Headline
CVE-2021-24968: Changeset 2648562 – WordPress Plugin Repository
The Ultimate FAQ WordPress plugin before 2.1.2 does not have capability and CSRF checks in the ewd_ufaq_welcome_add_faq and ewd_ufaq_welcome_add_faq_page AJAX actions, available to any authenticated users. As a result, any users, with a role as low as Subscriber could create FAQ and FAQ questions
ultimate-faqs/tags/2.1.2/assets/js/dashboard-review-ask.js
r2643489
r2648562
3
3
4
4
jQuery(document).on( 'click', '.ewd-ufaq-main-dashboard-review-ask .notice-dismiss', function( event ) {
5
var data = 'ask\_review\_time=7&action=ewd\_ufaq\_hide\_review\_ask';
5
var params = {};
6
7
params.nonce = ewd\_ufaq\_review\_ask.nonce;
8
params.action = 'ewd\_ufaq\_hide\_review\_ask';
9
params.ask\_review\_time = 7;
10
11
var data = jQuery.param( params );
12
6
13
jQuery.post( ajaxurl, data, function() {} );
7
14
});
…
…
17
24
jQuery( '.ewd-ufaq-review-ask-yes' ).addClass( 'ewd-ufaq-hidden' );
18
25
19
var data = 'ask\_review\_time=7&action=ewd\_ufaq\_hide\_review\_ask';
20
jQuery.post( ajaxurl, data, function() {} );
26
var params = {};
27
28
params.nonce = ewd\_ufaq\_review\_ask.nonce;
29
params.action = 'ewd\_ufaq\_hide\_review\_ask';
30
params.ask\_review\_time = 7;
31
32
var data = jQuery.param( params );
33
jQuery.post( ajaxurl, data, function() {} );
21
34
});
22
35
…
…
28
41
jQuery( '.ewd-ufaq-review-ask-actions' ).addClass( 'ewd-ufaq-hidden' );
29
42
30
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
31
jQuery.post( ajaxurl, data, function() {} );
43
var params = {};
44
45
params.nonce = ewd\_ufaq\_review\_ask.nonce;
46
params.action = 'ewd\_ufaq\_hide\_review\_ask';
47
params.ask\_review\_time = 1000;
48
49
var data = jQuery.param( params );
50
jQuery.post( ajaxurl, data, function() {} );
32
51
});
33
52
34
53
jQuery( '.ewd-ufaq-review-ask-no-thanks' ).on( 'click', function() {
35
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
36
jQuery.post( ajaxurl, data, function() {} );
54
var params = {};
37
55
38
jQuery( '.ewd-ufaq-main-dashboard-review-ask' ).css( 'display', 'none' );
56
params.nonce = ewd\_ufaq\_review\_ask.nonce;
57
params.action = 'ewd\_ufaq\_hide\_review\_ask';
58
params.ask\_review\_time = 1000;
59
60
var data = jQuery.param( params );
61
jQuery.post( ajaxurl, data, function() {} );
62
63
jQuery( '.ewd-ufaq-main-dashboard-review-ask' ).css( 'display', 'none' );
39
64
});
40
65
…
…
43
68
jQuery( '.ewd-ufaq-review-ask-thank-you-text' ).removeClass( 'ewd-ufaq-hidden' );
44
69
45
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
46
jQuery.post( ajaxurl, data, function() {} );
70
var params = {};
71
72
params.nonce = ewd\_ufaq\_review\_ask.nonce;
73
params.action = 'ewd\_ufaq\_hide\_review\_ask';
74
params.ask\_review\_time = 1000;
75
76
var data = jQuery.param( params );
77
jQuery.post( ajaxurl, data, function() {} );
47
78
});
48
79
…
…
50
81
var feedback = jQuery( '.ewd-ufaq-review-ask-feedback-explanation textarea' ).val();
51
82
var email\_address = jQuery( '.ewd-ufaq-review-ask-feedback-explanation input\[name="feedback\_email\_address"\]' ).val();
52
var data = 'feedback=' + feedback + '&email\_address=' + email\_address + '&action=ewd\_ufaq\_send\_feedback';
53
jQuery.post( ajaxurl, data, function() {} );
83
84
var params = {};
54
85
55
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
56
jQuery.post( ajaxurl, data, function() {} );
86
params.nonce = ewd\_ufaq\_review\_ask.nonce;
87
params.action = 'ewd\_ufaq\_send\_feedback';
88
params.feedback = feedback;
89
params.email\_address = email\_address;
57
90
58
jQuery( '.ewd-ufaq-review-ask-feedback-form' ).addClass( 'ewd-ufaq-hidden' );
59
jQuery( '.ewd-ufaq-review-ask-review-text' ).addClass( 'ewd-ufaq-hidden' );
60
jQuery( '.ewd-ufaq-review-ask-thank-you-text' ).removeClass( 'ewd-ufaq-hidden' );
91
var data = jQuery.param( params );
92
jQuery.post( ajaxurl, data, function() {} );
93
94
var params = {};
95
96
params.nonce = ewd\_ufaq\_review\_ask.nonce;
97
params.action = 'ewd\_ufaq\_hide\_review\_ask';
98
params.ask\_review\_time = 1000;
99
100
var data = jQuery.param( params );
101
jQuery.post( ajaxurl, data, function() {} );
102
103
jQuery( '.ewd-ufaq-review-ask-feedback-form' ).addClass( 'ewd-ufaq-hidden' );
104
jQuery( '.ewd-ufaq-review-ask-review-text' ).addClass( 'ewd-ufaq-hidden' );
105
jQuery( '.ewd-ufaq-review-ask-thank-you-text' ).removeClass( 'ewd-ufaq-hidden' );
61
106
});
62
107
});
ultimate-faqs/tags/2.1.2/assets/js/ewd-ufaq-admin.js
r2647563
r2648562
39
39
axis: 'y',
40
40
update: function() {
41
var order = jQuery( this ).sortable( 'serialize' ) + '&action=ewd\_ufaq\_update\_order';
41
var order = jQuery( this ).sortable( 'serialize' )
42
+ '&action=ewd\_ufaq\_update\_order'
43
+ '&nonce='+ewd\_ufaq\_php\_data.nonce;
42
44
jQuery.post( ajaxurl, order, function( response ) {} );
43
45
}
ultimate-faqs/tags/2.1.2/assets/js/ewd-ufaq-wc-admin.js
r2643489
r2648562
9
9
});
10
10
11
var data = 'FAQs=' + JSON.stringify(FAQs) + '&Post\_ID=' + Post\_ID + '&action=ewd\_ufaq\_add\_wc\_faqs';
11
var params = {};
12
13
params.nonce = ewd\_ufaq\_wc\_admin.nonce;
14
params.FAQs = JSON.stringify(FAQs);
15
params.Post\_ID = Post\_ID;
16
params.action = 'ewd\_ufaq\_add\_wc\_faqs';
17
18
var data = jQuery.param( params );
19
12
20
jQuery.post(ajaxurl, data, function(response) {
13
21
var Add\_FAQs = jQuery.parseJSON(response);
…
…
35
43
});
36
44
37
var data = 'FAQs=' + JSON.stringify(FAQs) + '&Post\_ID=' + Post\_ID + '&action=ewd\_ufaq\_delete\_wc\_faqs';
45
var params = {};
46
47
params.nonce = ewd\_ufaq\_wc\_admin.nonce;
48
params.FAQs = JSON.stringify(FAQs);
49
params.Post\_ID = Post\_ID;
50
params.action = 'ewd\_ufaq\_delete\_wc\_faqs';
51
52
var data = jQuery.param( params );
38
53
jQuery.post(ajaxurl, data, function(response) {});
39
54
…
…
50
65
var Cat\_ID = jQuery(this).val();
51
66
52
var data = 'Cat\_ID=' + Cat\_ID + '&action=ewd\_ufaq\_wc\_faq\_category';
67
var params = {};
68
69
params.nonce = ewd\_ufaq\_wc\_admin.nonce;
70
params.Cat\_ID = Cat\_ID;
71
params.action = 'ewd\_ufaq\_wc\_faq\_category';
72
73
var data = jQuery.param( params );
53
74
jQuery.post(ajaxurl, data, function(response) {
54
75
jQuery('.ewd-ufaq-faq-add-table').remove();
ultimate-faqs/tags/2.1.2/assets/js/ewd-ufaq-welcome-screen.js
r2643489
r2648562
25
25
jQuery('.ewd-ufaq-welcome-screen-add-category-description textarea').val('');
26
26
27
var data = 'category\_name=' + category\_name + '&category\_description=' + category\_description + '&action=ewd\_ufaq\_welcome\_add\_category';
27
var params = {};
28
29
params.nonce = ewd\_ufaq\_getting\_started.nonce;
30
params.action = 'ewd\_ufaq\_welcome\_add\_category';
31
params.category\_name = category\_name;
32
params.category\_description = category\_description;
33
34
var data = jQuery.param( params );
28
35
jQuery.post(ajaxurl, data, function(response) {
29
36
var HTML = '<tr class="ewd-ufaq-welcome-screen-category">';
…
…
44
51
EWD\_UFAQ\_Toggle\_Welcome\_Page('options');
45
52
46
var data = 'faq\_page\_title=' + faq\_page\_title + '&action=ewd\_ufaq\_welcome\_add\_faq\_page';
53
var params = {};
54
55
params.nonce = ewd\_ufaq\_getting\_started.nonce;
56
params.faq\_page\_title = faq\_page\_title;
57
params.action = 'ewd\_ufaq\_welcome\_add\_faq\_page';
58
59
var data = jQuery.param( params );
47
60
jQuery.post(ajaxurl, data, function(response) {});
48
61
});
…
…
54
67
var order\_by\_setting = jQuery('select\[name="order\_by\_setting"\]').val();
55
68
56
var data = 'faq\_accordion=' + faq\_accordion + '&faq\_toggle=' + faq\_toggle + '&group\_by\_category=' + group\_by\_category + '&order\_by\_setting=' + order\_by\_setting + '&action=ewd\_ufaq\_welcome\_set\_options';
69
var params = {};
70
71
params.nonce = ewd\_ufaq\_getting\_started.nonce;
72
params.action = 'ewd\_ufaq\_welcome\_set\_options';
73
params.faq\_accordion = faq\_accordion;
74
params.faq\_toggle = faq\_toggle;
75
params.group\_by\_category = group\_by\_category;
76
params.order\_by\_setting = order\_by\_setting;
77
78
var data = jQuery.param( params );
79
57
80
jQuery.post(ajaxurl, data, function(response) {
58
81
jQuery('.ewd-ufaq-welcome-screen-save-options-button').after('<div class="ewd-ufaq-save-message"><div class="ewd-ufaq-save-message-inside">Options have been saved.</div></div>');
…
…
74
97
jQuery('.ewd-ufaq-welcome-screen-add-faq-category select').val('');
75
98
76
var data = 'faq\_question=' + faq\_question + '&faq\_answer=' + faq\_answer + '&faq\_category=' + faq\_category + '&action=ewd\_ufaq\_welcome\_add\_faq';
99
var params = {};
100
101
params.nonce = ewd\_ufaq\_getting\_started.nonce;
102
params.action = 'ewd\_ufaq\_welcome\_add\_faq';
103
params.faq\_question = faq\_question;
104
params.faq\_answer = faq\_answer;
105
params.faq\_category = faq\_category;
106
107
var data = jQuery.param( params );
77
108
jQuery.post(ajaxurl, data, function(response) {
78
109
var HTML = '<tr class="ewd-ufaq-welcome-screen-faq">';
ultimate-faqs/tags/2.1.2/assets/js/ewd-ufaq.js
r2643489
r2648562
124
124
var post\_id = faq\_element.data( 'post\_id' );
125
125
126
var data = 'post\_id=' + post\_id + '&action=ewd\_ufaq\_record\_view';
126
var params = {};
127
128
params.nonce = ewd\_ufaq\_php\_data.nonce;
129
params.post\_id = post\_id;
130
params.action = 'ewd\_ufaq\_record\_view';
131
132
var data = jQuery.param( params );
127
133
jQuery.post(ajaxurl, data, function(response) {});
128
134
…
…
240
246
if (show\_on\_load == 'No' && Question.length == 0) {jQuery('#ewd-ufaq-ajax-results').html(''); return;}
241
247
242
var data = 'search\_string=' + search\_string + '&include\_category=' + include\_cat + '&exclude\_category=' + exclude\_cat + '&orderby=' + orderby + '&order=' + order + '&post\_count=' + post\_count + '&request\_count=' + request\_count + '¤t\_url=' + current\_url + '&faqs\_only=' + faqs\_only + '&faq\_page=' + faq\_page + '&action=ewd\_ufaq\_search';
248
var params = {};
249
250
params.search\_string = search\_string;
251
params.include\_category = include\_cat;
252
params.exclude\_category = exclude\_cat;
253
params.orderby = orderby;
254
params.order = order;
255
params.post\_count = post\_count;
256
params.request\_count = request\_count;
257
params.current\_url = current\_url;
258
params.faqs\_only = faqs\_only;
259
params.faq\_page = faq\_page;
260
params.action = 'ewd\_ufaq\_search';
261
params.nonce = ewd\_ufaq\_php\_data.nonce;
262
263
var data = jQuery.param( params );
264
243
265
jQuery.post( ajaxurl, data, function( response ) {
244
266
…
…
278
300
else { vote\_type = 'down'; }
279
301
280
var data = 'faq\_id=' + faq\_id + '&vote\_type=' + vote\_type + '&action=ewd\_ufaq\_update\_rating';
281
282
jQuery.post( ajaxurl, data );
302
var params = {};
303
304
params.action = 'ewd\_ufaq\_update\_rating'
305
params.nonce = ewd\_ufaq\_php\_data.nonce;
306
params.faq\_id = faq\_id;
307
params.vote\_type = vote\_type;
308
309
var data = jQuery.param( params );
310
jQuery.post( ajaxurl, data );
283
311
});
284
312
}
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-answer.php
r2643489
r2648562
1
1
<div class='ewd-ufaq-post-margin ewd-ufaq-faq-post'>
2
<?php echo $this->faq\_answer; ?>
2
<?php echo wp\_kses\_post( $this->faq\_answer ); ?>
3
3
</div>
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-author.php
r2643489
r2648562
2
2
3
3
<span class='ewd-ufaq-author'>
4
<?php echo $this->faq\_author; ?>
4
<?php echo esc\_html( $this->faq\_author ); ?>
5
5
</span>
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-custom-fields.php
r2643489
r2648562
8
8
9
9
<div class='ewd-ufaq-custom-field-label'>
10
<?php echo esc\_html( $custom\_field->name ); ?>:
10
<?php echo esc\_html( $custom\_field->name ); ?>:
11
11
</div>
12
12
13
13
<div class='ewd-ufaq-custom-field-value'>
14
<?php echo ( is\_array( $value ) ? implode( ', ', $value ) : $value ); ?>
14
<?php echo wp\_kses\_post( ( is\_array( $value ) ? implode( ', ', $value ) : $value ) ); ?>
15
15
</div>
16
16
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-date.php
r2643489
r2648562
2
2
3
3
<span class='ewd-ufaq-date'>
4
<?php echo $this->date; ?>
4
<?php echo esc\_html( $this->date ); ?>
5
5
</span>
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-permalink.php
r2643489
r2648562
3
3
