?php echo esc\_url(get\_wcfm\_products\_url( $wcfmu\_products\_menu\_key )); ?>"><?php echo esc\_html( $wcfmu\_products\_menu . ' ('. $count\_products\[$wcfmu\_products\_menu\_key\] .')' ); ?></a>
63
63
</li>
64
64
<?php
wc-frontend-manager/trunk/views/profile/wcfm-view-profile.php
r2414751
r2630745
362
362
</form>
363
363
<script type="text/javascript">
364
var selected\_bstate = '<?php echo $bstate; ?>';
365
var input\_selected\_bstate = '<?php echo $bstate; ?>';
366
var selected\_sstate = '<?php echo $sstate; ?>';
367
var input\_selected\_sstate = '<?php echo $sstate; ?>';
364
var selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
365
var input\_selected\_bstate = '<?php echo esc\_attr($bstate); ?>';
366
var selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
367
var input\_selected\_sstate = '<?php echo esc\_attr($sstate); ?>';
368
368
</script>
369
369
<?php
wc-frontend-manager/trunk/views/reports/wcfm-html-report-sales-by-date.php
r2125706
r2630745
45
45
<ul class="chart-legend">
46
46
<?php foreach ( $legends as $legend ) : ?>
47
<li style="border-color: <?php echo $legend\['color'\]; ?>" <?php if ( isset( $legend\['highlight\_series'\] ) ) echo 'class="highlight\_series ' . ( isset( $legend\['placeholder'\] ) ? 'tips' : '' ) . '" data-series="' . esc\_attr( $legend\['highlight\_series'\] ) . '"'; ?> data-tip="<?php echo isset( $legend\['placeholder'\] ) ? $legend\['placeholder'\] : ''; ?>">
48
<?php echo $legend\['title'\]; ?>
47
<li style="border-color: <?php echo esc\_attr($legend\['color'\]); ?>" <?php if ( isset( $legend\['highlight\_series'\] ) ) echo 'class="highlight\_series ' . ( isset( $legend\['placeholder'\] ) ? 'tips' : '' ) . '" data-series="' . esc\_attr( $legend\['highlight\_series'\] ) . '"'; ?> data-tip="<?php echo isset( $legend\['placeholder'\] ) ? esc\_attr($legend\['placeholder'\]) : ''; ?>">
48
<?php echo wp\_kses\_post($legend\['title'\]); ?>
49
49
</li>
50
50
<?php endforeach; ?>
…
…
54
54
<?php foreach ( $wcfm\_report\_sales\_by\_date->get\_chart\_widgets() as $widget ) : ?>
55
55
<li class="chart-widget">
56
<?php if ( $widget\['title'\] ) : ?><h4><?php echo $widget\['title'\]; ?></h4><?php endif; ?>
56
<?php if ( $widget\['title'\] ) : ?><h4><?php echo wp\_kses\_post($widget\['title'\]); ?></h4><?php endif; ?>
57
57
<?php call\_user\_func( $widget\['callback'\] ); ?>
58
58
</li>
wc-frontend-manager/trunk/views/reports/wcfm-view-reports-menu.php
r2160755
r2630745
27
27
else echo " | ";
28
28
?>
29
<a class="<?php echo isset( $wp->query\_vars\['wcfm-reports-' . $wcfm\_reports\_menu\_key\] ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_reports\_url( '', 'wcfm-reports-' . $wcfm\_reports\_menu\_key ); ?>"><?php echo $wcfm\_reports\_menu; ?></a>
29
<a class="<?php echo isset( $wp->query\_vars\['wcfm-reports-' . $wcfm\_reports\_menu\_key\] ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_reports\_url( '', 'wcfm-reports-' . $wcfm\_reports\_menu\_key ); ?>"><?php echo esc\_html($wcfm\_reports\_menu); ?></a>
30
30
</li>
31
31
<?php
wc-frontend-manager/trunk/views/reports/wcfm-view-reports-wcfmmarketplace-sales-by-date.php
r2629284
r2630745
124
124
<h2>
125
125
<?php
126
echo $vendor\_store;
126
echo wp\_kses\_post($vendor\_store);
127
127
?>
128
128
</h2>
wc-frontend-manager/trunk/views/settings/wcfm-view-dokan-settings.php
r2228892
r2630745
567
567
?>
568
568
<script type="text/javascript">
569
var selected\_state = '<?php echo $state; ?>';
570
var input\_selected\_state = '<?php echo $state; ?>';
569
var selected\_state = '<?php echo esc\_attr($state); ?>';
570
var input\_selected\_state = '<?php echo esc\_attr($state); ?>';
571
571
var def\_zoomval = 12;
572
var def\_longval = '<?php echo $def\_long; ?>';
573
var def\_latval = '<?php echo $def\_lat; ?>';
