Headline
CVE-2023-3082: Changeset 2935537 for post-smtp – WordPress Plugin Repository
The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
post-smtp/trunk/Postman/PostmanEmailLogs.php
r2929002
r2935537
328
328
329
329
$row->time = date( "{$date\_format} {$time\_format}", $row->time );
330
$row->success = $row->success == 1 ? '<span title="Successful"></span>' : '<span title="Failed"></span><pre class="ps-status-log">' . str\_replace( $search, $replace, $row->success ) . '</pre\>';
330
$row->success = $row->success == 1 ? '<span title="Success">Success</span>' : '<span title="'.str\_replace( $search, $replace, $row->success ).'">Failed</span><a href="#" class="ps-status-log ps-popup-btn">View details</a\>';
331
331
$row->actions = '';
332
333
//Escape HTML
334
$row->original\_subject = esc\_html( $row->original\_subject );
332
335
333
336
}
…
…
535
538
$email\_query\_log = new PostmanEmailQueryLog();
536
539
$log = $email\_query\_log->get\_log( $id, $type );
540
$\_log = $log;
541
542
//Escape HTML
543
foreach( $\_log as $key => $value ) {
544
545
$log\[$key\] = esc\_html( $value );
546
547
}
537
548
538
549
if( isset( $log\['time'\] ) ) {
post-smtp/trunk/freemius/includes/class-freemius.php
r2905047
r2935537
1547
1547
fs\_request\_is\_action( 'reset\_pending\_activation\_mode' )
1548
1548
) &&
1549
$this->get\_unique\_affix() === fs\_request\_get( 'fs\_unique\_affix' )
1549
$this->get\_unique\_affix() === fs\_request\_get\_raw( 'fs\_unique\_affix' )
1550
1550
) {
1551
1551
add\_action( 'admin\_init', array( &$this, 'connect\_again' ) );
…
…
3760
3760
}
3761
3761
3762
$option\_value = fs\_request\_get( 'option\_value' );
3762
$option\_value = fs\_request\_get\_raw( 'option\_value' );
3763
3763
3764
3764
if ( ! empty( $option\_value ) ) {
…
…
10299
10299
return $this->apply\_filters(
10300
10300
'usage\_tracking\_terms\_url',
10301
"https://freemius.com/wordpress/usage-tracking/{$this->\_plugin->id}/{$this->\_slug}/"
10301
"https://freemius.com/product/opt-in/{$this->\_plugin->id}/{$this->\_slug}/"
10302
);
10303
}
10304
10305
/\*\*
10306
\* @todo (For LiteSDK) We can refactor this and other related functions giving links to several landing pages on freemius.com to come from a separate class like \`FS\_Terms\_Pages\`. This would get a \`FS\_WP\_Hook\` (hypothetical) instance as a dependency and use it to hook into the \`license\_activation\_terms\_url\` or related filters. The entry level instance from \`ms\_fs()\` would hold a public read-only variable \`my\_fs()->terms\_pages\` which would be an instance of \`FS\_Terms\_Pages\` and would hold all the links to the terms pages.
10307
\* @since 2.5.8
10308
\*
10309
\* @return string
10310
\*/
10311
function get\_license\_activation\_terms\_url() {
10312
return $this->apply\_filters(
10313
'license\_activation\_terms\_url',
10314
"https://freemius.com/product/license-activation/{$this->\_plugin->id}/{$this->\_slug}/"
10302
10315
);
10303
10316
}
…
…
13662
13675
$this->check\_ajax\_referer( 'activate\_license' );
13663
13676
13664
$license\_key = trim( fs\_request\_get( 'license\_key' ) );
13677
$license\_key = trim( fs\_request\_get\_raw( 'license\_key' ) );
13665
13678
13666
13679
if ( empty( $license\_key ) ) {
…
…
16675
16688
16676
16689
return $clone;
16677
}
16678
16679
/\*\*
16680
\* Tries to activate account based on POST params.
16681
\*
16682
\* @author Vova Feldman (@svovaf)
16683
\* @since 1.0.2
16684
\*
16685
\* @deprecated Not in use, outdated.
16686
\*/
16687
function \_activate\_account() {
16688
if ( $this->is\_registered() ) {
16689
// Already activated.
16690
return;
16691
}
16692
16693
self::\_clean\_admin\_content\_section();
16694
16695
if ( fs\_request\_is\_action( 'activate' ) && fs\_request\_is\_post() ) {
16696
// check\_admin\_referer( 'activate\_' . $this->\_plugin->public\_key );
16697
16698
// Verify matching plugin details.
16699
if ( $this->\_plugin->id != fs\_request\_get( 'plugin\_id' ) || $this->\_slug != fs\_request\_get( 'plugin\_slug' ) ) {
16700
return;
16701
}
16702
16703
$user = new FS\_User();
16704
$user->id = fs\_request\_get( 'user\_id' );
16705
$user->public\_key = fs\_request\_get( 'user\_public\_key' );
16706
$user->secret\_key = fs\_request\_get( 'user\_secret\_key' );
16707
$user->email = fs\_request\_get( 'user\_email' );
16708
$user->first = fs\_request\_get( 'user\_first' );
16709
$user->last = fs\_request\_get( 'user\_last' );
16710
$user->is\_verified = fs\_request\_get\_bool( 'user\_is\_verified' );
16711
16712
$site = new FS\_Site();
16713
$site->id = fs\_request\_get( 'install\_id' );
16714
$site->public\_key = fs\_request\_get( 'install\_public\_key' );
16715
$site->secret\_key = fs\_request\_get( 'install\_secret\_key' );
16716
$site->plan\_id = fs\_request\_get( 'plan\_id' );
16717
16718
$plans = array();
16719
$plans\_data = json\_decode( urldecode( fs\_request\_get( 'plans' ) ) );
16720
foreach ( $plans\_data as $p ) {
16721
$plan = new FS\_Plugin\_Plan( $p );
16722
if ( $site->plan\_id == $plan->id ) {
16723
$plan->title = fs\_request\_get( 'plan\_title' );
16724
$plan->name = fs\_request\_get( 'plan\_name' );
16725
}
16726
16727
$plans\[\] = $plan;
16728
}
16729
16730
$this->\_set\_account( $user, $site, $plans );
16731
16732
// Reload the page with the keys.