<a href='<?php echo esc\_attr( $this->permalink ); ?>'>
4
4
5
<?php if ( $this->get\_option( 'include-permalink' ) == 'both' or $this->get\_option( 'include-permalink' ) == 'text' ) { echo $this->get\_label( 'label-permalink' ); } ?>
5
<?php if ( $this->get\_option( 'include-permalink' ) == 'both' or $this->get\_option( 'include-permalink' ) == 'text' ) { echo esc\_html( $this->get\_label( 'label-permalink' ) ); } ?>
6
6
<?php if ( $this->get\_option( 'include-permalink' ) == 'both' or $this->get\_option( 'include-permalink' ) == 'icon' ) { ?> <div class='ewd-ufaq-permalink-image'></div> <?php } ?>
7
7
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-preview.php
r2643489
r2648562
1
1
<div class='ewd-ufaq-faq-excerpt'>
2
<?php echo $this->faq\_preview; ?>
2
<?php echo wp\_kses\_post( $this->faq\_preview ); ?>
3
3
</div>
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-ratings.php
r2643489
r2648562
5
5
</div>
6
6
7
<div class='ewd-ufaq-rating-button ewd-ufaq-up-vote <?php echo ( ( $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) and $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) != 'http://' ) ? 'ewd-ufaq-ratings-custom-image' : 'ewd-ufaq-ratings-default-image' ); ?>' data-faq\_id='<?php echo $this->post->ID; ?>'>
7
<div class='ewd-ufaq-rating-button ewd-ufaq-up-vote <?php echo ( ( $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) and $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) != 'http://' ) ? 'ewd-ufaq-ratings-custom-image' : 'ewd-ufaq-ratings-default-image' ); ?>' data-faq\_id='<?php echo esc\_attr( $this->post->ID ); ?>'>
8
8
<?php echo $this->get\_thumbs\_up\_image(); ?>
9
<span><?php echo $this->get\_up\_votes(); ?></span>
9
<span><?php echo esc\_html( $this->get\_up\_votes() ); ?></span>
10
10
</div>
11
11
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq-title.php
r2643489
r2648562
3
3
<a class='ewd-ufaq-post-margin' href='<?php echo esc\_attr( $this->get\_anchor\_permalink() ); ?>'>
4
4
5
<div class='ewd-ufaq-post-margin-symbol <?php echo $this->get\_color\_block\_shape(); ?>'>
5
<div class='ewd-ufaq-post-margin-symbol <?php echo esc\_attr( $this->get\_color\_block\_shape() ); ?>'>
6
6
<span ><?php echo $this->get\_toggle\_symbol(); ?></span>
7
7
</div>
…
…
10
10
11
11
<<?php echo $this->get\_option( 'styling-faq-heading-type' ); ?>>
12
<?php echo $this->faq\_title; ?>
12
<?php echo wp\_kses\_post( $this->faq\_title ); ?>
13
13
</<?php echo $this->get\_option( 'styling-faq-heading-type' ); ?>>
14
14
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/faq.php
r2643489
r2648562
1
<div <?php echo ewd\_format\_classes( $this->classes ); ?> id='<?php echo $this->get\_id(); ?>' data-post\_id='<?php echo $this->post->ID; ?>'>
1
<div <?php echo ewd\_format\_classes( $this->classes ); ?> id='<?php echo esc\_attr( $this->get\_id() ); ?>' data-post\_id='<?php echo esc\_attr( $this->post->ID ); ?>'>
2
2
3
3
<?php $this->print\_faq\_title(); ?>
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/submit-faq-captcha.php
r2643489
r2648562
7
7
</div>
8
8
9
<div class='ewd-ufaq-captcha-response'><label for='captcha\_text'><?php echo $this->get\_label( 'label-captcha-image-number' ); ?>: </label>
9
<div class='ewd-ufaq-captcha-response'><label for='captcha\_text'><?php echo esc\_html( $this->get\_label( 'label-captcha-image-number' ) ); ?>: </label>
10
10
<input type='text' name='ewd\_ufaq\_captcha' value='' />
11
11
</div>
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/submit-faq-custom-field-checkbox.php
r2643489
r2648562
12
12
13
13
<div class='ewd-ufaq-submit-faq-radio-checkbox-each'>
14
<input type='checkbox' name='<?php echo esc\_attr( $input\_name ); ?>\[\]' value='<?php echo $option; ?>' <?php echo ( ( ! empty( $\_POST\[ $input\_name \] ) and is\_array( $\_POST\[ $input\_name \] ) and in\_array( $option, $\_POST\[ $input\_name \] ) ) ? 'checked' : '' ); ?>/><?php echo $option; ?>
14
<input type='checkbox' name='<?php echo esc\_attr( $input\_name ); ?>\[\]' value='<?php echo $option; ?>' <?php echo ( ( ! empty( $\_POST\[ $input\_name \] ) and is\_array( $\_POST\[ $input\_name \] ) and in\_array( $option, $\_POST\[ $input\_name \] ) ) ? 'checked' : '' ); ?>/><?php echo esc\_html( $option ); ?>
15
15
</div>
16
16
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/submit-faq-custom-field-radio.php
r2643489
r2648562
12
12
13
13
<div class='ewd-ufaq-submit-faq-radio-checkbox-each'>
14
<input type='radio' name='<?php echo esc\_attr( $input\_name ); ?>' value='<?php echo $option; ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'checked' : '' ); ?>/><?php echo $option; ?>
14
<input type='radio' name='<?php echo esc\_attr( $input\_name ); ?>' value='<?php echo esc\_attr( $option ); ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'checked' : '' ); ?>/><?php echo esc\_html( $option ); ?>
15
15
</div>
16
16
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/submit-faq-custom-field-select.php
r2643489
r2648562
10
10
11
11
<?php foreach ( $this->get\_custom\_field\_options() as $option ) { ?>
12
<option value='<?php echo $option; ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'selected' : '' ); ?>><?php echo $option; ?></option>
12
<option value='<?php echo esc\_attr( $option ); ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'selected' : '' ); ?>><?php echo esc\_html( $option ); ?></option>
13
13
<?php } ?>
14
14
ultimate-faqs/tags/2.1.2/ewd-ufaq-templates/submit-faq-submitted-faq-message.php
r2643489
r2648562
1
1
<div class='ewd-ufaq-update'>
2
<?php echo $this->update\_message; ?>
2
<?php echo wp\_kses\_post( $this->update\_message ); ?>
3
3
</div>
ultimate-faqs/tags/2.1.2/includes/Ajax.class.php
r2643489
r2648562
30
30
public function return\_search\_results() {
31
31
global $ewd\_ufaq\_controller;
32
32
33
if ( !check\_ajax\_referer( 'ewd-ufaq-js', 'nonce' ) ) {
34
ewdUfaqHelper::bad\_nonce\_ajax();
35
}
36
33
37
$faq\_atts = array(
34
38
'is\_search' => 1,
…
…
96
100
global $wpdb;
97
101
98
$post\_id = intval( $\_POST\['post\_id'\] );
102
if ( !check\_ajax\_referer( 'ewd-ufaq-js', 'nonce' ) ) {
103
ewdUfaqHelper::bad\_nonce\_ajax();
104
}
99
105
100
$meta\_id = $wpdb->get\_var( $wpdb->prepare( "SELECT meta\_id FROM $wpdb->postmeta WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) );
101
102
if ( $meta\_id != '' and $meta\_id != 0 ) { $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->postmeta SET meta\_value=meta\_value+1 WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) ); }
103
else { $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta (post\_id,meta\_key,meta\_value) VALUES (%d,'ufaq\_view\_count','1')", $post\_id ) ); }
106
$post\_id = intval( $\_POST\['post\_id'\] );
104
107
105
die();
108
$meta\_id = $wpdb->get\_var( $wpdb->prepare( "SELECT meta\_id FROM $wpdb->postmeta WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) );
109
110
if ( $meta\_id != '' and $meta\_id != 0 ) { $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->postmeta SET meta\_value=meta\_value+1 WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) ); }
111
else { $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta (post\_id,meta\_key,meta\_value) VALUES (%d,'ufaq\_view\_count','1')", $post\_id ) ); }
112
113
die();
106
114
}
107
115
…
…
112
120
public function update\_rating() {
113
121
122
if ( !check\_ajax\_referer( 'ewd-ufaq-js', 'nonce' ) ) {
123
ewdUfaqHelper::bad\_nonce\_ajax();
124
}
125
114
126
$faq\_id = is\_numeric( $\_POST\['faq\_id'\] ) ? intval( $\_POST\['faq\_id'\] ) : 0;
115
$vote\_type = sanitize\_text\_field( $\_POST\['vote\_type'\] );
127
$vote\_type = sanitize\_text\_field( $\_POST\['vote\_type'\] );
116
128
117
if ( $vote\_type == 'up' ) {
129
if ( $vote\_type == 'up' ) {
118
130
119
$up\_votes = get\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', true );
120
update\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', $up\_votes + 1 );
131
$up\_votes = absint( get\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', false ) );
132
update\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', $up\_votes + 1 );
121
133
122
$total\_score = get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', true );
123
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score + 1 );
124
}
125
if ( $vote\_type == 'down' ) {
134
$total\_score = absint( get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', false ) );
135
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score + 1 );
136
}
126
137
127
$down\_votes = get\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', true );
128
update\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', $down\_votes + 1 );
138
if ( $vote\_type == 'down' ) {
129
139
130
$total\_score = get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', true );
131
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score - 1 );
132
}
140
$down\_votes = absint( get\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', false ) );
141
update\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', $down\_votes + 1 );
133
142
134
die();
143
$total\_score = absint( get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', false ) );
144
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score - 1 );
145
}
146
147
die();
135
148
}
136
149
…
…
141
154
public function update\_order() {
142
155
global $ewd\_ufaq\_controller;
156
157
if (
158
! check\_ajax\_referer( 'ewd-ufaq-admin-js', 'nonce' )
159
||
160
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
161
) {
162
ewdUfaqHelper::admin\_nopriv\_ajax();
163
}
143
164
144
165
if ( ! is\_array( $\_POST\['ewd-ufaq-item'\] ) or ! $ewd\_ufaq\_controller->permissions->check\_permission( 'ordering' ) ) { return; }
ultimate-faqs/tags/2.1.2/includes/CustomPostTypes.class.php
r2643489
r2648562
211
211
?>
212
212
213
<input type="hidden" name="ewd\_ufaq\_nonce" value="<?php echo $this->nonce; ?>">
213
<input type="hidden" name="ewd\_ufaq\_nonce" value="<?php echo esc\_attr($this->nonce); ?>">
214
214
215
215
<div class='ewd-ufaq-meta-field'>
ultimate-faqs/tags/2.1.2/includes/Dashboard.class.php
r2647563
r2648562
15
15
public function \_\_construct() {
16
16
add\_action( 'admin\_menu', array( $this, 'add\_dashboard\_to\_menu' ), 99 );
17
18
add\_action( 'wp\_ajax\_ewd\_ufaq\_hide\_upgrade\_box', array($this, 'hide\_upgrade\_box') );
19
add\_action( 'wp\_ajax\_ewd\_ufaq\_display\_upgrade\_box', array($this, 'display\_upgrade\_box') );
20
17
}
21
18
…
…
137
134
foreach ( $faqs as $faq ) { ?>
138
135
<tr>
139
<td><a href='post.php?post=<?php echo $faq->ID;?>&action=edit'><?php echo $faq->post\_title; ?></a></td>
140
<td><?php echo get\_post\_meta( $faq->ID, 'ufaq\_view\_count', true ); ?></td>
136
<td><a href='post.php?post=<?php echo esc\_attr( $faq->ID );?>&action=edit'><?php echo esc\_html( $faq->post\_title ); ?></a></td>
137
<td><?php echo esc\_html( get\_post\_meta( $faq->ID, 'ufaq\_view\_count', true ) ); ?></td>
141
138
<td><?php echo get\_the\_term\_list( $faq->ID, EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY ); ?></td>
142
139
</tr>
…
…
296
293
<?php }
297
294
298
public function display\_notice() {
299
if ( $this->status ) {
300
echo "<div class='updated'><p>" . $this->message . "</p></div>";
301
}
302
else {
303
echo "<div class='error'><p>" . $this->message . "</p></div>";
304
}
305
}
306
295
}
296
307
297
} // endif
ultimate-faqs/tags/2.1.2/includes/FAQ.class.php
r2643489
r2648562
194
194
195
195
// AUTHOR EMAIL
196
$this->faq\_author\_email = empty( $\_POST\['post\_author\_email'\] ) ? false : sanitize\_text\_field( $\_POST\['post\_author\_email'\] );
196
$this->faq\_author\_email = empty( $\_POST\['post\_author\_email'\] ) ? false : sanitize\_email( $\_POST\['post\_author\_email'\] );
197
197
198
198
// ANSWER
ultimate-faqs/tags/2.1.2/includes/InstallationWalkthrough.class.php
r2643489
r2648562
73
73
\*/
74
74
public function create\_category() {
75
global $ewd\_ufaq\_controller;
76
77
if (
78
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
79
||
80
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
81
) {
82
ewdUfaqHelper::admin\_nopriv\_ajax();
83
}
75
84
76
85
$category\_name = isset( $\_POST\['category\_name'\] ) ? sanitize\_text\_field( $\_POST\['category\_name'\] ) : '';
77