572
var def\_longval = '<?php echo esc\_attr($def\_long); ?>';
573
var def\_latval = '<?php echo esc\_attr($def\_lat); ?>';
574
574
</script>
wc-frontend-manager/trunk/views/settings/wcfm-view-settings.php
r2629284
r2630745
577
577
$product\_type\_categories = isset( $wcfm\_product\_type\_categories\[$product\_type\] ) ? $wcfm\_product\_type\_categories\[$product\_type\] : array();
578
578
?>
579
<p class="wcfm\_title catlimit\_title"><strong><?php echo $product\_type\_label . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></strong></p><label class="screen-reader-text" for="vendor\_product\_cats"><?php echo $product\_type\_label . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></label>
580
<select id="wcfm\_product\_type\_categories<?php echo $product\_type; ?>" name="wcfm\_product\_type\_categories\[<?php echo $product\_type; ?>\]\[\]" class="wcfm-select wcfm\_ele wcfm\_product\_type\_categories" multiple="multiple" data-catlimit="-1" style="width: 60%; margin-bottom: 10px;">
579
<p class="wcfm\_title catlimit\_title"><strong><?php echo esc\_html($product\_type\_label) . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></strong></p><label class="screen-reader-text" for="vendor\_product\_cats"><?php echo $product\_type\_label . ' '; \_e( 'Categories', 'wc-frontend-manager' ); ?></label>
580
<select id="wcfm\_product\_type\_categories<?php echo esc\_html($product\_type); ?>" name="wcfm\_product\_type\_categories\[<?php echo $product\_type; ?>\]\[\]" class="wcfm-select wcfm\_ele wcfm\_product\_type\_categories" multiple="multiple" data-catlimit="-1" style="width: 60%; margin-bottom: 10px;">
581
581
<?php
582
582
if ( $product\_categories ) {
wc-frontend-manager/trunk/views/settings/wcfm-view-wcfmmarketplace-settings.php
r2629284
r2630745
540
540
if (isset($client\_id) && isset($secret\_key)) {
541
541
if ( !isset( $\_GET\['marketplace\_wirecard'\] ) && isset($\_GET\['code'\])) {
542
$code = $\_GET\['code'\];
542
$code = wc\_clean($\_GET\['code'\]);
543
543
if (!is\_user\_logged\_in()) {
544
544
if (isset($\_GET\['state'\])) {
…
…
783
783
<th></th>
784
784
<td>
785
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
785
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
786
786
</td>
787
787
</tr>
…
…
805
805
<th></th>
806
806
<td>
807
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
807
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
808
808
</td>
809
809
</tr>
…
…
992
992
993
993
<script type="text/javascript">
994
var selected\_state = '<?php echo $state; ?>';
995
var input\_selected\_state = '<?php echo $state; ?>';
996
var csd\_selected\_state = '<?php echo $vendor\_csd\_return\_state; ?>';
997
var input\_csd\_state = '<?php echo $vendor\_csd\_return\_state; ?>';
994
var selected\_state = '<?php echo esc\_attr($state); ?>';
995
var input\_selected\_state = '<?php echo esc\_attr($state); ?>';
996
var csd\_selected\_state = '<?php echo esc\_attr($vendor\_csd\_return\_state); ?>';
997
var input\_csd\_state = '<?php echo esc\_attr($vendor\_csd\_return\_state); ?>';
998
998
</script>
wc-frontend-manager/trunk/views/settings/wcfm-view-wcmarketplace-settings.php
r2629284
r2630745
282
282
<li>
283
283
<label>
284
<input type="radio" <?php checked($template, $shop\_template); ?> name="shop\_template" value="<?php echo $template; ?>" />
284
<input type="radio" <?php checked($template, $shop\_template); ?> name="shop\_template" value="<?php echo esc\_attr($template); ?>" />
285
285
<i class="wcfmfa fa-square-o" aria-hidden="true"></i>
286
286
<img src="<?php echo esc\_url($template\_image); ?>" />
…
…
332
332
if (isset($client\_id) && isset($secret\_key)) {
333
333
if (isset($\_GET\['code'\])) {
334
$code = $\_GET\['code'\];
334
$code = wc\_clean($\_GET\['code'\]);