16733
fs\_redirect( $this->\_get\_admin\_page\_url() );
16734
}
16735
16690
}
16736
16691
…
…
17749
17704
$this->install\_many\_pending\_with\_user(
17750
17705
fs\_request\_get( 'user\_id' ),
17751
fs\_request\_get( 'user\_public\_key' ),
17752
fs\_request\_get( 'user\_secret\_key' ),
17706
fs\_request\_get\_raw( 'user\_public\_key' ),
17707
fs\_request\_get\_raw( 'user\_secret\_key' ),
17753
17708
fs\_request\_get\_bool( 'is\_marketing\_allowed', null ),
17754
17709
fs\_request\_get\_bool( 'is\_extensions\_tracking\_allowed', null ),
…
…
17761
17716
$this->install\_with\_new\_user(
17762
17717
fs\_request\_get( 'user\_id' ),
17763
fs\_request\_get( 'user\_public\_key' ),
17764
fs\_request\_get( 'user\_secret\_key' ),
17718
fs\_request\_get\_raw( 'user\_public\_key' ),
17719
fs\_request\_get\_raw( 'user\_secret\_key' ),
17765
17720
fs\_request\_get\_bool( 'is\_marketing\_allowed', null ),
17766
17721
fs\_request\_get\_bool( 'is\_extensions\_tracking\_allowed', null ),
17767
17722
fs\_request\_get\_bool( 'is\_diagnostic\_tracking\_allowed', null ),
17768
17723
fs\_request\_get( 'install\_id' ),
17769
fs\_request\_get( 'install\_public\_key' ),
17770
fs\_request\_get( 'install\_secret\_key' ),
17724
fs\_request\_get\_raw( 'install\_public\_key' ),
17725
fs\_request\_get\_raw( 'install\_secret\_key' ),
17771
17726
true,
17772
17727
fs\_request\_get\_bool( 'auto\_install' )
…
…
18107
18062
18108
18063
if ( fs\_request\_is\_action( $this->get\_unique\_affix() . '\_activate\_existing' ) && fs\_request\_is\_post() ) {
18109
// check\_admin\_referer( 'activate\_existing\_' . $this->\_plugin->public\_key );
18064
check\_admin\_referer( $this->get\_unique\_affix() . '\_activate\_existing' );
18110
18065
18111
18066
/\*\*
…
…
18113
18068
\* @since 1.1.9 Add license key if given.
18114
18069
\*/
18115
$license\_key = fs\_request\_get( 'license\_secret\_key' );
18070
$license\_key = fs\_request\_get\_raw( 'license\_secret\_key' );
18116
18071
18117
18072
FS\_Permission\_Manager::instance( $this )->update\_permissions\_tracking\_flag( array(
…
…
20848
20803
}
20849
20804
20850
$license\_or\_user\_key = fs\_request\_get( 'license\_or\_user\_key' );
20805
$license\_or\_user\_key = fs\_request\_get\_raw( 'license\_or\_user\_key' );
20851
20806
20852
20807
$transient\_value = ( ! empty( $license\_or\_user\_key ) ) ?
…
…
22686
22641
$user = new FS\_User();
22687
22642
$user->id = fs\_request\_get( 'user\_id' );
22688
$user->public\_key = fs\_request\_get( 'user\_public\_key' );
22689
$user->secret\_key = fs\_request\_get( 'user\_secret\_key' );
22643
$user->public\_key = fs\_request\_get\_raw( 'user\_public\_key' );
22644
$user->secret\_key = fs\_request\_get\_raw( 'user\_secret\_key' );
22690
22645
22691
22646
$prev\_user = $this->\_user;
…
…
23183
23138
switch ( $state ) {
23184
23139
case 'init':
23140
// The nonce is injected by the error handler in \`\_email\_address\_update\_ajax\_handler\` function.
23141
check\_admin\_referer( 'change\_owner' );
23142
23185
23143
$candidate\_email = fs\_request\_get( 'candidate\_email' );
23186
23144
$transfer\_type = fs\_request\_get( 'transfer\_type' );
…
…
23195
23153
break;
23196
23154
case 'owner\_confirmed':
23155
// We cannot (or need not to) check the nonce and referer here, because the link comes from the email sent by our API.
23197
23156
$candidate\_email = fs\_request\_get( 'candidate\_email', '' );
23157
23158
if ( ! is\_email($candidate\_email ) ) {
23159
return;
23160
}
23198
23161
23199
23162
$this->\_admin\_notices->add( sprintf( $this->get\_text\_inline( 'Thanks for confirming the ownership change. An email was just sent to %s for final approval.', 'change-owner-request\_owner-confirmed' ), '<b>' . $candidate\_email . '</b>' ) );
23200
23163
break;
23201
23164
case 'candidate\_confirmed':
23165
// We do not need to validate the authenticity of this request here, because the \`complete\_change\_owner\` does that for us through API calls.