$category\_description = isset( $\_POST\['category\_description'\] ) ? sanitize\_textarea\_field( $\_POST\['category\_description'\] ) : '';
78
79
$category\_term\_id = wp\_insert\_term( $category\_name, EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY, array('description' => $category\_description) );
80
81
echo json\_encode ( array( 'category\_name' => $category\_name, 'category\_id' => $category\_term\_id\['term\_id'\] ) );
82
83
exit();
86
$category\_description = isset( $\_POST\['category\_description'\] ) ? sanitize\_textarea\_field( $\_POST\['category\_description'\] ) : '';
87
88
$category\_term\_id = wp\_insert\_term( $category\_name, EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY, array('description' => $category\_description) );
89
90
echo json\_encode ( array( 'category\_name' => $category\_name, 'category\_id' => $category\_term\_id\['term\_id'\] ) );
91
92
exit();
84
93
}
85
94
86
95
public function create\_faq() {
96
global $ewd\_ufaq\_controller;
97
98
if (
99
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
100
||
101
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
102
) {
103
ewdUfaqHelper::admin\_nopriv\_ajax();
104
}
87
105
88
106
$args = array(
89
'post\_title' => isset( $\_POST\['faq\_question'\] ) ? sanitize\_text\_field( $\_POST\['faq\_question'\] ) : '',
90
'post\_content' => isset( $\_POST\['faq\_answer'\] ) ? sanitize\_text\_field( $\_POST\['faq\_answer'\] ) : '',
91
'post\_status' => 'publish',
92
'post\_type' => EWD\_UFAQ\_FAQ\_POST\_TYPE
93
);
94
95
$faq\_post\_id = wp\_insert\_post( $args );
96
97
if ( isset( $\_POST\['faq\_category'\] ) and $\_POST\['faq\_category'\] ) {
98
99
wp\_set\_post\_terms( $faq\_post\_id, sanitize\_text\_field( $\_POST\['faq\_category'\] ), EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY );
100
}
101
102
exit();
107
'post\_title' => isset( $\_POST\['faq\_question'\] ) ? sanitize\_text\_field( $\_POST\['faq\_question'\] ) : '',
108
'post\_content' => isset( $\_POST\['faq\_answer'\] ) ? sanitize\_text\_field( $\_POST\['faq\_answer'\] ) : '',
109
'post\_status' => 'publish',
110
'post\_type' => EWD\_UFAQ\_FAQ\_POST\_TYPE
111
);
112
113
$faq\_post\_id = wp\_insert\_post( $args );
114
115
if ( isset( $\_POST\['faq\_category'\] ) and $\_POST\['faq\_category'\] ) {
116
117
wp\_set\_post\_terms(
118
$faq\_post\_id,
119
sanitize\_text\_field( $\_POST\['faq\_category'\] ),
120
EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY
121
);
122
}
123
124
exit();
103
125
}
104
126
…
…
108
130
\*/
109
131
public function add\_faqs\_page() {
132
global $ewd\_ufaq\_controller;
133
134
if (
135
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
136
||
137
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
138
) {
139
ewdUfaqHelper::admin\_nopriv\_ajax();
140
}
110
141
111
142
$args = array(
112
'post\_title' => isset($\_POST\['faq\_page\_title'\] ) ? sanitize\_text\_field( $\_POST\['faq\_page\_title'\] ) : '',
113
'post\_content' => '<!-- wp:paragraph --><p> \[ultimate-faqs\] </p><!-- /wp:paragraph -->',
114
'post\_status' => 'publish',
115
'post\_type' => 'page'
116
);
117
118
wp\_insert\_post( $args );
119
120
exit();
143
'post\_title' => isset($\_POST\['faq\_page\_title'\] ) ? sanitize\_text\_field( $\_POST\['faq\_page\_title'\] ) : '',
144
'post\_content' => '<!-- wp:paragraph --><p> \[ultimate-faqs\] </p><!-- /wp:paragraph -->',
145
'post\_status' => 'publish',
146
'post\_type' => 'page'
147
);
148
149
wp\_insert\_post( $args );
150
151
exit();
121
152
}
122
153
…
…
126
157
\*/
127
158
public function set\_options() {
159
global $ewd\_ufaq\_controller;
160
161
if (
162
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
163
||
164
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
165
) {
166
ewdUfaqHelper::admin\_nopriv\_ajax();
167
}
128
168
129
169
$ewd\_ufaq\_options = get\_option( 'ewd-ufaq-settings' );
130
170
131
if ( isset( $\_POST\['faq\_accordion'\] ) ) { $ewd\_ufaq\_options\['faq-accordion'\] = intval( $\_POST\['faq\_accordion'\] ); }
132
if ( isset( $\_POST\['disable\_faq\_toggle'\] ) ) { $ewd\_ufaq\_options\['disable-faq-toggle'\] = intval( $\_POST\['disable\_faq\_toggle'\] ); }
133
if ( isset( $\_POST\['group\_by\_category'\] ) ) { $ewd\_ufaq\_options\['group-by-category'\] = intval( $\_POST\['group\_by\_category'\] ); }
134
if ( isset( $\_POST\['order\_by\_setting'\] ) ) { $ewd\_ufaq\_options\['faq-order-by'\] = sanitize\_text\_field( $\_POST\['order\_by\_setting'\] ); }
171
if ( isset( $\_POST\['faq\_accordion'\] ) ) {
172
$ewd\_ufaq\_options\['faq-accordion'\] = intval( $\_POST\['faq\_accordion'\] );
173
}
174
if ( isset( $\_POST\['disable\_faq\_toggle'\] ) ) {
175
$ewd\_ufaq\_options\['disable-faq-toggle'\] = intval( $\_POST\['disable\_faq\_toggle'\] );
176
}
177
if ( isset( $\_POST\['group\_by\_category'\] ) ) {
178
$ewd\_ufaq\_options\['group-by-category'\] = intval( $\_POST\['group\_by\_category'\] );
179
}
180
if ( isset( $\_POST\['order\_by\_setting'\] ) ) {
181
$ewd\_ufaq\_options\['faq-order-by'\] = sanitize\_text\_field( $\_POST\['order\_by\_setting'\] );
182
}
135
183
136
184
update\_option( 'ewd-ufaq-settings', $ewd\_ufaq\_options );
137
138
exit();
185
186
exit();
139
187
}
140
188
…
…
155
203
wp\_enqueue\_script( 'ewd-ufaq-admin-settings-js', EWD\_UFAQ\_PLUGIN\_URL . '/lib/simple-admin-pages/js/admin-settings.js', array( 'jquery' ), EWD\_UFAQ\_VERSION );
156
204
wp\_enqueue\_script( 'ewd-ufaq-admin-spectrum-js', EWD\_UFAQ\_PLUGIN\_URL . '/lib/simple-admin-pages/js/spectrum.js', array( 'jquery' ), EWD\_UFAQ\_VERSION );
205
206
wp\_localize\_script(
207
'ewd-ufaq-getting-started',
208
'ewd\_ufaq\_getting\_started',
209
array(
210
'nonce' => wp\_create\_nonce( 'ewd-ufaq-getting-started' )
211
)
212
);
157
213
}
158
214
ultimate-faqs/tags/2.1.2/includes/OrderingTable.class.php
r2643489
r2648562
86
86
<?php $faq\_tags = get\_the\_term\_list($faq->ID, 'ufaq-tag', '', ', ', ''); ?>
87
87
88
<tr id='ewd-ufaq-item-<?php echo $faq->ID; ?>' class='ewd-ufaq-item'>
88
<tr id='ewd-ufaq-item-<?php echo esc\_attr( $faq->ID ); ?>' class='ewd-ufaq-item'>
89
89
<td class='ewd-ufaq-title'><?php echo esc\_html( $faq->post\_title ); ?></td>
90
90
<td class='ewd-ufaq-title'><?php echo esc\_html( $faq\_views ); ?></td>
ultimate-faqs/tags/2.1.2/includes/ReviewAsk.class.php
r2643489
r2648562
74
74
wp\_enqueue\_style( 'ewd-ufaq-review-ask-css', EWD\_UFAQ\_PLUGIN\_URL . '/assets/css/dashboard-review-ask.css' );
75
75
wp\_enqueue\_script( 'ewd-ufaq-review-ask-js', EWD\_UFAQ\_PLUGIN\_URL . '/assets/js/dashboard-review-ask.js', array( 'jquery' ), EWD\_UFAQ\_VERSION, true );
76
77
wp\_localize\_script(
78
'ewd-ufaq-review-ask-js',
79
'ewd\_ufaq\_review\_ask',
80
array(
81
'nonce' => wp\_create\_nonce( 'ewd-ufaq-review-ask-js' )
82
)
83
);
76
84
}
77
85
78
86
public function hide\_review\_ask() {
87
global $ewd\_ufaq\_controller;
88
89
if (
90
! check\_ajax\_referer( 'ewd-ufaq-review-ask-js', 'nonce' )
91
||
92
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
93
) {
94
ewdUfaqHelper::admin\_nopriv\_ajax();
95
}
79
96
80
97
$ask\_review\_time = sanitize\_text\_field($\_POST\['ask\_review\_time'\]);
81
98
82
if ( get\_option( 'ewd-ufaq-review-ask-time' ) < time() + 3600\*24 \* $ask\_review\_time ) {
83
update\_option( 'ewd-ufaq-review-ask-time', time() + 3600\*24 \* $ask\_review\_time );
84
}
99
if ( get\_option( 'ewd-ufaq-review-ask-time' ) < time() + 3600\*24 \* $ask\_review\_time ) {
100
update\_option( 'ewd-ufaq-review-ask-time', time() + 3600\*24 \* $ask\_review\_time );
101
}
85
102
86
die();
103
die();
87
104
}
88
105
89
106
public function send\_feedback() {
107
global $ewd\_ufaq\_controller;
108
109
if (
110
! check\_ajax\_referer( 'ewd-ufaq-review-ask-js', 'nonce' )
111
||
112
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
113
) {
114
ewdUfaqHelper::admin\_nopriv\_ajax();
115
}
116
90
117
$headers = 'Content-type: text/html;charset=utf-8' . "\\r\\n";
91
$feedback = sanitize\_text\_field($\_POST\['feedback'\]);
92
$feedback .= '<br /><br />Email Address: ';
93
$feedback .= sanitize\_text\_field($\_POST\['email\_address'\]);
118
$feedback = sanitize\_text\_field( $\_POST\['feedback'\] );
119
$feedback .= '<br /><br />Email Address: ';
120
$feedback .= sanitize\_email( $\_POST\['email\_address'\] );
94
121
95
wp\_mail('[email protected]', 'UFAQ Feedback - Dashboard Form', $feedback, $headers);
122
wp\_mail('[email protected]', 'UFAQ Feedback - Dashboard Form', $feedback, $headers);
96
123
97
die();
124
die();
98
125
}
99
126
}
ultimate-faqs/tags/2.1.2/includes/Widgets.class.php
r2643489
r2648562
61
61
public function widget( $args, $instance ) {
62
62
63
echo $args\['before\_widget'\];
64
if ( $instance\['faq\_title'\] != '' ) { echo ( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' ); }
63
echo esc\_html( $args\['before\_widget'\] );
64
if ( $instance\['faq\_title'\] != '' ) {
65
echo ( $args\['before\_title'\] != '' ? esc\_html( $args\['before\_title'\] ) : '<h3>' ) . esc\_html( $instance\['faq\_title'\] ) . ( $args\['after\_title'\] != '' ? esc\_html( $args\['after\_title'\] ) : '</h3>' );
66
}
65
67
echo do\_shortcode( "\[select-faq faq\_id='". $instance\['faq\_id'\] . "' no\_comments='Yes'\]" );
66
echo $args\['after\_widget'\];
68
echo esc\_html( $args\['after\_widget'\] );
67
69
}
68
70
…
…
80
82
81
83
<p>
82
<label for="<?php echo $this->get\_field\_id( 'faq\_id' ); ?>"><?php \_e( 'FAQ ID List:', 'ultimate-faqs' ); ?></label>
83
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_id' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_id' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_id ); ?>">
84
</p>
85
<p>
86
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
87
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
84
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_id' ) ); ?>">
85
<?php \_e( 'FAQ ID List:', 'ultimate-faqs' ); ?>
86
</label>
87
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_id' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_id' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_id ); ?>">
88
</p>
89
<p>
90
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
91
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
88
92
</p>
89
93
…
…
129
133
public function widget( $args, $instance ) {
130
134
131
echo $args\['before\_widget'\];
132
if ( $instance\['faq\_title'\] != '' ) { echo ( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' ); }
135
echo esc\_html( $args\['before\_widget'\] );
136
if ( $instance\['faq\_title'\] != '' ) {
137
echo esc\_html(
138
( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' )
139
);
140
}
133
141
echo do\_shortcode( "\[recent-faqs post\_count='". $instance\['post\_count'\] . "' no\_comments='Yes'\]" );
134
echo $args\['after\_widget'\];
142
echo esc\_html( $args\['after\_widget'\] );
135
143
}
136
144
…
…
148
156
149
157
<p>
150
<label for="<?php echo $this->get\_field\_id( 'post\_count' ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
151
<input class="widefat" id="<?php echo $this->get\_field\_id( 'post\_count' ); ?>" name="<?php echo $this->get\_field\_name( 'post\_count' ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
152
</p>
153
<p>
154
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
155
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
158
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
159
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'post\_count' ) ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
160
</p>
161
<p>
162
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
163
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
156
164
</p>
157
165
…
…
197
205
public function widget( $args, $instance ) {
198
206
199
echo $args\['before\_widget'\];
200
if ( $instance\['faq\_title'\] != '' ) { echo ( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' ); }
207
echo esc\_html( $args\['before\_widget'\] );
208
if ( $instance\['faq\_title'\] != '' ) {
209
echo esc\_html(
210
( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' )
211
);
212
}
201
213
echo do\_shortcode( "\[popular-faqs post\_count='". $instance\['post\_count'\] . "' no\_comments='Yes'\]" );
202
echo $args\['after\_widget'\];
214
echo esc\_html( $args\['after\_widget'\] );
203
215
}
204
216