335
335
if (!is\_user\_logged\_in()) {
336
336
if (isset($\_GET\['state'\])) {
…
…
569
569
<th></th>
570
570
<td>
571
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
571
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
572
572
</td>
573
573
</tr>
…
…
591
591
<th></th>
592
592
<td>
593
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
593
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
594
594
</td>
595
595
</tr>
…
…
788
788
</div>
789
789
<script type="text/javascript">
790
var selected\_state = '<?php echo $state; ?>';
791
var input\_selected\_state = '<?php echo $state; ?>';
790
var selected\_state = '<?php echo esc\_attr($state); ?>';
791
var input\_selected\_state = '<?php echo esc\_attr($state); ?>';
792
792
</script>
wc-frontend-manager/trunk/views/settings/wcfm-view-wcpvendors-settings.php
r2629284
r2630745
197
197
if (isset($client\_id) && isset($secret\_key)) {
198
198
if (isset($\_GET\['code'\])) {
199
$code = $\_GET\['code'\];
199
$code = wc\_clean($\_GET\['code'\]);
200
200
if (!is\_user\_logged\_in()) {
201
201
if (isset($\_GET\['state'\])) {
…
…
420
420
<th></th>
421
421
<td>
422
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
422
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
423
423
</td>
424
424
</tr>
…
…
442
442
<th></th>
443
443
<td>
444
<a href=<?php echo $url; ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
444
<a href=<?php echo esc\_url($url); ?> target="\_self"><img src="<?php echo esc\_url($stripe\_connect\_url); ?>" /></a>
445
445
</td>
446
446
</tr>
wc-frontend-manager/trunk/views/vendors/wcfm-view-vendors-manage.php
r2629284
r2630745
218
218
<div class="wcfm\_dashboard\_stats">
219
219
<div class="wcfm\_dashboard\_stats\_block">
220
<a href="<?php echo $stat\_box\_link; ?>">
220
<a href="<?php echo esc\_url($stat\_box\_link); ?>">
221
221
<span class="wcfmfa fa-currency"><?php echo get\_woocommerce\_currency\_symbol() ; ?></span>
222
222
<div>
…
…
233
233
234
234
<div class="wcfm\_dashboard\_stats\_block">
235
<a href="<?php echo $stat\_box\_link; ?>">
235
<a href="<?php echo esc\_url($stat\_box\_link); ?>">
236
236
<span class="wcfmfa fa-money fa-money-bill-alt"></span>
237
237
<div>
…
…
290
290
<div id="vendors\_manage\_general\_expander" class="wcfm-content">
291
291
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( 'Store', 'wc-frontend-manager' ); ?></strong></p>
292
<span class="wcfm\_vendor\_store"><?php echo $vendor\_store ?></span>
292
<span class="wcfm\_vendor\_store"><?php echo wp\_kses\_post($vendor\_store); ?></span>
293
293
<div class="wcfm\_clearfix"></div>
294
294
<?php
…
…
313
313
?>
314
314
<p class="store\_name wcfm\_ele wcfm\_title"><strong><?php \_e( 'Seller Info', 'wc-frontend-manager' ); ?></strong></p>
315
<span class="wcfm\_vendor\_store\_info"><?php echo $seller\_info ?></span>
315
<span class="wcfm\_vendor\_store\_info"><?php echo wp\_kses\_post($seller\_info); ?></span>
316
316
<div class="wcfm\_clearfix"></div>
317
317
<?php
wc-frontend-manager/trunk/views/wc_bookings/wcfm-view-wcbookings-details.php
r2629284
r2630745
68
68
69
69
<div class="wcfm-container wcfm-top-element-container">
70
<h2><?php \_e( 'Booking #', 'wc-frontend-manager' ); echo $booking\_id; ?></h2>
70
<h2><?php \_e( 'Booking #', 'wc-frontend-manager' ); echo esc\_attr($booking\_id); ?></h2>
71
71
72
72
<?php
…
…
151
151
?>
152
152
</select>
153
<button class="wcfm\_modify\_booking\_status button" id="wcfm\_modify\_booking\_status" data-bookingid="<?php echo $booking\_id; ?>"><?php \_e( 'Update', 'wc-frontend-manager' ); ?></button>
153
<button class="wcfm\_modify\_booking\_status button" id="wcfm\_modify\_booking\_status" data-bookingid="<?php echo esc\_attr($booking\_id); ?>"><?php \_e( 'Update', 'wc-frontend-manager' ); ?></button>