23202
23166
if ( $this->complete\_change\_owner() ) {
23203
23167
$this->\_admin\_notices->add\_sticky(
…
…
23232
23196
23233
23197
#region Actions that might be called from external links (e.g. email)
23198
23199
/\*\*
23200
\* !!IMPORTANT!!: We cannot check for a valid nonce in this region, because the links could be coming from emails.
23201
\*/
23234
23202
23235
23203
case 'cancel\_trial':
…
…
23539
23507
'is\_enriched' => true,
23540
23508
'trial' => fs\_request\_get\_bool( 'trial' ),
23541
'sandbox' => fs\_request\_get( 'sandbox' ),
23542
's\_ctx\_type' => fs\_request\_get( 's\_ctx\_type' ),
23543
's\_ctx\_id' => fs\_request\_get( 's\_ctx\_id' ),
23544
's\_ctx\_ts' => fs\_request\_get( 's\_ctx\_ts' ),
23545
's\_ctx\_secure' => fs\_request\_get( 's\_ctx\_secure' ),
23509
'sandbox' => fs\_request\_get\_raw( 'sandbox' ),
23510
's\_ctx\_type' => fs\_request\_get\_raw( 's\_ctx\_type' ),
23511
's\_ctx\_id' => fs\_request\_get\_raw( 's\_ctx\_id' ),
23512
's\_ctx\_ts' => fs\_request\_get\_raw( 's\_ctx\_ts' ),
23513
's\_ctx\_secure' => fs\_request\_get\_raw( 's\_ctx\_secure' ),
23546
23514
);
23547
23515
…
…
25873
25841
$thank\_you,
25874
25842
$already\_opted\_in,
25875
sprintf( $this->get\_text\_inline( 'Due to the new %sEU General Data Protection Regulation (GDPR)%s compliance requirements it is required that you provide your explicit consent, again, confirming that you are onboard :-)', 'due-to-gdpr-compliance-requirements' ), '<a href="https://eugdpr.org/" target="\_blank" rel="noopener noreferrer">', '</a>' ) .
25843
sprintf( $this->get\_text\_inline( 'Due to the new %sEU General Data Protection Regulation (GDPR)%s compliance requirements it is required that you provide your explicit consent, again, confirming that you are onboard :-)', 'due-to-gdpr-compliance-requirements' ), '<a href="https://ec.europa.eu/info/law/law-topic/data-protection\_en/" target="\_blank" rel="noopener noreferrer">', '</a>' ) .
25876
25844
'<br><br>' .
25877
25845
'<b>' . $this->get\_text\_inline( "Please let us know if you'd like us to contact you for security & feature updates, educational content, and occasional offers:", 'contact-for-updates' ) . '</b>' .
…
…
26162
26130
$this->check\_ajax\_referer( 'fetch\_is\_marketing\_required\_flag\_value' );
26163
26131
26164
$license\_key = fs\_request\_get( 'license\_key' );
26132
$license\_key = fs\_request\_get\_raw( 'license\_key' );
26165
26133
26166
26134
if ( empty($license\_key) ) {
post-smtp/trunk/freemius/includes/class-fs-plugin-updater.php
r2839728
r2935537
135
135
if (
136
136
'plugin-information' !== fs\_request\_get( 'tab', false ) ||
137
$this->\_fs->get\_slug() !== fs\_request\_get( 'plugin', false )
137
$this->\_fs->get\_slug() !== fs\_request\_get\_raw( 'plugin', false )
138
138
) {
139
139
return;
…
…
154
154
if (
155
155
'plugin-information' !== fs\_request\_get( 'tab', false ) ||
156
$this->\_fs->get\_slug() !== fs\_request\_get( 'plugin', false )
156
$this->\_fs->get\_slug() !== fs\_request\_get\_raw( 'plugin', false )
157
157
) {
158
158
return;
post-smtp/trunk/freemius/includes/fs-core-functions.php
r2830498
r2935537
134
134
#--------------------------------------------------------------------------------
135
135
136
if ( ! function\_exists( 'fs\_request\_get\_raw' ) ) {
137
/\*\*
138
\* A helper function to fetch GET/POST user input with an optional default value when the input is not set.
139
\* This function does not do sanitization. It is up to the caller to properly sanitize and validate the input.
140
\*
141
\* The return of this function is always unslashed.
142
\*
143
\* @since 2.5.10
144
\*
145
\* @param string $key
146
\* @param mixed $def
147
\* @param string|bool $type When set to 'get', it will look for the value passed via query string. When
148
\* set to 'post', it will look for the value passed via the POST request's body. Otherwise,
149
\* it will check if the parameter was passed using any of the mentioned two methods.
150
\*
151
\* @return mixed
152
\*/
153
function fs\_request\_get\_raw( $key, $def = false, $type = false ) {
154
if ( is\_string( $type ) ) {
155
$type = strtolower( $type );
156
}
157
158
/\*\*
159
\* Note to WordPress.org reviewers:
160
\* This is a helper function to fetch GET/POST user input with an optional default value when the input is not set. The actual sanitization is done in the scope of the function's usage.
161
\*/
162
switch ( $type ) {
163
case 'post':
164
// phpcs:ignore WordPress.Security.NonceVerification.Missing
165
$value = isset( $\_POST\[ $key \] ) ? $\_POST\[ $key \] : $def;
166
break;
167
case 'get':
168
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
169
$value = isset( $\_GET\[ $key \] ) ? $\_GET\[ $key \] : $def;
170
break;
171
default:
172
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
173
$value = isset( $\_REQUEST\[ $key \] ) ? $\_REQUEST\[ $key \] : $def;
174
break;
175
}
176
177
// Don't unslash if the value itself is empty (empty string, null, empty array etc).