…
…
216
228
217
229
<p>
218
<label for="<?php echo $this->get\_field\_id( 'post\_count' ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
219
<input class="widefat" id="<?php echo $this->get\_field\_id( 'post\_count' ); ?>" name="<?php echo $this->get\_field\_name( 'post\_count' ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
220
</p>
221
<p>
222
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
223
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
230
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
231
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'post\_count' ) ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
232
</p>
233
<p>
234
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
235
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
224
236
</p>
225
237
…
…
274
286
$faq = reset( $faqs );
275
287
276
echo $args\['before\_widget'\];
277
if ($instance\['faq\_title'\] != "") {echo ($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>");}
288
echo esc\_html( $args\['before\_widget'\] );
289
if ($instance\['faq\_title'\] != "") {
290
echo esc\_html(
291
($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>")
292
);
293
}
278
294
echo do\_shortcode( "\[select-faq faq\_id='". $faq->ID . "' no\_comments='Yes'\]" );
279
echo $args\['after\_widget'\];
295
echo esc\_html( $args\['after\_widget'\] );
280
296
}
281
297
…
…
292
308
293
309
<p>
294
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
295
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
310
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
311
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
296
312
</p>
297
313
…
…
336
352
public function widget( $args, $instance ) {
337
353
338
echo $args\['before\_widget'\];
339
if ($instance\['faq\_title'\] != "") {echo ($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>");}
354
echo esc\_html( $args\['before\_widget'\] );
355
if ($instance\['faq\_title'\] != "") {
356
echo esc\_html(
357
($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>")
358
);
359
}
340
360
echo do\_shortcode( "\[ultimate-faqs include\_category='". $instance\['include\_category'\] . "' no\_comments='Yes'\]" );
341
echo $args\['after\_widget'\];
361
echo esc\_html( $args\['after\_widget'\] );
342
362
}
343
363
…
…
355
375
356
376
<p>
357
<label for="<?php echo $this->get\_field\_id( 'include\_category' ); ?>"><?php \_e( 'FAQ Category List:', 'ultimate-faqs' ); ?></label>
358
<input class="widefat" id="<?php echo $this->get\_field\_id( 'include\_category' ); ?>" name="<?php echo $this->get\_field\_name( 'include\_category' ); ?>" type="text" value="<?php echo esc\_attr( $include\_category ); ?>">
359
</p>
360
<p>
361
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
362
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
377
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'include\_category' ) ); ?>"><?php \_e( 'FAQ Category List:', 'ultimate-faqs' ); ?></label>
378
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'include\_category' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'include\_category' ) ); ?>" type="text" value="<?php echo esc\_attr( $include\_category ); ?>">
379
</p>
380
<p>
381
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
382
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
363
383
</p>
364
384
ultimate-faqs/tags/2.1.2/includes/WooCommerce.class.php
r2643489
r2648562
77
77
78
78
wp\_enqueue\_script( 'ewd-ufaq-wc-admin-js', EWD\_UFAQ\_PLUGIN\_URL . '/assets/js/ewd-ufaq-wc-admin.js', array( 'jquery' ), EWD\_UFAQ\_VERSION );
79
80
wp\_localize\_script(
81
'ewd-ufaq-wc-admin-js',
82
'ewd\_ufaq\_wc\_admin',
83
array(
84
'nonce' => wp\_create\_nonce( 'ewd-ufaq-wc-admin-js' )
85
)
86
);
79
87
}
80
88
…
…
156
164
<select class='ewd-ufaq-category-filter' name='ewd-ufaq-category-filter'>
157
165
<option value=''><?php \_e('All Categories', 'ultimate-faqs' ); ?></option>
158
<?php foreach ( $categories as $category ) { ?> <option value='<?php echo $category->term\_id; ?>'><?php echo esc\_html( $category->name ); ?></option><?php } ?>
166
<?php foreach ( $categories as $category ) { ?> <option value='<?php echo esc\_attr( $category->term\_id ); ?>'><?php echo esc\_html( $category->name ); ?></option><?php } ?>
159
167
</select>
160
168
…
…
168
176
<?php foreach ( $all\_faqs as $faq ) { ?>
169
177
170
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo $faq->ID; ?>'>
171
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo $faq->ID; ?>'/></td>
178
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo esc\_attr( $faq->ID ); ?>'>
179
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo esc\_attr( $faq->ID ); ?>'/></td>
172
180
<td><?php echo esc\_html( $faq->post\_title ); ?></td>
173
181
</tr>
…
…
196
204
197
205
<?php $faq = get\_post( $faq\_id ); ?>
198
<tr class='ewd-ufaq-faq-row ewd-ufaq-delete-faq-row' data-faqid='<?php echo $faq\_id; ?>'>
199
<td><input type='checkbox' class='ewd-ufaq-delete-faq' name='Delete\_FAQs\[\]' value='<?php echo $faq\_id; ?>'/></td>
206
<tr class='ewd-ufaq-faq-row ewd-ufaq-delete-faq-row' data-faqid='<?php echo esc\_attr( $faq\_id ); ?>'>
207
<td><input type='checkbox' class='ewd-ufaq-delete-faq' name='Delete\_FAQs\[\]' value='<?php echo esc\_attr( $faq\_id ); ?>'/></td>
200
208
<td><?php echo esc\_html( $faq->post\_title ); ?></td>
201
209
</tr>
…
…
215
223
216
224
public function add\_wc\_faqs() {
217
218
$post\_id = intval( $\_POST\['Post\_ID'\] );
225
global $ewd\_ufaq\_controller;
226
227
if (
228
! check\_ajax\_referer( 'ewd-ufaq-wc-admin-js', 'nonce' )
229
||
230
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
231
) {
232
ewdUfaqHelper::admin\_nopriv\_ajax();
233
}
234
235
$post\_id = intval( $\_POST\['Post\_ID'\] );
219
236
220
237
$current\_faqs = (array) get\_post\_meta( $post\_id, 'EWD\_UFAQ\_WC\_Selected\_FAQs', true );
221
238
222
$faqs = json\_decode( stripslashes\_deep( $\_POST\['FAQs'\] ) );
239
$faqs = array\_map('intval', json\_decode( stripslashes\_deep( $\_POST\['FAQs'\] ) ) );
223
240
if ( ! is\_array( $faqs ) ) { $faqs = array(); }
224
241
…
…
242
259
243
260
public function delete\_wc\_faqs() {
261
global $ewd\_ufaq\_controller;
262
263
if (
264
! check\_ajax\_referer( 'ewd-ufaq-wc-admin-js', 'nonce' )
265
||
266
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
267
) {
268
ewdUfaqHelper::admin\_nopriv\_ajax();
269
}
244
270
245
271
$post\_id = intval( $\_POST\['Post\_ID'\] );
…
…
258
284
259
285
public function wc\_faq\_category() {
286
global $ewd\_ufaq\_controller;
287
288
if (
289
! check\_ajax\_referer( 'ewd-ufaq-wc-admin-js', 'nonce' )
290
||
291
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
292
) {
293
ewdUfaqHelper::admin\_nopriv\_ajax();
294
}
260
295
261
296
$cat\_id = intval( $\_POST\['Cat\_ID'\] );
…
…
289
324
<?php foreach ( $all\_faqs as $faq ) { ?>
290
325
291
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo $faq->ID; ?>'>
292
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo $faq->ID; ?>'/></td>
326
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo esc\_attr( $faq->ID ); ?>'>
327
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo esc\_attr( $faq->ID ); ?>'/></td>
293
328
<td><?php echo esc\_html( $faq->post\_title ); ?></td>
294
329
</tr>
ultimate-faqs/tags/2.1.2/includes/template-functions.php
r2643489
r2648562
373
373
374
374
if ( count( $classes ) ) {
375
return ' class="' . join( ' ', $classes ) . '"';
375
return ' class="' . esc\_attr( join( ' ', $classes ) ) . '"';
376
376
}
377
377
}
ultimate-faqs/tags/2.1.2/readme.txt
r2647964
r2648562
267
267
\== Changelog ==
268
268
269
\= 2.1.2 (2021-12-23) =
270
\- Updating nonce and capability checks for AJAX calls.
271
\- Updating sanitization and escaping.
272
269
273
\= 2.1.1 (2021-12-22) =
270
274
\- Fixed an issue in which the defaults were not being correctly set for a few options.
ultimate-faqs/tags/2.1.2/ultimate-faqs.php
r2647964
r2648562
7
7
Terms and Conditions: https://www.etoilewebdesign.com/plugin-terms-and-conditions/
8
8
Text Domain: ultimate-faqs
9
Version: 2.1.1
9
Version: 2.1.2
10
10
WC requires at least: 3.0
11
11
WC tested up to: 6.0
…
…
44
44
define( 'EWD\_UFAQ\_PLUGIN\_FNAME', plugin\_basename( \_\_FILE\_\_ ) );
45
45
define( 'EWD\_UFAQ\_TEMPLATE\_DIR', 'ewd-ufaq-templates' );
46
define( 'EWD\_UFAQ\_VERSION', '2.1.1' );
46
define( 'EWD\_UFAQ\_VERSION', '2.1.2' );
47
47
48
48
define( 'EWD\_UFAQ\_FAQ\_POST\_TYPE', 'ufaq' );
…
…
290
290
291
291
$screen\_ids = array(
292
'ufaq',
292
293
'ufaq\_page\_ewd-ufaq-dashboard',
293
294
'edit-ufaq',
…
…
308
309
309
310
$args = array(
311
'nonce' => wp\_create\_nonce( 'ewd-ufaq-admin-js' ),
310
312
'ordering' => $this->permissions->check\_permission( 'ordering' )
311
313
);
…
…
529
531
530
532
public function hide\_helper\_notice() {
533
global $ewd\_ufaq\_controller;
531
534
532
535
// Authenticate request
…
…
534
537
! check\_ajax\_referer( 'ewd-ufaq-helper-notice', 'nonce' )
535
538
||
536
! current\_user\_can( 'manage\_options' )
539
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
537
540
) {
538
wp\_send\_json\_error(
539
array(
540
'error' => 'loggedout',
541
'msg' => sprintf( \_\_( 'You have been logged out. Please %slogin again%s.', 'ultimate-faqs' ), '<a href="' . wp\_login\_url( admin\_url( 'admin.php?page=ewd-ufaq-dashboard' ) ) . '">', '</a>' ),
542
)
543
);
541
ewdUfaqHelper::admin\_nopriv\_ajax();
542
544
543
}
545
544
…
…
549
548
}
550
549
551
public function admin\_menu\_optional( $menu\_list )
552
{
550
public function admin\_menu\_optional( $menu\_list ) {
553
551
global $ewd\_ufaq\_controller;
554
552
ultimate-faqs/tags/2.1.2/views/View.FAQs.class.php
r2643489
r2648562
524
524
wp\_enqueue\_style( 'ewd-ufaq-jquery-ui' );
525
525
526
$handle = 'ewd-ufaq-js';
526
527
$args = array(
527
'faq\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-accordion' ),
528
'category\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-category-accordion' ),
529
'faq\_scroll' => $ewd\_ufaq\_controller->settings->get\_setting( 'scroll-to-top' ),
530
'reveal\_effect' => $ewd\_ufaq\_controller->settings->get\_setting( 'reveal-effect' ),
531
'retrieving\_results' => $ewd\_ufaq\_controller->settings->get\_setting( 'label-retrieving-results' ),
532
'highlight\_search\_term' => $ewd\_ufaq\_controller->settings->get\_setting( 'highlight-search-term' ),
533
'autocomplete\_question' => $ewd\_ufaq\_controller->settings->get\_setting( 'auto-complete-titles' ),
534
'question\_titles' => $this->get\_faq\_titles(),
535
'display\_faq' => 0,
528
'faq\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-accordion' ),
529
'category\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-category-accordion' ),
530
'faq\_scroll' => $ewd\_ufaq\_controller->settings->get\_setting( 'scroll-to-top' ),
531
'reveal\_effect' => $ewd\_ufaq\_controller->settings->get\_setting( 'reveal-effect' ),
532
'retrieving\_results' => $ewd\_ufaq\_controller->settings->get\_setting( 'label-retrieving-results' ),
533
'highlight\_search\_term' => $ewd\_ufaq\_controller->settings->get\_setting( 'highlight-search-term' ),
534
'autocomplete\_question' => $ewd\_ufaq\_controller->settings->get\_setting( 'auto-complete-titles' ),
535
'question\_titles' => $this->get\_faq\_titles(),
536
'display\_faq' => 0,
537
'nonce' => wp\_create\_nonce( $handle ),
536
538
);
537
539
…
…
542
544
}
543
545
elseif ( isset( $\_GET\['Display\_FAQ'\] ) ) {
544
545
546
$args\['display\_faq'\] = intval( $\_GET\['Display\_FAQ'\] );
546
547
}
547
548
548
$handle = 'ewd-ufaq-js';
549
549
// Fetch any existing script data
550
550
$prev\_question\_titles = $wp\_scripts->get\_data( $handle, 'question\_titles' );
…
…
556
556
557
557
$wp\_scripts->add\_data( $handle, 'question\_titles', $args\['question\_titles'\] );
558
wp\_localize\_script( $handle, 'ewd\_ufaq\_php\_data', $args );
559
560
wp\_enqueue\_script( 'ewd-ufaq-js' );
558
wp\_localize\_script(
559
$handle,
560
'ewd\_ufaq\_php\_data',
561
apply\_filters( 'ewd\_ufaq\_js\_localize\_data', $args )
562
);
563
564
wp\_enqueue\_script( $handle );
561
565
562
566
wp\_enqueue\_script( 'jquery-ui-core' );
ultimate-faqs/trunk/assets/js/dashboard-review-ask.js
r2643489
r2648562
3
3
4
4