154
154
</p>
155
155
<div class="wcfm-message" tabindex="-1"></div>
…
…
157
157
<div class="wcfm\_clearfix"></div><br/>
158
158
<p class="form-field form-field-wide wcfm\_booking\_confirmed\_cancel\_wrapper" style="text-align: center;">
159
<a id="wcfm\_booking\_confirmed\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo $booking\_id; ?>"><?php \_e( 'Confirm', 'wc-frontend-manager' ); ?></a>
160
<a id="wcfm\_booking\_declined\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo $booking\_id; ?>"><?php \_e( 'Decline', 'wc-frontend-manager' ); ?></a>
159
<a id="wcfm\_booking\_confirmed\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo esc\_attr($booking\_id); ?>"><?php \_e( 'Confirm', 'wc-frontend-manager' ); ?></a>
160
<a id="wcfm\_booking\_declined\_button" style="float: none;" class="wcfm\_submit\_button" href="#" data-bookingid="<?php echo esc\_attr($booking\_id); ?>"><?php \_e( 'Decline', 'wc-frontend-manager' ); ?></a>
161
161
<div class="wcfm\_clearfix"></div>
162
162
</p>
…
…
245
245
<?php if( apply\_filters( 'wcfm\_is\_allow\_booking\_schedule\_update', true ) ) { ?>
246
246
<form id="wcfm\_wcb\_schedule\_update\_form">
247
<input type="hidden" name="booking\_id" id="booking\_id" value="<?php echo $booking\_id; ?>" />
247
<input type="hidden" name="booking\_id" id="booking\_id" value="<?php echo esc\_attr($booking\_id); ?>" />
248
248
<p class="form-field form-field-wide">
249
249
<?php
wc-frontend-manager/trunk/views/wc_bookings/wcfm-view-wcbookings.php
r2605028
r2630745
51
51
else echo " | ";
52
52
?>
53
<a class="<?php echo ( $wcfmu\_bookings\_menu\_key == $booking\_status ) ? 'active' : ''; ?>" href="<?php echo get\_wcfm\_bookings\_url( $wcfmu\_bookings\_menu\_key ); ?>"><?php echo $wcfmu\_bookings\_menu; ?></a>
53
<a class="<?php echo ( $wcfmu\_bookings\_menu\_key == $booking\_status ) ? 'active' : ''; ?>" href="<?php echo esc\_url(get\_wcfm\_bookings\_url( $wcfmu\_bookings\_menu\_key )); ?>"><?php echo esc\_html($wcfmu\_bookings\_menu); ?></a>
54
54
</li>
55
55
<?php
…
…
68
68
if( $wcfm\_is\_allow\_manual\_booking = apply\_filters( 'wcfm\_is\_allow\_manual\_booking', true ) ) {
69
69
if( WCFM\_Dependencies::wcfmu\_plugin\_active\_check() ) {
70
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.get\_wcfm\_create\_bookings\_url().'" data-tip="' . \_\_( 'Create Booking', 'wc-frontend-manager' ) . '"><span class="wcfmfa fa-calendar-plus"></span></a>';
70
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.esc\_url(get\_wcfm\_create\_bookings\_url()).'" data-tip="' . \_\_( 'Create Booking', 'wc-frontend-manager' ) . '"><span class="wcfmfa fa-calendar-plus"></span></a>';
71
71
}
72
72
}
…
…
101
101
<optgroup label="<?php \_e( 'By appointable product', 'wc-frontend-manager' ); ?>">
102
102
<?php foreach ( $product\_filters as $product\_filter ) : ?>
103
<option value="<?php echo $product\_filter->get\_id(); ?>"><?php echo $product\_filter->get\_name(); ?></option>
103
<option value="<?php echo esc\_attr($product\_filter->get\_id()); ?>"><?php echo wp\_kses\_post($product\_filter->get\_name()); ?></option>
104
104
<?php endforeach; ?>
105
105
</optgroup>
wc-frontend-manager/trunk/views/wcfm-view-header-panels.php
r2629284
r2630745
62
62
63
63
<?php if( ( apply\_filters( 'wcfm\_is\_pref\_direct\_message', true ) && apply\_filters( 'wcfm\_is\_allow\_direct\_message', true ) ) || ( apply\_filters( 'wcfm\_is\_pref\_notification', true ) && apply\_filters( 'wcfm\_is\_allow\_notifications', true ) ) ) { ?>
64
<a href="<?php echo get\_wcfm\_messages\_url( ); ?>" class="wcfm\_header\_panel\_messages text\_tip <?php if( isset( $wp->query\_vars\['wcfm-messages'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bell"></i><span class="unread\_notification\_count message\_count"><?php echo $unread\_message; ?></span><div class="notification-ring"></div></a>