178
return empty( $value ) ? $value : wp\_unslash( $value );
179
}
180
}
181
182
if ( ! function\_exists( 'fs\_sanitize\_input' ) ) {
183
/\*\*
184
\* Sanitizes input recursively (if an array).
185
\*
186
\* @param mixed $input
187
\*
188
\* @return mixed
189
\* @uses sanitize\_text\_field()
190
\* @since 2.5.10
191
\*/
192
function fs\_sanitize\_input( $input ) {
193
if ( is\_array( $input ) ) {
194
foreach ( $input as $key => $value ) {
195
$input\[ $key \] = fs\_sanitize\_input( $value );
196
}
197
} else {
198
// Allow empty values to pass through as-is, like \`null\`, \`''\`, \`0\`, \`'0'\` etc.
199
$input = empty( $input ) ? $input : sanitize\_text\_field( $input );
200
}
201
202
return $input;
203
}
204
}
205
136
206
if ( ! function\_exists( 'fs\_request\_get' ) ) {
137
207
/\*\*
138
208
\* A helper method to fetch GET/POST user input with an optional default value when the input is not set.
139
\* @author Vova Feldman (@svovaf)
209
\*
210
\* @author Vova Feldman (@svovaf)
211
\*
212
\* @note The return value is always sanitized with sanitize\_text\_field().
140
213
\*
141
214
\* @param string $key
…
…
145
218
\* will check if the parameter was passed in any of the two.
146
219
\*
220
\*
147
221
\* @return mixed
148
222
\*/
149
223
function fs\_request\_get( $key, $def = false, $type = false ) {
150
if ( is\_string( $type ) ) {
151
$type = strtolower( $type );
152
}
153
154
/\*\*
155
\* Note to WordPress.org Reviewers:
156
\* This is a helper method to fetch GET/POST user input with an optional default value when the input is not set. The actual sanitization is done in the scope of the function's usage.
157
\*/
158
switch ( $type ) {
159
case 'post':
160
$value = isset( $\_POST\[ $key \] ) ? $\_POST\[ $key \] : $def;
161
break;
162
case 'get':
163
$value = isset( $\_GET\[ $key \] ) ? $\_GET\[ $key \] : $def;
164
break;
165
default:
166
$value = isset( $\_REQUEST\[ $key \] ) ? $\_REQUEST\[ $key \] : $def;
167
break;
168
}
169
170
return $value;
224
return fs\_sanitize\_input( fs\_request\_get\_raw( $key, $def, $type ) );
171
225
}
172
226
}
…
…
174
228
if ( ! function\_exists( 'fs\_request\_has' ) ) {
175
229
function fs\_request\_has( $key ) {
230
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
176
231
return isset( $\_REQUEST\[ $key \] );
177
232
}
…
…
232
287
if ( ! function\_exists( 'fs\_get\_action' ) ) {
233
288
function fs\_get\_action( $action\_key = 'action' ) {
289
// phpcs:disable WordPress.Security.NonceVerification.Recommended
234
290
if ( ! empty( $\_REQUEST\[ $action\_key \] ) && is\_string( $\_REQUEST\[ $action\_key \] ) ) {
235
291
return strtolower( $\_REQUEST\[ $action\_key \] );
…
…
245
301
246
302
return false;
303
// phpcs:enable WordPress.Security.NonceVerification.Recommended
247
304
}
248
305
}
post-smtp/trunk/freemius/require.php
r2830498
r2935537
14
14
require\_once dirname( \_\_FILE\_\_ ) . '/config.php';
15
15
require\_once WP\_FS\_\_DIR\_INCLUDES . '/fs-core-functions.php';
16
require\_once WP\_FS\_\_DIR\_INCLUDES . '/fs-html-escaping-functions.php';
16
17
17
18
// Logger must be loaded before any other.
post-smtp/trunk/freemius/start.php
r2905047
r2935537
16
16
\* @var string
17
17
\*/
18
$this\_sdk\_version = '2.5.7';
18
$this\_sdk\_version = '2.5.10';
19
19
20
20
#region SDK Selection Logic --------------------------------------------------------------------
post-smtp/trunk/freemius/templates/account.php
r2830498
r2935537
106
106
107
107
$has\_tabs = $fs->\_add\_tabs\_before\_content();
108
109
if ( $has\_tabs ) {
110
$query\_params\['tabs'\] = 'true';
111
}
112
108
113
109
// Aliases.