jQuery(document).on( 'click', '.ewd-ufaq-main-dashboard-review-ask .notice-dismiss', function( event ) {
5
var data = 'ask\_review\_time=7&action=ewd\_ufaq\_hide\_review\_ask';
5
var params = {};
6
7
params.nonce = ewd\_ufaq\_review\_ask.nonce;
8
params.action = 'ewd\_ufaq\_hide\_review\_ask';
9
params.ask\_review\_time = 7;
10
11
var data = jQuery.param( params );
12
6
13
jQuery.post( ajaxurl, data, function() {} );
7
14
});
…
…
17
24
jQuery( '.ewd-ufaq-review-ask-yes' ).addClass( 'ewd-ufaq-hidden' );
18
25
19
var data = 'ask\_review\_time=7&action=ewd\_ufaq\_hide\_review\_ask';
20
jQuery.post( ajaxurl, data, function() {} );
26
var params = {};
27
28
params.nonce = ewd\_ufaq\_review\_ask.nonce;
29
params.action = 'ewd\_ufaq\_hide\_review\_ask';
30
params.ask\_review\_time = 7;
31
32
var data = jQuery.param( params );
33
jQuery.post( ajaxurl, data, function() {} );
21
34
});
22
35
…
…
28
41
jQuery( '.ewd-ufaq-review-ask-actions' ).addClass( 'ewd-ufaq-hidden' );
29
42
30
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
31
jQuery.post( ajaxurl, data, function() {} );
43
var params = {};
44
45
params.nonce = ewd\_ufaq\_review\_ask.nonce;
46
params.action = 'ewd\_ufaq\_hide\_review\_ask';
47
params.ask\_review\_time = 1000;
48
49
var data = jQuery.param( params );
50
jQuery.post( ajaxurl, data, function() {} );
32
51
});
33
52
34
53
jQuery( '.ewd-ufaq-review-ask-no-thanks' ).on( 'click', function() {
35
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
36
jQuery.post( ajaxurl, data, function() {} );
54
var params = {};
37
55
38
jQuery( '.ewd-ufaq-main-dashboard-review-ask' ).css( 'display', 'none' );
56
params.nonce = ewd\_ufaq\_review\_ask.nonce;
57
params.action = 'ewd\_ufaq\_hide\_review\_ask';
58
params.ask\_review\_time = 1000;
59
60
var data = jQuery.param( params );
61
jQuery.post( ajaxurl, data, function() {} );
62
63
jQuery( '.ewd-ufaq-main-dashboard-review-ask' ).css( 'display', 'none' );
39
64
});
40
65
…
…
43
68
jQuery( '.ewd-ufaq-review-ask-thank-you-text' ).removeClass( 'ewd-ufaq-hidden' );
44
69
45
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
46
jQuery.post( ajaxurl, data, function() {} );
70
var params = {};
71
72
params.nonce = ewd\_ufaq\_review\_ask.nonce;
73
params.action = 'ewd\_ufaq\_hide\_review\_ask';
74
params.ask\_review\_time = 1000;
75
76
var data = jQuery.param( params );
77
jQuery.post( ajaxurl, data, function() {} );
47
78
});
48
79
…
…
50
81
var feedback = jQuery( '.ewd-ufaq-review-ask-feedback-explanation textarea' ).val();
51
82
var email\_address = jQuery( '.ewd-ufaq-review-ask-feedback-explanation input\[name="feedback\_email\_address"\]' ).val();
52
var data = 'feedback=' + feedback + '&email\_address=' + email\_address + '&action=ewd\_ufaq\_send\_feedback';
53
jQuery.post( ajaxurl, data, function() {} );
83
84
var params = {};
54
85
55
var data = 'ask\_review\_time=1000&action=ewd\_ufaq\_hide\_review\_ask';
56
jQuery.post( ajaxurl, data, function() {} );
86
params.nonce = ewd\_ufaq\_review\_ask.nonce;
87
params.action = 'ewd\_ufaq\_send\_feedback';
88
params.feedback = feedback;
89
params.email\_address = email\_address;
57
90
58
jQuery( '.ewd-ufaq-review-ask-feedback-form' ).addClass( 'ewd-ufaq-hidden' );
59
jQuery( '.ewd-ufaq-review-ask-review-text' ).addClass( 'ewd-ufaq-hidden' );
60
jQuery( '.ewd-ufaq-review-ask-thank-you-text' ).removeClass( 'ewd-ufaq-hidden' );
91
var data = jQuery.param( params );
92
jQuery.post( ajaxurl, data, function() {} );
93
94
var params = {};
95
96
params.nonce = ewd\_ufaq\_review\_ask.nonce;
97
params.action = 'ewd\_ufaq\_hide\_review\_ask';
98
params.ask\_review\_time = 1000;
99
100
var data = jQuery.param( params );
101
jQuery.post( ajaxurl, data, function() {} );
102
103
jQuery( '.ewd-ufaq-review-ask-feedback-form' ).addClass( 'ewd-ufaq-hidden' );
104
jQuery( '.ewd-ufaq-review-ask-review-text' ).addClass( 'ewd-ufaq-hidden' );
105
jQuery( '.ewd-ufaq-review-ask-thank-you-text' ).removeClass( 'ewd-ufaq-hidden' );
61
106
});
62
107
});
ultimate-faqs/trunk/assets/js/ewd-ufaq-admin.js
r2647563
r2648562
39
39
axis: 'y',
40
40
update: function() {
41
var order = jQuery( this ).sortable( 'serialize' ) + '&action=ewd\_ufaq\_update\_order';
41
var order = jQuery( this ).sortable( 'serialize' )
42
+ '&action=ewd\_ufaq\_update\_order'
43
+ '&nonce='+ewd\_ufaq\_php\_data.nonce;
42
44
jQuery.post( ajaxurl, order, function( response ) {} );
43
45
}
ultimate-faqs/trunk/assets/js/ewd-ufaq-wc-admin.js
r2643489
r2648562
9
9
});
10
10
11
var data = 'FAQs=' + JSON.stringify(FAQs) + '&Post\_ID=' + Post\_ID + '&action=ewd\_ufaq\_add\_wc\_faqs';
11
var params = {};
12
13
params.nonce = ewd\_ufaq\_wc\_admin.nonce;
14
params.FAQs = JSON.stringify(FAQs);
15
params.Post\_ID = Post\_ID;
16
params.action = 'ewd\_ufaq\_add\_wc\_faqs';
17
18
var data = jQuery.param( params );
19
12
20
jQuery.post(ajaxurl, data, function(response) {
13
21
var Add\_FAQs = jQuery.parseJSON(response);
…
…
35
43
});
36
44
37
var data = 'FAQs=' + JSON.stringify(FAQs) + '&Post\_ID=' + Post\_ID + '&action=ewd\_ufaq\_delete\_wc\_faqs';
45
var params = {};
46
47
params.nonce = ewd\_ufaq\_wc\_admin.nonce;
48
params.FAQs = JSON.stringify(FAQs);
49
params.Post\_ID = Post\_ID;
50
params.action = 'ewd\_ufaq\_delete\_wc\_faqs';
51
52
var data = jQuery.param( params );
38
53
jQuery.post(ajaxurl, data, function(response) {});
39
54
…
…
50
65
var Cat\_ID = jQuery(this).val();
51
66
52
var data = 'Cat\_ID=' + Cat\_ID + '&action=ewd\_ufaq\_wc\_faq\_category';
67
var params = {};
68
69
params.nonce = ewd\_ufaq\_wc\_admin.nonce;
70
params.Cat\_ID = Cat\_ID;
71
params.action = 'ewd\_ufaq\_wc\_faq\_category';
72
73
var data = jQuery.param( params );
53
74
jQuery.post(ajaxurl, data, function(response) {
54
75
jQuery('.ewd-ufaq-faq-add-table').remove();
ultimate-faqs/trunk/assets/js/ewd-ufaq-welcome-screen.js
r2643489
r2648562
25
25
jQuery('.ewd-ufaq-welcome-screen-add-category-description textarea').val('');
26
26
27
var data = 'category\_name=' + category\_name + '&category\_description=' + category\_description + '&action=ewd\_ufaq\_welcome\_add\_category';
27
var params = {};
28
29
params.nonce = ewd\_ufaq\_getting\_started.nonce;
30
params.action = 'ewd\_ufaq\_welcome\_add\_category';
31
params.category\_name = category\_name;
32
params.category\_description = category\_description;
33
34
var data = jQuery.param( params );
28
35
jQuery.post(ajaxurl, data, function(response) {
29
36
var HTML = '<tr class="ewd-ufaq-welcome-screen-category">';
…
…
44
51
EWD\_UFAQ\_Toggle\_Welcome\_Page('options');
45
52
46
var data = 'faq\_page\_title=' + faq\_page\_title + '&action=ewd\_ufaq\_welcome\_add\_faq\_page';
53
var params = {};
54
55
params.nonce = ewd\_ufaq\_getting\_started.nonce;
56
params.faq\_page\_title = faq\_page\_title;
57
params.action = 'ewd\_ufaq\_welcome\_add\_faq\_page';
58
59
var data = jQuery.param( params );
47
60
jQuery.post(ajaxurl, data, function(response) {});
48
61
});
…
…
54
67
var order\_by\_setting = jQuery('select\[name="order\_by\_setting"\]').val();
55
68
56
var data = 'faq\_accordion=' + faq\_accordion + '&faq\_toggle=' + faq\_toggle + '&group\_by\_category=' + group\_by\_category + '&order\_by\_setting=' + order\_by\_setting + '&action=ewd\_ufaq\_welcome\_set\_options';
69
var params = {};
70
71
params.nonce = ewd\_ufaq\_getting\_started.nonce;
72
params.action = 'ewd\_ufaq\_welcome\_set\_options';
73
params.faq\_accordion = faq\_accordion;
74
params.faq\_toggle = faq\_toggle;
75
params.group\_by\_category = group\_by\_category;
76
params.order\_by\_setting = order\_by\_setting;
77
78
var data = jQuery.param( params );
79
57
80
jQuery.post(ajaxurl, data, function(response) {
58
81
jQuery('.ewd-ufaq-welcome-screen-save-options-button').after('<div class="ewd-ufaq-save-message"><div class="ewd-ufaq-save-message-inside">Options have been saved.</div></div>');
…
…
74
97
jQuery('.ewd-ufaq-welcome-screen-add-faq-category select').val('');
75
98
76
var data = 'faq\_question=' + faq\_question + '&faq\_answer=' + faq\_answer + '&faq\_category=' + faq\_category + '&action=ewd\_ufaq\_welcome\_add\_faq';
99
var params = {};
100
101
params.nonce = ewd\_ufaq\_getting\_started.nonce;
102
params.action = 'ewd\_ufaq\_welcome\_add\_faq';
103
params.faq\_question = faq\_question;
104
params.faq\_answer = faq\_answer;
105
params.faq\_category = faq\_category;
106
107
var data = jQuery.param( params );
77
108
jQuery.post(ajaxurl, data, function(response) {
78
109
var HTML = '<tr class="ewd-ufaq-welcome-screen-faq">';
ultimate-faqs/trunk/assets/js/ewd-ufaq.js
r2643489
r2648562
124
124
var post\_id = faq\_element.data( 'post\_id' );
125
125
126
var data = 'post\_id=' + post\_id + '&action=ewd\_ufaq\_record\_view';
126
var params = {};
127
128
params.nonce = ewd\_ufaq\_php\_data.nonce;
129
params.post\_id = post\_id;
130
params.action = 'ewd\_ufaq\_record\_view';
131
132
var data = jQuery.param( params );
127
133
jQuery.post(ajaxurl, data, function(response) {});
128
134
…
…
240
246
if (show\_on\_load == 'No' && Question.length == 0) {jQuery('#ewd-ufaq-ajax-results').html(''); return;}
241
247
242
var data = 'search\_string=' + search\_string + '&include\_category=' + include\_cat + '&exclude\_category=' + exclude\_cat + '&orderby=' + orderby + '&order=' + order + '&post\_count=' + post\_count + '&request\_count=' + request\_count + '¤t\_url=' + current\_url + '&faqs\_only=' + faqs\_only + '&faq\_page=' + faq\_page + '&action=ewd\_ufaq\_search';
248
var params = {};
249
250
params.search\_string = search\_string;
251
params.include\_category = include\_cat;
252
params.exclude\_category = exclude\_cat;
253
params.orderby = orderby;
254
params.order = order;
255
params.post\_count = post\_count;
256
params.request\_count = request\_count;
257
params.current\_url = current\_url;
258
params.faqs\_only = faqs\_only;
259
params.faq\_page = faq\_page;
260
params.action = 'ewd\_ufaq\_search';
261
params.nonce = ewd\_ufaq\_php\_data.nonce;
262
263
var data = jQuery.param( params );
264
243
265
jQuery.post( ajaxurl, data, function( response ) {
244
266
…
…
278
300
else { vote\_type = 'down'; }
279
301
280
var data = 'faq\_id=' + faq\_id + '&vote\_type=' + vote\_type + '&action=ewd\_ufaq\_update\_rating';
281
282
jQuery.post( ajaxurl, data );
302
var params = {};
303
304
params.action = 'ewd\_ufaq\_update\_rating'
305
params.nonce = ewd\_ufaq\_php\_data.nonce;
306
params.faq\_id = faq\_id;
307
params.vote\_type = vote\_type;
308
309
var data = jQuery.param( params );
310
jQuery.post( ajaxurl, data );
283
311
});
284
312
}
ultimate-faqs/trunk/ewd-ufaq-templates/faq-answer.php
r2643489
r2648562
1
1
<div class='ewd-ufaq-post-margin ewd-ufaq-faq-post'>
2
<?php echo $this->faq\_answer; ?>
2
<?php echo wp\_kses\_post( $this->faq\_answer ); ?>
3
3
</div>
ultimate-faqs/trunk/ewd-ufaq-templates/faq-author.php
r2643489
r2648562
2
2
3
3
<span class='ewd-ufaq-author'>
4
<?php echo $this->faq\_author; ?>
4
<?php echo esc\_html( $this->faq\_author ); ?>
5
5
</span>
ultimate-faqs/trunk/ewd-ufaq-templates/faq-custom-fields.php
r2643489
r2648562
8
8
9
9
<div class='ewd-ufaq-custom-field-label'>
10
<?php echo esc\_html( $custom\_field->name ); ?>:
10
<?php echo esc\_html( $custom\_field->name ); ?>:
11
11
</div>
12
12
13
13
<div class='ewd-ufaq-custom-field-value'>
14
<?php echo ( is\_array( $value ) ? implode( ', ', $value ) : $value ); ?>
14
<?php echo wp\_kses\_post( ( is\_array( $value ) ? implode( ', ', $value ) : $value ) ); ?>
15
15
</div>
16
16
ultimate-faqs/trunk/ewd-ufaq-templates/faq-date.php
r2643489
r2648562
2
2
3
3
<span class='ewd-ufaq-date'>
4
<?php echo $this->date; ?>
4
<?php echo esc\_html( $this->date ); ?>
5
5
</span>
ultimate-faqs/trunk/ewd-ufaq-templates/faq-permalink.php
r2643489
r2648562
3
3
<a href='<?php echo esc\_attr( $this->permalink ); ?>'>
4
4
5
<?php if ( $this->get\_option( 'include-permalink' ) == 'both' or $this->get\_option( 'include-permalink' ) == 'text' ) { echo $this->get\_label( 'label-permalink' ); } ?>
5
<?php if ( $this->get\_option( 'include-permalink' ) == 'both' or $this->get\_option( 'include-permalink' ) == 'text' ) { echo esc\_html( $this->get\_label( 'label-permalink' ) ); } ?>
6
6
<?php if ( $this->get\_option( 'include-permalink' ) == 'both' or $this->get\_option( 'include-permalink' ) == 'icon' ) { ?> <div class='ewd-ufaq-permalink-image'></div> <?php } ?>