64
<a href="<?php echo get\_wcfm\_messages\_url( ); ?>" class="wcfm\_header\_panel\_messages text\_tip <?php if( isset( $wp->query\_vars\['wcfm-messages'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Notification Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bell"></i><span class="unread\_notification\_count message\_count"><?php echo esc\_attr($unread\_message); ?></span><div class="notification-ring"></div></a>
65
65
<?php } ?>
66
66
67
67
<?php if( apply\_filters( 'wcfm\_is\_pref\_enquiry', true ) && apply\_filters( 'wcfm\_is\_allow\_enquiry', true ) ) { ?>
68
<a href="<?php echo get\_wcfm\_enquiry\_url(); ?>" class="wcfm\_header\_panel\_enquiry text\_tip <?php if( isset( $wp->query\_vars\['wcfm-enquiry'\] ) || isset( $wp->query\_vars\['wcfm-enquiry-manage'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Inquiry Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-question-circle"></i><span class="unread\_notification\_count enquiry\_count"><?php echo $unread\_enquiry; ?></span><div class="notification-ring"></div></a>
68
<a href="<?php echo get\_wcfm\_enquiry\_url(); ?>" class="wcfm\_header\_panel\_enquiry text\_tip <?php if( isset( $wp->query\_vars\['wcfm-enquiry'\] ) || isset( $wp->query\_vars\['wcfm-enquiry-manage'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Inquiry Board', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-question-circle"></i><span class="unread\_notification\_count enquiry\_count"><?php echo esc\_attr($unread\_enquiry); ?></span><div class="notification-ring"></div></a>
69
69
<?php } ?>
70
70
71
71
<?php if( apply\_filters( 'wcfm\_is\_pref\_notice', true ) && apply\_filters( 'wcfm\_is\_allow\_notice', true ) ) { ?>
72
<a href="<?php echo get\_wcfm\_notices\_url( ); ?>" class="wcfm\_header\_panel\_notice text\_tip <?php if( isset( $wp->query\_vars\['wcfm-notices'\] ) || isset( $wp->query\_vars\['wcfm-notice-manage'\] ) || isset( $wp->query\_vars\['wcfm-notice-view'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Announcement', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bullhorn"></i><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo $unread\_notice; ?></span><?php } ?><div class="notification-ring"></div></a>
72
<a href="<?php echo get\_wcfm\_notices\_url( ); ?>" class="wcfm\_header\_panel\_notice text\_tip <?php if( isset( $wp->query\_vars\['wcfm-notices'\] ) || isset( $wp->query\_vars\['wcfm-notice-manage'\] ) || isset( $wp->query\_vars\['wcfm-notice-view'\] ) ) echo 'active'; ?>" data-tip="<?php \_e( 'Announcement', 'wc-frontend-manager' ); ?>"><i class="wcfmfa fa-bullhorn"></i><?php if( wcfm\_is\_vendor() ) { ?><span class="unread\_notification\_count notice\_count"><?php echo esc\_attr($unread\_notice); ?></span><?php } ?><div class="notification-ring"></div></a>
73
73
<?php } ?>
74
74
wc-frontend-manager/trunk/views/withdrawal/dokan/wcfm-view-payments.php
r2040425
r2630745
33
33
<h2>
34
34
<?php \_e( 'Transactions for: ', 'wc-frontend-manager' ); ?>
35
<span class="trans\_start\_date"><?php echo $start\_date; ?></span>
35
<span class="trans\_start\_date"><?php echo esc\_attr($start\_date); ?></span>
36
36
<?php echo ' - '; ?>
37
<span class="trans\_end\_date"><?php echo $end\_date; ?>
37
<span class="trans\_end\_date"><?php echo esc\_attr($end\_dat); ?>
38
38
</h2>
39
39
40
40
<?php
41
41
if( $wcfm\_is\_allow\_withdrawal = apply\_filters( 'wcfm\_is\_allow\_withdrawal', true ) ) {
42
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.wcfm\_withdrawal\_url().'" data-tip="'. \_\_('Withdrawal Request', 'wc-frontend-manager') .'"><span class="wcfmfa fa-currency">' . get\_woocommerce\_currency\_symbol() . '</span><span class="text">' . \_\_('Withdrawal', 'wc-frontend-manager' ) . '</span></a>';