…
…
261
257
<?php if ( ! $has\_tabs && ! $fs->apply\_filters( 'hide\_account\_tabs', false ) ) : ?>
262
258
<h2 class="nav-tab-wrapper">
263
<a href="<?php echo $fs->get\_account\_url() ?>"
259
<a href="<?php echo esc\_url( $fs->get\_account\_url() ) ?>"
264
260
class="nav-tab nav-tab-active"><?php fs\_esc\_html\_echo\_inline( 'Account', 'account', $slug ) ?></a>
265
261
<?php if ( $fs->has\_addons() ) : ?>
266
<a href="<?php echo $fs->\_get\_admin\_page\_url( 'addons' ) ?>"
262
<a href="<?php echo esc\_url( $fs->\_get\_admin\_page\_url( 'addons' ) ) ?>"
267
263
class="nav-tab"><?php echo esc\_html( $addons\_text ) ?></a>
268
264
<?php endif ?>
269
265
<?php if ( $show\_upgrade ) : ?>
270
<a href="<?php echo $fs->get\_upgrade\_url() ?>" class="nav-tab"><?php echo esc\_html( $upgrade\_text ) ?></a>
266
<a href="<?php echo esc\_url( $fs->get\_upgrade\_url() ) ?>" class="nav-tab"><?php echo esc\_html( $upgrade\_text ) ?></a>
271
267
<?php if ( $fs->apply\_filters( 'show\_trial', true ) && ! $fs->is\_trial\_utilized() && $fs->has\_trial\_plan() ) : ?>
272
<a href="<?php echo $fs->get\_trial\_url() ?>" class="nav-tab"><?php fs\_esc\_html\_echo\_inline( 'Free Trial', 'free-trial', $slug ) ?></a>
268
<a href="<?php echo esc\_url( $fs->get\_trial\_url() ) ?>" class="nav-tab"><?php fs\_esc\_html\_echo\_inline( 'Free Trial', 'free-trial', $slug ) ?></a>
273
269
<?php endif ?>
274
270
<?php endif ?>
…
…
316
312
<?php if ( ! fs\_is\_network\_admin() ) : ?>
317
313
<li>
318
<form action="<?php echo $fs->\_get\_admin\_page\_url( 'account' ) ?>" method="POST">
314
<form action="<?php echo esc\_url( $fs->\_get\_admin\_page\_url( 'account' ) ) ?>" method="POST">
319
315
<input type="hidden" name="fs\_action" value="deactivate\_license">
320
316
<?php wp\_nonce\_field( 'deactivate\_license' ) ?>
…
…
330
326
) : ?>
331
327
<li>
332
<form action="<?php echo $fs->\_get\_admin\_page\_url( 'account' ) ?>" method="POST">
328
<form action="<?php echo esc\_url( $fs->\_get\_admin\_page\_url( 'account' ) ) ?>" method="POST">
333
329
<input type="hidden" name="fs\_action" value="downgrade\_account">
334
330
<?php wp\_nonce\_field( 'downgrade\_account' ) ?>
…
…
336
332
onclick="if ( confirm('<?php echo esc\_attr( sprintf(
337
333
$downgrade\_x\_confirm\_text,
338
( $fs->is\_only\_premium() ? $cancelling\_subscription\_text : $downgrading\_plan\_text ),
334
( $fs->is\_only\_premium() ? $cancelling\_subscription\_text : $downgrading\_plan\_text ),
339
335
$plan->title,
340
336
human\_time\_diff( time(), strtotime( $license->expiration ) )
…
…
350
346
<?php if ( $is\_plan\_change\_supported ) : ?>
351
347
<li>
352
<a href="<?php echo $fs->get\_upgrade\_url() ?>"><i
348
<a href="<?php echo esc\_url( $fs->get\_upgrade\_url() ) ?>"><i
353
349
class="dashicons dashicons-grid-view"></i> <?php echo esc\_html( $change\_plan\_text ) ?></a>
354
350
</li>
…
…
357
353
<?php elseif ( $is\_paid\_trial ) : ?>
358
354
<li>
359
<form action="<?php echo $fs->\_get\_admin\_page\_url( 'account' ) ?>" method="POST">
355
<form action="<?php echo esc\_url( $fs->\_get\_admin\_page\_url( 'account' ) ) ?>" method="POST">
360
356
<input type="hidden" name="fs\_action" value="cancel\_trial">
361
357
<?php wp\_nonce\_field( 'cancel\_trial' ) ?>
…
…
368
364
<?php endif ?>
369
365
<li>
370
<form action="<?php echo $fs->\_get\_admin\_page\_url( 'account' ) ?>" method="POST">
371
<input type="hidden" name="fs\_action" value="<?php echo $fs->get\_unique\_affix() ?>\_sync\_license">
366
<form action="<?php echo esc\_url( $fs->\_get\_admin\_page\_url( 'account' ) ) ?>" method="POST">
367
<input type="hidden" name="fs\_action" value="<?php echo esc\_attr( $fs->get\_unique\_affix() ) ?>\_sync\_license">
372
368
<?php wp\_nonce\_field( $fs->get\_unique\_affix() . '\_sync\_license' ) ?>
373
369
<a href="#" onclick="this.parentNode.submit(); return false;"><i
…
…
513
509
}
514
510
?>
515
<tr class="fs-field-<?php echo $p\['id'\] ?><?php if ( $odd ) : ?> alternate<?php endif ?>">
511
<tr class="fs-field-<?php echo esc\_attr( $p\['id'\] ) ?><?php if ( $odd ) : ?> alternate<?php endif ?>">
516
512
<td>
517
<nobr><?php echo $p\['title'\] ?><?php echo ( ! empty( $p\['title'\] ) ) ? ':' : '' ?></nobr>
513
<nobr><?php echo esc\_attr( $p\['title'\] ) ?><?php echo ( ! empty( $p\['title'\] ) ) ? ':' : '' ?></nobr>
518
514
</td>
519
515
<td<?php if ( 'plan' === $p\['id'\] || 'bundle\_plan' === $p\['id'\] ) { echo ' colspan="2"'; }?>>
…
…
568
564
fs\_require\_template( 'account/partials/activate-license-button.php', $view\_params ); ?>
569
565
<?php else : ?>
570
<form action="<?php echo $fs->\_get\_admin\_page\_url( 'account' ) ?>"
566
<form action="<?php echo esc\_url( $fs->\_get\_admin\_page\_url( 'account' ) ) ?>"
571
567
method="POST" class="button-group">
572
568
<?php if ( $show\_upgrade && $is\_premium ) : ?>
573
<a class="button activate-license-trigger <?php echo $fs->get\_unique\_affix() ?>" href="#"><?php fs\_esc\_html\_echo\_inline( 'Activate License', 'activate-license', $slug ) ?></a>
569
<a class="button activate-license-trigger <?php echo esc\_attr( $fs->get\_unique\_affix() ) ?>" href="#"><?php fs\_esc\_html\_echo\_inline( 'Activate License', 'activate-license', $slug ) ?></a>
574
570
<?php endif ?>
575
571
<input type="submit" class="button"
576
572
value="<?php echo esc\_attr( $sync\_license\_text ) ?>">
577
573
<input type="hidden" name="fs\_action"
578
value="<?php echo $fs->get\_unique\_affix() ?>\_sync\_license">
574
value="<?php echo esc\_attr( $fs->get\_unique\_affix() ) ?>\_sync\_license">
579
575
<?php wp\_nonce\_field( $fs->get\_unique\_affix() . '\_sync\_license' ) ?>
580
576
<?php if ( $show\_upgrade || $is\_plan\_change\_supported ) : ?>
581
<a href="<?php echo $fs->get\_upgrade\_url() ?>"
577
<a href="<?php echo esc\_url( $fs->get\_upgrade\_url() ) ?>"
582
578
class="button<?php
583
579
echo $show\_upgrade ?