7
7
ultimate-faqs/trunk/ewd-ufaq-templates/faq-preview.php
r2643489
r2648562
1
1
<div class='ewd-ufaq-faq-excerpt'>
2
<?php echo $this->faq\_preview; ?>
2
<?php echo wp\_kses\_post( $this->faq\_preview ); ?>
3
3
</div>
ultimate-faqs/trunk/ewd-ufaq-templates/faq-ratings.php
r2643489
r2648562
5
5
</div>
6
6
7
<div class='ewd-ufaq-rating-button ewd-ufaq-up-vote <?php echo ( ( $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) and $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) != 'http://' ) ? 'ewd-ufaq-ratings-custom-image' : 'ewd-ufaq-ratings-default-image' ); ?>' data-faq\_id='<?php echo $this->post->ID; ?>'>
7
<div class='ewd-ufaq-rating-button ewd-ufaq-up-vote <?php echo ( ( $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) and $ewd\_ufaq\_controller->settings->get\_setting( 'thumbs-up-image' ) != 'http://' ) ? 'ewd-ufaq-ratings-custom-image' : 'ewd-ufaq-ratings-default-image' ); ?>' data-faq\_id='<?php echo esc\_attr( $this->post->ID ); ?>'>
8
8
<?php echo $this->get\_thumbs\_up\_image(); ?>
9
<span><?php echo $this->get\_up\_votes(); ?></span>
9
<span><?php echo esc\_html( $this->get\_up\_votes() ); ?></span>
10
10
</div>
11
11
ultimate-faqs/trunk/ewd-ufaq-templates/faq-title.php
r2643489
r2648562
3
3
<a class='ewd-ufaq-post-margin' href='<?php echo esc\_attr( $this->get\_anchor\_permalink() ); ?>'>
4
4
5
<div class='ewd-ufaq-post-margin-symbol <?php echo $this->get\_color\_block\_shape(); ?>'>
5
<div class='ewd-ufaq-post-margin-symbol <?php echo esc\_attr( $this->get\_color\_block\_shape() ); ?>'>
6
6
<span ><?php echo $this->get\_toggle\_symbol(); ?></span>
7
7
</div>
…
…
10
10
11
11
<<?php echo $this->get\_option( 'styling-faq-heading-type' ); ?>>
12
<?php echo $this->faq\_title; ?>
12
<?php echo wp\_kses\_post( $this->faq\_title ); ?>
13
13
</<?php echo $this->get\_option( 'styling-faq-heading-type' ); ?>>
14
14
ultimate-faqs/trunk/ewd-ufaq-templates/faq.php
r2643489
r2648562
1
<div <?php echo ewd\_format\_classes( $this->classes ); ?> id='<?php echo $this->get\_id(); ?>' data-post\_id='<?php echo $this->post->ID; ?>'>
1
<div <?php echo ewd\_format\_classes( $this->classes ); ?> id='<?php echo esc\_attr( $this->get\_id() ); ?>' data-post\_id='<?php echo esc\_attr( $this->post->ID ); ?>'>
2
2
3
3
<?php $this->print\_faq\_title(); ?>
ultimate-faqs/trunk/ewd-ufaq-templates/submit-faq-captcha.php
r2643489
r2648562
7
7
</div>
8
8
9
<div class='ewd-ufaq-captcha-response'><label for='captcha\_text'><?php echo $this->get\_label( 'label-captcha-image-number' ); ?>: </label>
9
<div class='ewd-ufaq-captcha-response'><label for='captcha\_text'><?php echo esc\_html( $this->get\_label( 'label-captcha-image-number' ) ); ?>: </label>
10
10
<input type='text' name='ewd\_ufaq\_captcha' value='' />
11
11
</div>
ultimate-faqs/trunk/ewd-ufaq-templates/submit-faq-custom-field-checkbox.php
r2643489
r2648562
12
12
13
13
<div class='ewd-ufaq-submit-faq-radio-checkbox-each'>
14
<input type='checkbox' name='<?php echo esc\_attr( $input\_name ); ?>\[\]' value='<?php echo $option; ?>' <?php echo ( ( ! empty( $\_POST\[ $input\_name \] ) and is\_array( $\_POST\[ $input\_name \] ) and in\_array( $option, $\_POST\[ $input\_name \] ) ) ? 'checked' : '' ); ?>/><?php echo $option; ?>
14
<input type='checkbox' name='<?php echo esc\_attr( $input\_name ); ?>\[\]' value='<?php echo $option; ?>' <?php echo ( ( ! empty( $\_POST\[ $input\_name \] ) and is\_array( $\_POST\[ $input\_name \] ) and in\_array( $option, $\_POST\[ $input\_name \] ) ) ? 'checked' : '' ); ?>/><?php echo esc\_html( $option ); ?>
15
15
</div>
16
16
ultimate-faqs/trunk/ewd-ufaq-templates/submit-faq-custom-field-radio.php
r2643489
r2648562
12
12
13
13
<div class='ewd-ufaq-submit-faq-radio-checkbox-each'>
14
<input type='radio' name='<?php echo esc\_attr( $input\_name ); ?>' value='<?php echo $option; ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'checked' : '' ); ?>/><?php echo $option; ?>
14
<input type='radio' name='<?php echo esc\_attr( $input\_name ); ?>' value='<?php echo esc\_attr( $option ); ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'checked' : '' ); ?>/><?php echo esc\_html( $option ); ?>
15
15
</div>
16
16
ultimate-faqs/trunk/ewd-ufaq-templates/submit-faq-custom-field-select.php
r2643489
r2648562
10
10
11
11
<?php foreach ( $this->get\_custom\_field\_options() as $option ) { ?>
12
<option value='<?php echo $option; ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'selected' : '' ); ?>><?php echo $option; ?></option>
12
<option value='<?php echo esc\_attr( $option ); ?>' <?php echo ( ! empty( $\_POST\[ $input\_name \] ) and $option == $\_POST\[ $input\_name \] ? 'selected' : '' ); ?>><?php echo esc\_html( $option ); ?></option>
13
13
<?php } ?>
14
14
ultimate-faqs/trunk/ewd-ufaq-templates/submit-faq-submitted-faq-message.php
r2643489
r2648562
1
1
<div class='ewd-ufaq-update'>
2
<?php echo $this->update\_message; ?>
2
<?php echo wp\_kses\_post( $this->update\_message ); ?>
3
3
</div>
ultimate-faqs/trunk/includes/Ajax.class.php
r2643489
r2648562
30
30
public function return\_search\_results() {
31
31
global $ewd\_ufaq\_controller;
32
32
33
if ( !check\_ajax\_referer( 'ewd-ufaq-js', 'nonce' ) ) {
34
ewdUfaqHelper::bad\_nonce\_ajax();
35
}
36
33
37
$faq\_atts = array(
34
38
'is\_search' => 1,
…
…
96
100
global $wpdb;
97
101
98
$post\_id = intval( $\_POST\['post\_id'\] );
102
if ( !check\_ajax\_referer( 'ewd-ufaq-js', 'nonce' ) ) {
103
ewdUfaqHelper::bad\_nonce\_ajax();
104
}
99
105
100
$meta\_id = $wpdb->get\_var( $wpdb->prepare( "SELECT meta\_id FROM $wpdb->postmeta WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) );
101
102
if ( $meta\_id != '' and $meta\_id != 0 ) { $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->postmeta SET meta\_value=meta\_value+1 WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) ); }
103
else { $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta (post\_id,meta\_key,meta\_value) VALUES (%d,'ufaq\_view\_count','1')", $post\_id ) ); }
106
$post\_id = intval( $\_POST\['post\_id'\] );
104
107
105
die();
108
$meta\_id = $wpdb->get\_var( $wpdb->prepare( "SELECT meta\_id FROM $wpdb->postmeta WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) );
109
110
if ( $meta\_id != '' and $meta\_id != 0 ) { $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->postmeta SET meta\_value=meta\_value+1 WHERE post\_id=%d AND meta\_key='ufaq\_view\_count'", $post\_id ) ); }
111
else { $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta (post\_id,meta\_key,meta\_value) VALUES (%d,'ufaq\_view\_count','1')", $post\_id ) ); }
112
113
die();
106
114
}
107
115
…
…
112
120
public function update\_rating() {
113
121
122
if ( !check\_ajax\_referer( 'ewd-ufaq-js', 'nonce' ) ) {
123
ewdUfaqHelper::bad\_nonce\_ajax();
124
}
125
114
126
$faq\_id = is\_numeric( $\_POST\['faq\_id'\] ) ? intval( $\_POST\['faq\_id'\] ) : 0;
115
$vote\_type = sanitize\_text\_field( $\_POST\['vote\_type'\] );
127
$vote\_type = sanitize\_text\_field( $\_POST\['vote\_type'\] );
116
128
117
if ( $vote\_type == 'up' ) {
129
if ( $vote\_type == 'up' ) {
118
130
119
$up\_votes = get\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', true );
120
update\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', $up\_votes + 1 );
131
$up\_votes = absint( get\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', false ) );
132
update\_post\_meta( $faq\_id, 'FAQ\_Up\_Votes', $up\_votes + 1 );
121
133
122
$total\_score = get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', true );
123
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score + 1 );
124
}
125
if ( $vote\_type == 'down' ) {
134
$total\_score = absint( get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', false ) );
135
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score + 1 );
136
}
126
137
127
$down\_votes = get\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', true );
128
update\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', $down\_votes + 1 );
138
if ( $vote\_type == 'down' ) {
129
139
130
$total\_score = get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', true );
131
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score - 1 );
132
}
140
$down\_votes = absint( get\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', false ) );
141
update\_post\_meta( $faq\_id, 'FAQ\_Down\_Votes', $down\_votes + 1 );
133
142
134
die();
143
$total\_score = absint( get\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', false ) );
144
update\_post\_meta( $faq\_id, 'FAQ\_Total\_Score', $total\_score - 1 );
145
}
146
147
die();
135
148
}
136
149
…
…
141
154
public function update\_order() {
142
155
global $ewd\_ufaq\_controller;
156
157
if (
158
! check\_ajax\_referer( 'ewd-ufaq-admin-js', 'nonce' )
159
||
160
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
161
) {
162
ewdUfaqHelper::admin\_nopriv\_ajax();
163
}
143
164
144
165
if ( ! is\_array( $\_POST\['ewd-ufaq-item'\] ) or ! $ewd\_ufaq\_controller->permissions->check\_permission( 'ordering' ) ) { return; }
ultimate-faqs/trunk/includes/CustomPostTypes.class.php
r2643489
r2648562
211
211
?>
212
212
213
<input type="hidden" name="ewd\_ufaq\_nonce" value="<?php echo $this->nonce; ?>">
213
<input type="hidden" name="ewd\_ufaq\_nonce" value="<?php echo esc\_attr($this->nonce); ?>">
214
214
215
215
<div class='ewd-ufaq-meta-field'>
ultimate-faqs/trunk/includes/Dashboard.class.php
r2647563
r2648562
15
15
public function \_\_construct() {
16
16
add\_action( 'admin\_menu', array( $this, 'add\_dashboard\_to\_menu' ), 99 );
17
18
add\_action( 'wp\_ajax\_ewd\_ufaq\_hide\_upgrade\_box', array($this, 'hide\_upgrade\_box') );
19
add\_action( 'wp\_ajax\_ewd\_ufaq\_display\_upgrade\_box', array($this, 'display\_upgrade\_box') );
20
17
}
21
18
…
…
137
134
foreach ( $faqs as $faq ) { ?>
138
135
<tr>
139
<td><a href='post.php?post=<?php echo $faq->ID;?>&action=edit'><?php echo $faq->post\_title; ?></a></td>
140
<td><?php echo get\_post\_meta( $faq->ID, 'ufaq\_view\_count', true ); ?></td>
136
<td><a href='post.php?post=<?php echo esc\_attr( $faq->ID );?>&action=edit'><?php echo esc\_html( $faq->post\_title ); ?></a></td>
137
<td><?php echo esc\_html( get\_post\_meta( $faq->ID, 'ufaq\_view\_count', true ) ); ?></td>
141
138
<td><?php echo get\_the\_term\_list( $faq->ID, EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY ); ?></td>
142
139
</tr>
…
…
296
293
<?php }
297
294
298
public function display\_notice() {
299
if ( $this->status ) {
300
echo "<div class='updated'><p>" . $this->message . "</p></div>";
301
}
302
else {
303
echo "<div class='error'><p>" . $this->message . "</p></div>";
304
}
305
}
306
295
}
296
307
297
} // endif
ultimate-faqs/trunk/includes/FAQ.class.php
r2643489
r2648562
194
194
195
195
// AUTHOR EMAIL
196
$this->faq\_author\_email = empty( $\_POST\['post\_author\_email'\] ) ? false : sanitize\_text\_field( $\_POST\['post\_author\_email'\] );
196
$this->faq\_author\_email = empty( $\_POST\['post\_author\_email'\] ) ? false : sanitize\_email( $\_POST\['post\_author\_email'\] );
197
197
198
198
// ANSWER
ultimate-faqs/trunk/includes/InstallationWalkthrough.class.php
r2643489
r2648562
73
73
\*/
74
74
public function create\_category() {
75
global $ewd\_ufaq\_controller;
76
77
if (
78
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
79
||
80
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
81
) {
82
ewdUfaqHelper::admin\_nopriv\_ajax();
83
}
75
84
76
85
$category\_name = isset( $\_POST\['category\_name'\] ) ? sanitize\_text\_field( $\_POST\['category\_name'\] ) : '';
77
$category\_description = isset( $\_POST\['category\_description'\] ) ? sanitize\_textarea\_field( $\_POST\['category\_description'\] ) : '';
78
79
$category\_term\_id = wp\_insert\_term( $category\_name, EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY, array('description' => $category\_description) );
80
81
echo json\_encode ( array( 'category\_name' => $category\_name, 'category\_id' => $category\_term\_id\['term\_id'\] ) );
82
83
exit();
86
$category\_description = isset( $\_POST\['category\_description'\] ) ? sanitize\_textarea\_field( $\_POST\['category\_description'\] ) : '';
87
88