42
echo '<a class="add\_new\_wcfm\_ele\_dashboard text\_tip" href="'.esc\_url(wcfm\_withdrawal\_url()).'" data-tip="'. \_\_('Withdrawal Request', 'wc-frontend-manager') .'"><span class="wcfmfa fa-currency">' . get\_woocommerce\_currency\_symbol() . '</span><span class="text">' . \_\_('Withdrawal', 'wc-frontend-manager' ) . '</span></a>';
43
43
}
44
44
?>
…
…
54
54
<option value="2"><?php \_e( 'Cancelled', 'wc-frontend-manager' ); ?></option>
55
55
</select>
56
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $start\_date; ?>" style="width: 160px;" />
57
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $end\_date; ?>" style="width: 160px;" />
56
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($start\_date); ?>" style="width: 160px;" />
57
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($end\_date); ?>" style="width: 160px;" />
58
58
</div>
59
59
wc-frontend-manager/trunk/views/withdrawal/dokan/wcfm-view-withdrawal.php
r2040425
r2630745
58
58
59
59
<div class="wcfm-container wcfm-top-element-container">
60
<h2 style="text-align: left;"><?php echo $message; ?></h2>
60
<h2 style="text-align: left;"><?php echo esc\_html($message); ?></h2>
61
61
62
62
<?php
wc-frontend-manager/trunk/views/withdrawal/wcfm/wcfm-view-payments.php
r2300280
r2630745
39
39
<h2>
40
40
<?php \_e( 'Transactions for: ', 'wc-frontend-manager' ); ?>
41
<span class="trans\_start\_date"><?php echo $start\_date; ?></span>
41
<span class="trans\_start\_date"><?php echo esc\_attr($start\_date); ?></span>
42
42
<?php echo ' - '; ?>
43
<span class="trans\_end\_date"><?php echo $end\_date; ?>
43
<span class="trans\_end\_date"><?php echo esc\_attr($end\_date); ?>
44
44
</h2>
45
45
wc-frontend-manager/trunk/views/withdrawal/wcmp/wcfm-view-payments.php
r2040425
r2630745
33
33
<h2>
34
34
<?php \_e( 'Transactions for: ', 'wc-frontend-manager' ); ?>
35
<span class="trans\_start\_date"><?php echo $start\_date; ?></span>
35
<span class="trans\_start\_date"><?php echo esc\_attr($start\_date); ?></span>
36
36
<?php echo ' - '; ?>
37
<span class="trans\_end\_date"><?php echo $end\_date; ?>
37
<span class="trans\_end\_date"><?php echo esc\_attr($end\_date); ?>
38
38
</h2>
39
39
…
…
50
50
51
51
<div class="wcfm\_payments\_filter\_wrap wcfm\_filters\_wrap">
52
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $start\_date; ?>" style="width: 160px;" />
53
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo $end\_date; ?>" style="width: 160px;" />
52
<input id="payment\_start\_date\_filter" type="text" class="wcfm-text" name="payment\_start\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($start\_date); ?>" style="width: 160px;" />
53
<input id="payment\_end\_date\_filter" type="text" class="wcfm-text" name="payment\_end\_date\_filter" placeholder="<?php echo apply\_filters( 'wcfm\_date\_filter\_format', wc\_date\_format() ); ?>" data-date\_format="<?php echo str\_replace( 'mmmm', 'mm', str\_replace( 'yyyy', 'yy', strtolower( wcfm\_wp\_date\_format\_to\_js( wc\_date\_format() ) ) ) ); ?>" value="<?php echo esc\_attr($end\_date); ?>" style="width: 160px;" />
54
54
</div>
55
55
wc-frontend-manager/trunk/views/withdrawal/wcmp/wcfm-view-transaction-details.php
r2040425
r2630745
41
41
42
42
<div class="wcfm-container wcfm-top-element-container">
43
<h2><?php \_e( 'Transaction #', 'wc-frontend-manager' ); echo $transaction\_id; ?></h2>
43
<h2><?php \_e( 'Transaction #', 'wc-frontend-manager' ); echo esc\_attr($transaction\_id); ?></h2>
44
44
<span class="transaction-status transaction-status-<?php echo sanitize\_title( $transaction->post\_status ); ?>"><?php echo ucfirst( str\_replace( 'wcmp\_', '', $transaction->post\_status ) ); ?></span>
45
45