post-smtp/trunk/freemius/templates/account/billing.php
r2830498
r2935537
36
36
} ?>>
37
37
<tr>
38
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'Business name', 'business-name', $slug ) ?>:</span> <input id="business\_name" value="<?php echo $billing->business\_name ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'Business name', 'business-name', $slug ) ?>"></label></td>
39
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'Tax / VAT ID', 'tax-vat-id', $slug ) ?>:</span> <input id="tax\_id" value="<?php echo $billing->tax\_id ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'Tax / VAT ID', 'tax-vat-id', $slug ) ?>"></label></td>
38
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'Business name', 'business-name', $slug ) ?>:</span> <input id="business\_name" value="<?php echo esc\_attr( $billing->business\_name ) ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'Business name', 'business-name', $slug ) ?>"></label></td>
39
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'Tax / VAT ID', 'tax-vat-id', $slug ) ?>:</span> <input id="tax\_id" value="<?php echo esc\_attr( $billing->tax\_id ) ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'Tax / VAT ID', 'tax-vat-id', $slug ) ?>"></label></td>
40
40
</tr>
41
41
<tr>
42
<td><label><span><?php printf( fs\_esc\_html\_inline( 'Address Line %d', 'address-line-n', $slug ), 1 ) ?>:</span> <input id="address\_street" value="<?php echo $billing->address\_street ?>" placeholder="<?php printf( fs\_esc\_attr\_inline( 'Address Line %d', 'address-line-n', $slug ), 1 ) ?>"></label></td>
43
<td><label><span><?php printf( fs\_esc\_html\_inline( 'Address Line %d', 'address-line-n', $slug ), 2 ) ?>:</span> <input id="address\_apt" value="<?php echo $billing->address\_apt ?>" placeholder="<?php printf( fs\_esc\_attr\_inline( 'Address Line %d', 'address-line-n', $slug ), 2 ) ?>"></label></td>
42
<td><label><span><?php printf( fs\_esc\_html\_inline( 'Address Line %d', 'address-line-n', $slug ), 1 ) ?>:</span> <input id="address\_street" value="<?php echo esc\_attr( $billing->address\_street ) ?>" placeholder="<?php printf( fs\_esc\_attr\_inline( 'Address Line %d', 'address-line-n', $slug ), 1 ) ?>"></label></td>
43
<td><label><span><?php printf( fs\_esc\_html\_inline( 'Address Line %d', 'address-line-n', $slug ), 2 ) ?>:</span> <input id="address\_apt" value="<?php echo esc\_attr( $billing->address\_apt ) ?>" placeholder="<?php printf( fs\_esc\_attr\_inline( 'Address Line %d', 'address-line-n', $slug ), 2 ) ?>"></label></td>
44
44
</tr>
45
45
<tr>
46
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'City', 'city', $slug ) ?> / <?php fs\_esc\_html\_echo\_inline( 'Town', 'town', $slug ) ?>:</span> <input id="address\_city" value="<?php echo $billing->address\_city ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'City', 'city', $slug ) ?> / <?php fs\_esc\_attr\_echo\_inline( 'Town', 'town', $slug ) ?>"></label></td>
47
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'ZIP / Postal Code', 'zip-postal-code', $slug ) ?>:</span> <input id="address\_zip" value="<?php echo $billing->address\_zip ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'ZIP / Postal Code', 'zip-postal-code', $slug ) ?>"></label></td>
46
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'City', 'city', $slug ) ?> / <?php fs\_esc\_html\_echo\_inline( 'Town', 'town', $slug ) ?>:</span> <input id="address\_city" value="<?php echo esc\_attr( $billing->address\_city ) ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'City', 'city', $slug ) ?> / <?php fs\_esc\_attr\_echo\_inline( 'Town', 'town', $slug ) ?>"></label></td>
47
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'ZIP / Postal Code', 'zip-postal-code', $slug ) ?>:</span> <input id="address\_zip" value="<?php echo esc\_attr( $billing->address\_zip ) ?>" placeholder="<?php fs\_esc\_attr\_echo\_inline( 'ZIP / Postal Code', 'zip-postal-code', $slug ) ?>"></label></td>
48
48
</tr>
49
49
<tr>
…
…
306
306
<?php foreach ( $countries as $code => $country ) : ?>
307
307
<option
308
value="<?php echo $code ?>" <?php selected( $billing->address\_country\_code, $code ) ?>><?php echo $country ?></option>