$category\_term\_id = wp\_insert\_term( $category\_name, EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY, array('description' => $category\_description) );
89
90
echo json\_encode ( array( 'category\_name' => $category\_name, 'category\_id' => $category\_term\_id\['term\_id'\] ) );
91
92
exit();
84
93
}
85
94
86
95
public function create\_faq() {
96
global $ewd\_ufaq\_controller;
97
98
if (
99
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
100
||
101
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
102
) {
103
ewdUfaqHelper::admin\_nopriv\_ajax();
104
}
87
105
88
106
$args = array(
89
'post\_title' => isset( $\_POST\['faq\_question'\] ) ? sanitize\_text\_field( $\_POST\['faq\_question'\] ) : '',
90
'post\_content' => isset( $\_POST\['faq\_answer'\] ) ? sanitize\_text\_field( $\_POST\['faq\_answer'\] ) : '',
91
'post\_status' => 'publish',
92
'post\_type' => EWD\_UFAQ\_FAQ\_POST\_TYPE
93
);
94
95
$faq\_post\_id = wp\_insert\_post( $args );
96
97
if ( isset( $\_POST\['faq\_category'\] ) and $\_POST\['faq\_category'\] ) {
98
99
wp\_set\_post\_terms( $faq\_post\_id, sanitize\_text\_field( $\_POST\['faq\_category'\] ), EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY );
100
}
101
102
exit();
107
'post\_title' => isset( $\_POST\['faq\_question'\] ) ? sanitize\_text\_field( $\_POST\['faq\_question'\] ) : '',
108
'post\_content' => isset( $\_POST\['faq\_answer'\] ) ? sanitize\_text\_field( $\_POST\['faq\_answer'\] ) : '',
109
'post\_status' => 'publish',
110
'post\_type' => EWD\_UFAQ\_FAQ\_POST\_TYPE
111
);
112
113
$faq\_post\_id = wp\_insert\_post( $args );
114
115
if ( isset( $\_POST\['faq\_category'\] ) and $\_POST\['faq\_category'\] ) {
116
117
wp\_set\_post\_terms(
118
$faq\_post\_id,
119
sanitize\_text\_field( $\_POST\['faq\_category'\] ),
120
EWD\_UFAQ\_FAQ\_CATEGORY\_TAXONOMY
121
);
122
}
123
124
exit();
103
125
}
104
126
…
…
108
130
\*/
109
131
public function add\_faqs\_page() {
132
global $ewd\_ufaq\_controller;
133
134
if (
135
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
136
||
137
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
138
) {
139
ewdUfaqHelper::admin\_nopriv\_ajax();
140
}
110
141
111
142
$args = array(
112
'post\_title' => isset($\_POST\['faq\_page\_title'\] ) ? sanitize\_text\_field( $\_POST\['faq\_page\_title'\] ) : '',
113
'post\_content' => '<!-- wp:paragraph --><p> \[ultimate-faqs\] </p><!-- /wp:paragraph -->',
114
'post\_status' => 'publish',
115
'post\_type' => 'page'
116
);
117
118
wp\_insert\_post( $args );
119
120
exit();
143
'post\_title' => isset($\_POST\['faq\_page\_title'\] ) ? sanitize\_text\_field( $\_POST\['faq\_page\_title'\] ) : '',
144
'post\_content' => '<!-- wp:paragraph --><p> \[ultimate-faqs\] </p><!-- /wp:paragraph -->',
145
'post\_status' => 'publish',
146
'post\_type' => 'page'
147
);
148
149
wp\_insert\_post( $args );
150
151
exit();
121
152
}
122
153
…
…
126
157
\*/
127
158
public function set\_options() {
159
global $ewd\_ufaq\_controller;
160
161
if (
162
! check\_ajax\_referer( 'ewd-ufaq-getting-started', 'nonce' )
163
||
164
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
165
) {
166
ewdUfaqHelper::admin\_nopriv\_ajax();
167
}
128
168
129
169
$ewd\_ufaq\_options = get\_option( 'ewd-ufaq-settings' );
130
170
131
if ( isset( $\_POST\['faq\_accordion'\] ) ) { $ewd\_ufaq\_options\['faq-accordion'\] = intval( $\_POST\['faq\_accordion'\] ); }
132
if ( isset( $\_POST\['disable\_faq\_toggle'\] ) ) { $ewd\_ufaq\_options\['disable-faq-toggle'\] = intval( $\_POST\['disable\_faq\_toggle'\] ); }
133
if ( isset( $\_POST\['group\_by\_category'\] ) ) { $ewd\_ufaq\_options\['group-by-category'\] = intval( $\_POST\['group\_by\_category'\] ); }
134
if ( isset( $\_POST\['order\_by\_setting'\] ) ) { $ewd\_ufaq\_options\['faq-order-by'\] = sanitize\_text\_field( $\_POST\['order\_by\_setting'\] ); }
171
if ( isset( $\_POST\['faq\_accordion'\] ) ) {
172
$ewd\_ufaq\_options\['faq-accordion'\] = intval( $\_POST\['faq\_accordion'\] );
173
}
174
if ( isset( $\_POST\['disable\_faq\_toggle'\] ) ) {
175
$ewd\_ufaq\_options\['disable-faq-toggle'\] = intval( $\_POST\['disable\_faq\_toggle'\] );
176
}
177
if ( isset( $\_POST\['group\_by\_category'\] ) ) {
178
$ewd\_ufaq\_options\['group-by-category'\] = intval( $\_POST\['group\_by\_category'\] );
179
}
180
if ( isset( $\_POST\['order\_by\_setting'\] ) ) {
181
$ewd\_ufaq\_options\['faq-order-by'\] = sanitize\_text\_field( $\_POST\['order\_by\_setting'\] );
182
}
135
183
136
184
update\_option( 'ewd-ufaq-settings', $ewd\_ufaq\_options );
137
138
exit();
185
186
exit();
139
187
}
140
188
…
…
155
203
wp\_enqueue\_script( 'ewd-ufaq-admin-settings-js', EWD\_UFAQ\_PLUGIN\_URL . '/lib/simple-admin-pages/js/admin-settings.js', array( 'jquery' ), EWD\_UFAQ\_VERSION );
156
204
wp\_enqueue\_script( 'ewd-ufaq-admin-spectrum-js', EWD\_UFAQ\_PLUGIN\_URL . '/lib/simple-admin-pages/js/spectrum.js', array( 'jquery' ), EWD\_UFAQ\_VERSION );
205
206
wp\_localize\_script(
207
'ewd-ufaq-getting-started',
208
'ewd\_ufaq\_getting\_started',
209
array(
210
'nonce' => wp\_create\_nonce( 'ewd-ufaq-getting-started' )
211
)
212
);
157
213
}
158
214
ultimate-faqs/trunk/includes/OrderingTable.class.php
r2643489
r2648562
86
86
<?php $faq\_tags = get\_the\_term\_list($faq->ID, 'ufaq-tag', '', ', ', ''); ?>
87
87
88
<tr id='ewd-ufaq-item-<?php echo $faq->ID; ?>' class='ewd-ufaq-item'>
88
<tr id='ewd-ufaq-item-<?php echo esc\_attr( $faq->ID ); ?>' class='ewd-ufaq-item'>
89
89
<td class='ewd-ufaq-title'><?php echo esc\_html( $faq->post\_title ); ?></td>
90
90
<td class='ewd-ufaq-title'><?php echo esc\_html( $faq\_views ); ?></td>
ultimate-faqs/trunk/includes/ReviewAsk.class.php
r2643489
r2648562
74
74
wp\_enqueue\_style( 'ewd-ufaq-review-ask-css', EWD\_UFAQ\_PLUGIN\_URL . '/assets/css/dashboard-review-ask.css' );
75
75
wp\_enqueue\_script( 'ewd-ufaq-review-ask-js', EWD\_UFAQ\_PLUGIN\_URL . '/assets/js/dashboard-review-ask.js', array( 'jquery' ), EWD\_UFAQ\_VERSION, true );
76
77
wp\_localize\_script(
78
'ewd-ufaq-review-ask-js',
79
'ewd\_ufaq\_review\_ask',
80
array(
81
'nonce' => wp\_create\_nonce( 'ewd-ufaq-review-ask-js' )
82
)
83
);
76
84
}
77
85
78
86
public function hide\_review\_ask() {
87
global $ewd\_ufaq\_controller;
88
89
if (
90
! check\_ajax\_referer( 'ewd-ufaq-review-ask-js', 'nonce' )
91
||
92
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
93
) {
94
ewdUfaqHelper::admin\_nopriv\_ajax();
95
}
79
96
80
97
$ask\_review\_time = sanitize\_text\_field($\_POST\['ask\_review\_time'\]);
81
98
82
if ( get\_option( 'ewd-ufaq-review-ask-time' ) < time() + 3600\*24 \* $ask\_review\_time ) {
83
update\_option( 'ewd-ufaq-review-ask-time', time() + 3600\*24 \* $ask\_review\_time );
84
}
99
if ( get\_option( 'ewd-ufaq-review-ask-time' ) < time() + 3600\*24 \* $ask\_review\_time ) {
100
update\_option( 'ewd-ufaq-review-ask-time', time() + 3600\*24 \* $ask\_review\_time );
101
}
85
102
86
die();
103
die();
87
104
}
88
105
89
106
public function send\_feedback() {
107
global $ewd\_ufaq\_controller;
108
109
if (
110
! check\_ajax\_referer( 'ewd-ufaq-review-ask-js', 'nonce' )
111
||
112
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
113
) {
114
ewdUfaqHelper::admin\_nopriv\_ajax();
115
}
116
90
117
$headers = 'Content-type: text/html;charset=utf-8' . "\\r\\n";
91
$feedback = sanitize\_text\_field($\_POST\['feedback'\]);
92
$feedback .= '<br /><br />Email Address: ';
93
$feedback .= sanitize\_text\_field($\_POST\['email\_address'\]);
118
$feedback = sanitize\_text\_field( $\_POST\['feedback'\] );
119
$feedback .= '<br /><br />Email Address: ';
120
$feedback .= sanitize\_email( $\_POST\['email\_address'\] );
94
121
95
wp\_mail('[email protected]', 'UFAQ Feedback - Dashboard Form', $feedback, $headers);
122
wp\_mail('[email protected]', 'UFAQ Feedback - Dashboard Form', $feedback, $headers);
96
123
97
die();
124
die();
98
125
}
99
126
}
ultimate-faqs/trunk/includes/Widgets.class.php
r2643489
r2648562
61
61
public function widget( $args, $instance ) {
62
62
63
echo $args\['before\_widget'\];
64
if ( $instance\['faq\_title'\] != '' ) { echo ( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' ); }
63
echo esc\_html( $args\['before\_widget'\] );
64
if ( $instance\['faq\_title'\] != '' ) {
65
echo ( $args\['before\_title'\] != '' ? esc\_html( $args\['before\_title'\] ) : '<h3>' ) . esc\_html( $instance\['faq\_title'\] ) . ( $args\['after\_title'\] != '' ? esc\_html( $args\['after\_title'\] ) : '</h3>' );
66
}
65
67
echo do\_shortcode( "\[select-faq faq\_id='". $instance\['faq\_id'\] . "' no\_comments='Yes'\]" );
66
echo $args\['after\_widget'\];
68
echo esc\_html( $args\['after\_widget'\] );
67
69
}
68
70
…
…
80
82
81
83
<p>
82
<label for="<?php echo $this->get\_field\_id( 'faq\_id' ); ?>"><?php \_e( 'FAQ ID List:', 'ultimate-faqs' ); ?></label>
83
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_id' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_id' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_id ); ?>">
84
</p>
85
<p>
86
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
87
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
84
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_id' ) ); ?>">
85
<?php \_e( 'FAQ ID List:', 'ultimate-faqs' ); ?>
86
</label>
87
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_id' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_id' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_id ); ?>">
88
</p>
89
<p>
90
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
91
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
88
92
</p>
89
93
…
…
129
133
public function widget( $args, $instance ) {
130
134
131
echo $args\['before\_widget'\];
132
if ( $instance\['faq\_title'\] != '' ) { echo ( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' ); }
135
echo esc\_html( $args\['before\_widget'\] );
136
if ( $instance\['faq\_title'\] != '' ) {
137
echo esc\_html(
138
( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' )
139
);
140
}
133
141
echo do\_shortcode( "\[recent-faqs post\_count='". $instance\['post\_count'\] . "' no\_comments='Yes'\]" );
134
echo $args\['after\_widget'\];
142
echo esc\_html( $args\['after\_widget'\] );
135
143
}
136
144
…
…
148
156
149
157
<p>
150
<label for="<?php echo $this->get\_field\_id( 'post\_count' ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
151
<input class="widefat" id="<?php echo $this->get\_field\_id( 'post\_count' ); ?>" name="<?php echo $this->get\_field\_name( 'post\_count' ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
152
</p>
153
<p>
154
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
155
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
158
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
159
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'post\_count' ) ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
160
</p>
161
<p>
162
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
163
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
156
164
</p>
157
165
…
…
197
205
public function widget( $args, $instance ) {
198
206
199
echo $args\['before\_widget'\];
200
if ( $instance\['faq\_title'\] != '' ) { echo ( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' ); }
207
echo esc\_html( $args\['before\_widget'\] );
208
if ( $instance\['faq\_title'\] != '' ) {
209
echo esc\_html(
210
( $args\['before\_title'\] != '' ? $args\['before\_title'\] : '<h3>' ) . $instance\['faq\_title'\] . ( $args\['after\_title'\] != '' ? $args\['after\_title'\] : '</h3>' )
211
);
212
}
201
213
echo do\_shortcode( "\[popular-faqs post\_count='". $instance\['post\_count'\] . "' no\_comments='Yes'\]" );
202
echo $args\['after\_widget'\];
214
echo esc\_html( $args\['after\_widget'\] );
203
215
}
204
216
…
…
216
228
217
229
<p>
218
<label for="<?php echo $this->get\_field\_id( 'post\_count' ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
219
<input class="widefat" id="<?php echo $this->get\_field\_id( 'post\_count' ); ?>" name="<?php echo $this->get\_field\_name( 'post\_count' ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
220
</p>
221
<p>
222
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
223
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
230
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>"><?php \_e( 'Number of FAQs:', 'ultimate-faqs' ); ?></label>
231
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'post\_count' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'post\_count' ) ); ?>" type="text" value="<?php echo esc\_attr( $post\_count ); ?>">
232
</p>
233
<p>
234
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
235
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
224
236
</p>
225
237
…
…
274
286
$faq = reset( $faqs );
275
287
276
echo $args\['before\_widget'\];
277
if ($instance\['faq\_title'\] != "") {echo ($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>");}
288
echo esc\_html( $args\['before\_widget'\] );
289
if ($instance\['faq\_title'\] != "") {
290
echo esc\_html(
291
($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>")
292
);
293
}
278
294
echo do\_shortcode( "\[select-faq faq\_id='". $faq->ID . "' no\_comments='Yes'\]" );
279
echo $args\['after\_widget'\];
295
echo esc\_html( $args\['after\_widget'\] );
280
296
}
281
297
…
…
292
308
293
309
<p>
294
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
295
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
310
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
311
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
296
312
</p>
297
313
…
…
336
352
public function widget( $args, $instance ) {
337
353
338
echo $args\['before\_widget'\];
339
if ($instance\['faq\_title'\] != "") {echo ($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>");}
354
echo esc\_html( $args\['before\_widget'\] );
355
if ($instance\['faq\_title'\] != "") {
356
echo esc\_html(
357
($args\['before\_title'\] != '' ? $args\['before\_title'\] : "<h3>") . $instance\['faq\_title'\] . ($args\['after\_title'\] != '' ? $args\['after\_title'\] : "</h3>")
358
);
359
}
340
360
echo do\_shortcode( "\[ultimate-faqs include\_category='". $instance\['include\_category'\] . "' no\_comments='Yes'\]" );
341
echo $args\['after\_widget'\];
361
echo esc\_html( $args\['after\_widget'\] );
342
362
}
343
363
…
…
355
375
356
376
<p>
357
<label for="<?php echo $this->get\_field\_id( 'include\_category' ); ?>"><?php \_e( 'FAQ Category List:', 'ultimate-faqs' ); ?></label>
358
<input class="widefat" id="<?php echo $this->get\_field\_id( 'include\_category' ); ?>" name="<?php echo $this->get\_field\_name( 'include\_category' ); ?>" type="text" value="<?php echo esc\_attr( $include\_category ); ?>">
359
</p>
360
<p>
361
<label for="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
362
<input class="widefat" id="<?php echo $this->get\_field\_id( 'faq\_title' ); ?>" name="<?php echo $this->get\_field\_name( 'faq\_title' ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
377
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'include\_category' ) ); ?>"><?php \_e( 'FAQ Category List:', 'ultimate-faqs' ); ?></label>
378
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'include\_category' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'include\_category' ) ); ?>" type="text" value="<?php echo esc\_attr( $include\_category ); ?>">
379
</p>
380
<p>
381
<label for="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>"><?php \_e( 'Widget Title:', 'ultimate-faqs' ); ?></label>
382
<input class="widefat" id="<?php echo esc\_attr( $this->get\_field\_id( 'faq\_title' ) ); ?>" name="<?php echo esc\_attr( $this->get\_field\_name( 'faq\_title' ) ); ?>" type="text" value="<?php echo esc\_attr( $faq\_title ); ?>">
363
383
</p>
364
384
ultimate-faqs/trunk/includes/WooCommerce.class.php
r2643489
r2648562
77
77
78
78
wp\_enqueue\_script( 'ewd-ufaq-wc-admin-js', EWD\_UFAQ\_PLUGIN\_URL . '/assets/js/ewd-ufaq-wc-admin.js', array( 'jquery' ), EWD\_UFAQ\_VERSION );
79
80
wp\_localize\_script(
81
'ewd-ufaq-wc-admin-js',
82
'ewd\_ufaq\_wc\_admin',
83
array(
84
'nonce' => wp\_create\_nonce( 'ewd-ufaq-wc-admin-js' )
85
)
86
);
79
87
}
80
88
…
…
156
164
<select class='ewd-ufaq-category-filter' name='ewd-ufaq-category-filter'>
157
165
<option value=''><?php \_e('All Categories', 'ultimate-faqs' ); ?></option>
158
<?php foreach ( $categories as $category ) { ?> <option value='<?php echo $category->term\_id; ?>'><?php echo esc\_html( $category->name ); ?></option><?php } ?>
166
<?php foreach ( $categories as $category ) { ?> <option value='<?php echo esc\_attr( $category->term\_id ); ?>'><?php echo esc\_html( $category->name ); ?></option><?php } ?>
159
167
</select>
160
168
…
…
168
176
<?php foreach ( $all\_faqs as $faq ) { ?>
169
177
170
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo $faq->ID; ?>'>
171
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo $faq->ID; ?>'/></td>
178
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo esc\_attr( $faq->ID ); ?>'>
179
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo esc\_attr( $faq->ID ); ?>'/></td>
172
180
<td><?php echo esc\_html( $faq->post\_title ); ?></td>
173
181
</tr>
…
…
196
204
197
205
<?php $faq = get\_post( $faq\_id ); ?>
198
<tr class='ewd-ufaq-faq-row ewd-ufaq-delete-faq-row' data-faqid='<?php echo $faq\_id; ?>'>
199
<td><input type='checkbox' class='ewd-ufaq-delete-faq' name='Delete\_FAQs\[\]' value='<?php echo $faq\_id; ?>'/></td>
206
<tr class='ewd-ufaq-faq-row ewd-ufaq-delete-faq-row' data-faqid='<?php echo esc\_attr( $faq\_id ); ?>'>
207
<td><input type='checkbox' class='ewd-ufaq-delete-faq' name='Delete\_FAQs\[\]' value='<?php echo esc\_attr( $faq\_id ); ?>'/></td>
200
208
<td><?php echo esc\_html( $faq->post\_title ); ?></td>
201
209
</tr>
…
…
215
223
216
224
public function add\_wc\_faqs() {
217
218
$post\_id = intval( $\_POST\['Post\_ID'\] );
225
global $ewd\_ufaq\_controller;
226
227
if (
228
! check\_ajax\_referer( 'ewd-ufaq-wc-admin-js', 'nonce' )
229
||
230
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
231
) {
232
ewdUfaqHelper::admin\_nopriv\_ajax();
233
}
234
235
$post\_id = intval( $\_POST\['Post\_ID'\] );
219
236
220
237
$current\_faqs = (array) get\_post\_meta( $post\_id, 'EWD\_UFAQ\_WC\_Selected\_FAQs', true );
221
238
222
$faqs = json\_decode( stripslashes\_deep( $\_POST\['FAQs'\] ) );
239
$faqs = array\_map('intval', json\_decode( stripslashes\_deep( $\_POST\['FAQs'\] ) ) );
223
240
if ( ! is\_array( $faqs ) ) { $faqs = array(); }
224
241
…
…
242
259
243
260
public function delete\_wc\_faqs() {
261
global $ewd\_ufaq\_controller;
262
263
if (
264
! check\_ajax\_referer( 'ewd-ufaq-wc-admin-js', 'nonce' )
265
||
266
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
267
) {
268
ewdUfaqHelper::admin\_nopriv\_ajax();
269
}
244
270
245
271
$post\_id = intval( $\_POST\['Post\_ID'\] );
…
…
258
284
259
285
public function wc\_faq\_category() {
286
global $ewd\_ufaq\_controller;
287
288
if (
289
! check\_ajax\_referer( 'ewd-ufaq-wc-admin-js', 'nonce' )
290
||
291
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
292
) {
293
ewdUfaqHelper::admin\_nopriv\_ajax();
294
}
260
295
261
296
$cat\_id = intval( $\_POST\['Cat\_ID'\] );
…
…
289
324
<?php foreach ( $all\_faqs as $faq ) { ?>
290
325
291
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo $faq->ID; ?>'>
292
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo $faq->ID; ?>'/></td>
326
<tr class='ewd-ufaq-faq-row' data-faqid='<?php echo esc\_attr( $faq->ID ); ?>'>
327
<td><input type='checkbox' class='ewd-ufaq-add-faq' name='Add\_FAQs\[\]' value='<?php echo esc\_attr( $faq->ID ); ?>'/></td>
293
328
<td><?php echo esc\_html( $faq->post\_title ); ?></td>
294
329
</tr>
ultimate-faqs/trunk/includes/template-functions.php
r2643489
r2648562
373
373
374
374
if ( count( $classes ) ) {
375
return ' class="' . join( ' ', $classes ) . '"';
375
return ' class="' . esc\_attr( join( ' ', $classes ) ) . '"';
376
376
}
377
377
}
ultimate-faqs/trunk/readme.txt
r2647964
r2648562
267
267
\== Changelog ==
268
268
269
\= 2.1.2 (2021-12-23) =
270
\- Updating nonce and capability checks for AJAX calls.
271
\- Updating sanitization and escaping.
272
269
273
\= 2.1.1 (2021-12-22) =
270
274
\- Fixed an issue in which the defaults were not being correctly set for a few options.
ultimate-faqs/trunk/ultimate-faqs.php
r2647964
r2648562
7
7
Terms and Conditions: https://www.etoilewebdesign.com/plugin-terms-and-conditions/
8
8
Text Domain: ultimate-faqs
9
Version: 2.1.1
9
Version: 2.1.2
10
10
WC requires at least: 3.0
11
11
WC tested up to: 6.0
…
…
44
44
define( 'EWD\_UFAQ\_PLUGIN\_FNAME', plugin\_basename( \_\_FILE\_\_ ) );
45
45
define( 'EWD\_UFAQ\_TEMPLATE\_DIR', 'ewd-ufaq-templates' );
46
define( 'EWD\_UFAQ\_VERSION', '2.1.1' );
46
define( 'EWD\_UFAQ\_VERSION', '2.1.2' );
47
47
48
48
define( 'EWD\_UFAQ\_FAQ\_POST\_TYPE', 'ufaq' );
…
…
290
290
291
291
$screen\_ids = array(
292
'ufaq',
292
293
'ufaq\_page\_ewd-ufaq-dashboard',
293
294
'edit-ufaq',
…
…
308
309
309
310
$args = array(
311
'nonce' => wp\_create\_nonce( 'ewd-ufaq-admin-js' ),
310
312
'ordering' => $this->permissions->check\_permission( 'ordering' )
311
313
);
…
…
529
531
530
532
public function hide\_helper\_notice() {
533
global $ewd\_ufaq\_controller;
531
534
532
535
// Authenticate request
…
…
534
537
! check\_ajax\_referer( 'ewd-ufaq-helper-notice', 'nonce' )
535
538
||
536
! current\_user\_can( 'manage\_options' )
539
! current\_user\_can( $ewd\_ufaq\_controller->settings->get\_setting( 'access-role' ) )
537
540
) {
538
wp\_send\_json\_error(
539
array(
540
'error' => 'loggedout',
541
'msg' => sprintf( \_\_( 'You have been logged out. Please %slogin again%s.', 'ultimate-faqs' ), '<a href="' . wp\_login\_url( admin\_url( 'admin.php?page=ewd-ufaq-dashboard' ) ) . '">', '</a>' ),
542
)
543
);
541
ewdUfaqHelper::admin\_nopriv\_ajax();
542
544
543
}
545
544
…
…
549
548
}
550
549
551
public function admin\_menu\_optional( $menu\_list )
552
{
550
public function admin\_menu\_optional( $menu\_list ) {
553
551
global $ewd\_ufaq\_controller;
554
552
ultimate-faqs/trunk/views/View.FAQs.class.php
r2643489
r2648562
524
524
wp\_enqueue\_style( 'ewd-ufaq-jquery-ui' );
525
525
526
$handle = 'ewd-ufaq-js';
526
527
$args = array(
527
'faq\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-accordion' ),
528
'category\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-category-accordion' ),
529
'faq\_scroll' => $ewd\_ufaq\_controller->settings->get\_setting( 'scroll-to-top' ),
530
'reveal\_effect' => $ewd\_ufaq\_controller->settings->get\_setting( 'reveal-effect' ),
531
'retrieving\_results' => $ewd\_ufaq\_controller->settings->get\_setting( 'label-retrieving-results' ),
532
'highlight\_search\_term' => $ewd\_ufaq\_controller->settings->get\_setting( 'highlight-search-term' ),
533
'autocomplete\_question' => $ewd\_ufaq\_controller->settings->get\_setting( 'auto-complete-titles' ),
534
'question\_titles' => $this->get\_faq\_titles(),
535
'display\_faq' => 0,
528
'faq\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-accordion' ),
529
'category\_accordion' => $ewd\_ufaq\_controller->settings->get\_setting( 'faq-category-accordion' ),
530
'faq\_scroll' => $ewd\_ufaq\_controller->settings->get\_setting( 'scroll-to-top' ),
531
'reveal\_effect' => $ewd\_ufaq\_controller->settings->get\_setting( 'reveal-effect' ),
532
'retrieving\_results' => $ewd\_ufaq\_controller->settings->get\_setting( 'label-retrieving-results' ),
533
'highlight\_search\_term' => $ewd\_ufaq\_controller->settings->get\_setting( 'highlight-search-term' ),
534
'autocomplete\_question' => $ewd\_ufaq\_controller->settings->get\_setting( 'auto-complete-titles' ),
535
'question\_titles' => $this->get\_faq\_titles(),
536
'display\_faq' => 0,
537
'nonce' => wp\_create\_nonce( $handle ),
536
538
);
537
539
…
…
542
544
}
543
545
elseif ( isset( $\_GET\['Display\_FAQ'\] ) ) {
544
545
546
$args\['display\_faq'\] = intval( $\_GET\['Display\_FAQ'\] );
546
547
}
547
548
548
$handle = 'ewd-ufaq-js';
549
549
// Fetch any existing script data
550
550
$prev\_question\_titles = $wp\_scripts->get\_data( $handle, 'question\_titles' );
…
…
556
556
557
557
$wp\_scripts->add\_data( $handle, 'question\_titles', $args\['question\_titles'\] );
558
wp\_localize\_script( $handle, 'ewd\_ufaq\_php\_data', $args );
559
560
wp\_enqueue\_script( 'ewd-ufaq-js' );
558
wp\_localize\_script(
559
$handle,
560
'ewd\_ufaq\_php\_data',
561
apply\_filters( 'ewd\_ufaq\_js\_localize\_data', $args )
562
);
563
564
wp\_enqueue\_script( $handle );
561
565
562
566
wp\_enqueue\_script( 'jquery-ui-core' );