308
value="<?php echo esc\_attr( $code ) ?>" <?php selected( $billing->address\_country\_code, $code ) ?>><?php echo esc\_html( $country ) ?></option>
309
309
<?php endforeach ?>
310
310
</select></label></td>
311
311
<td><label><span><?php fs\_esc\_html\_echo\_inline( 'State', 'state', $slug ) ?> / <?php fs\_esc\_html\_echo\_inline( 'Province', 'province', $slug ) ?>:</span>
312
<input id="address\_state" value="<?php echo $billing->address\_state ?>" placeholder="<?php fs\_esc\_html\_echo\_inline( 'State', 'state', $slug ) ?> / <?php fs\_esc\_html\_echo\_inline( 'Province', 'province', $slug ) ?>"></label></td>
312
<input id="address\_state" value="<?php echo esc\_attr( $billing->address\_state ) ?>" placeholder="<?php fs\_esc\_html\_echo\_inline( 'State', 'state', $slug ) ?> / <?php fs\_esc\_html\_echo\_inline( 'Province', 'province', $slug ) ?>"></label></td>
313
313
</tr>
314
314
<tr>
…
…
381
381
method : 'POST',
382
382
data : {
383
action : '<?php echo $fs->get\_ajax\_action( 'update\_billing' ) ?>',
384
security : '<?php echo $fs->get\_ajax\_security( 'update\_billing' ) ?>',
385
module\_id: '<?php echo $fs->get\_id() ?>',
383
action : <?php echo wp\_json\_encode( $fs->get\_ajax\_action( 'update\_billing' ) ) ?>,
384
security : <?php echo wp\_json\_encode( $fs->get\_ajax\_security( 'update\_billing' ) ) ?>,
385
module\_id: <?php echo wp\_json\_encode( $fs->get\_id() ) ?>,
386
386
billing : billing
387
387
},
post-smtp/trunk/freemius/templates/admin-notice.php
r2772068
r2935537
10
10
exit;
11
11
}
12
13
/\*\*
14
\* @var array $VARS
15
\*/
12
16
13
17
$dismiss\_text = fs\_text\_x\_inline( 'Dismiss', 'as close a window', 'dismiss' );
…
…
36
40
}
37
41
}
42
43
$attributes = array();
44
if ( ! empty( $VARS\['id'\] ) ) {
45
$attributes\['data-id'\] = $VARS\['id'\];
46
}
47
if ( ! empty( $VARS\['manager\_id'\] ) ) {
48
$attributes\['data-manager-id'\] = $VARS\['manager\_id'\];
49
}
50
if ( ! empty( $slug ) ) {
51
$attributes\['data-slug'\] = $slug;
52
}
53
if ( ! empty( $type ) ) {
54
$attributes\['data-type'\] = $type;
55
}
56
57
$classes = array( 'fs-notice' );
58
switch ( $VARS\['type'\] ) {
59
case 'error':
60
$classes\[\] = 'error';
61
$classes\[\] = 'form-invalid';
62
break;
63
case 'promotion':
64
$classes\[\] = 'updated';
65
$classes\[\] = 'promotion';
66
break;
67
case 'warn':
68
$classes\[\] = 'notice';
69
$classes\[\] = 'notice-warning';
70
break;
71
case 'update':
72
case 'success':
73
default:
74
$classes\[\] = 'updated';
75
$classes\[\] = 'success';
76
break;
77
}
78
if ( ! empty( $VARS\['sticky'\] ) ) {
79
$classes\[\] = 'fs-sticky';
80
}
81
if ( ! empty( $VARS\['plugin'\] ) ) {
82
$classes\[\] = 'fs-has-title';
83
}
84
if ( ! empty( $slug ) ) {
85
$classes\[\] = "fs-slug-{$slug}";
86
}
87
if ( ! empty( $type ) ) {
88
$classes\[\] = "fs-type-{$type}";
89
}
38
90
?>
39
<div<?php if ( ! empty( $VARS\['id'\] ) ) : ?> data-id="<?php echo $VARS\['id'\] ?>"<?php endif ?><?php if ( ! empty( $VARS\['manager\_id'\] ) ) : ?> data-manager-id="<?php echo $VARS\['manager\_id'\] ?>"<?php endif ?><?php if ( ! empty( $slug ) ) : ?> data-slug="<?php echo $slug ?>"<?php endif ?><?php if ( ! empty( $type ) ) : ?> data-type="<?php echo $type ?>"<?php endif ?>
40
class="<?php
41
switch ( $VARS\['type'\] ) {
42
case 'error':
43
echo 'error form-invalid';
44
break;
45
case 'promotion':
46
echo 'updated promotion';
47
break;
48
case 'warn':
49
echo 'notice notice-warning';
50
break;
51
case 'update':
52
// echo 'update-nag update';
53
// break;
54
case 'success':
55
default:
56
echo 'updated success';
57
break;
58
}
59
?> fs-notice<?php if ( ! empty( $VARS\['sticky'\] ) ) {
60
echo ' fs-sticky';
61
} ?><?php if ( ! empty( $VARS\['plugin'\] ) ) {
62
echo ' fs-has-title';
63
} ?><?php if ( ! empty( $slug ) ) {
64
echo " fs-slug-{$slug}";
65
} ?><?php if ( ! empty( $type ) ) {
66
echo " fs-type-{$type}";
67
} ?>"><?php if ( ! empty( $VARS\['plugin'\] ) ) : ?>
68
<label class="fs-plugin-title"><?php echo $VARS\['plugin'\] ?></label>
91
<div class="<?php echo fs\_html\_get\_classname( $classes ); ?>" <?php echo fs\_html\_get\_attributes( $attributes ); ?>>
92
<?php if ( ! empty( $VARS\['plugin'\] ) ) : ?>
93
<label class="fs-plugin-title">
94
<?php echo esc\_html( $VARS\['plugin'\] ); ?>
95
</label>
69
96
<?php endif ?>
97
70
98
<?php if ( ! empty( $VARS\['sticky'\] ) && ( ! isset( $VARS\['dismissible'\] ) || false !== $VARS\['dismissible'\] ) ) : ?>
71
<div class="fs-close"><i class="dashicons dashicons-no"
72
title="<?php echo esc\_attr( $dismiss\_text ) ?>"></i> <span><?php echo esc\_html( $dismiss\_text ) ?></span>
99
<div class="fs-close">
100
<i class="dashicons dashicons-no" title="<?php echo esc\_attr( $dismiss\_text ) ?>"></i>
101
<span><?php echo esc\_html( $dismiss\_text ); ?></span>
73
102
</div>
74
103
<?php endif ?>
104
75
105
<div class="fs-notice-body">
76
<?php if ( ! empty( $VARS\['title'\] ) ) : ?><b><?php echo $VARS\['title'\] ?></b> <?php endif ?>
77
<?php echo $VARS\['message'\] ?>
106
<?php if ( ! empty( $VARS\['title'\] ) ) : ?>
107
<strong><?php echo fs\_html\_get\_sanitized\_html( $VARS\['title'\] ); ?></strong>
108
<?php endif ?>
109
110
<?php echo fs\_html\_get\_sanitized\_html( $VARS\['message'\] ); ?>
78
111
</div>
79
112
</div>
post-smtp/trunk/freemius/templates/connect.php
r2905047
r2935537
48
48
}
49
49
50
$freemius\_site\_www = 'https://freemius.com';
51
52
50
$freemius\_usage\_tracking\_url = $fs->get\_usage\_tracking\_terms\_url();
53
51
$freemius\_plugin\_terms\_url = $fs->get\_eula\_url();
54
55
$freemius\_site\_url = $fs->is\_premium() ?
56
$freemius\_site\_www :
57
$freemius\_usage\_tracking\_url;
58
59
if ( $fs->is\_premium() ) {
60
$freemius\_site\_url .= '?' . http\_build\_query( array(
61
'id' => $fs->get\_id(),
62
'slug' => $slug,
63
) );
64
}
65
66
$freemius\_link = '<a href="' . $freemius\_site\_url . '" target="\_blank" rel="noopener" tabindex="1">freemius.com</a>';
67
52
68
53
$error = fs\_request\_get( 'error' );
…
…
76
61
fs\_request\_get\_bool( 'require\_license', ( $is\_premium\_code || $has\_release\_on\_freemius ) )
77
62
);
63
64
$freemius\_activation\_terms\_url = ($fs->is\_premium() && $require\_license\_key) ?
65
$fs->get\_license\_activation\_terms\_url() :
66
$freemius\_usage\_tracking\_url;
67
68
$freemius\_activation\_terms\_html = '<a href="' . esc\_url( $freemius\_activation\_terms\_url ) . '" target="\_blank" rel="noopener" tabindex="1">freemius.com</a>';
78
69
79
70
if ( $is\_pending\_activation ) {
…
…
266
257
'<b>' . $current\_user->user\_login . '</b>',
267
258
'<a href="' . $site\_url . '" target="\_blank" rel="noopener noreferrer">' . $site\_url . '</a>',
268
$freemius\_link
259
$freemius\_activation\_terms\_html
269
260
),
270
261
$first\_name,
…
…
272
263
$current\_user->user\_login,
273
264
'<a href="' . $site\_url . '" target="\_blank" rel="noopener noreferrer">' . $site\_url . '</a>',
274
$freemius\_link,
265
$freemius\_activation\_terms\_html,
275
266
true
276
267
);
…
…
375
366
<form action="" method="POST">
376
367
<input type="hidden" name="fs\_action"
377
value="<?php echo $fs->get\_unique\_affix() ?>\_activate\_existing">
378
<?php wp\_nonce\_field( 'activate\_existing\_' . $fs->get\_public\_key() ) ?>
368
value="<?php echo esc\_attr( $fs->get\_unique\_affix() . '\_activate\_existing' ) ?>">
369
<?php wp\_nonce\_field( $fs->get\_unique\_affix() . '\_activate\_existing' ) ?>
379
370
<input type="hidden" name="is\_extensions\_tracking\_allowed" value="1">
380
371
<input type="hidden" name="is\_diagnostic\_tracking\_allowed" value="1">
…
…
386
377
<?php unset( $optin\_params\['sites'\]); ?>
387
378
<?php foreach ( $optin\_params as $name => $value ) : ?>
388
<input type="hidden" name="<?php echo $name ?>" value="<?php echo esc\_attr( $value ) ?>">
379
<input type="hidden" name="<?php echo esc\_attr( $name ) ?>" value="<?php echo esc\_attr( $value ) ?>">
389
380
<?php endforeach ?>
390
381
<input type="hidden" name="is\_extensions\_tracking\_allowed" value="1">
…
…
397
388
<?php endif ?>
398
389
<?php if ( $require\_license\_key ) : ?>
399
<a id="license\_issues\_link" href="<?php echo $fs->apply\_filters( 'known\_license\_issues\_url', 'https://freemius.com/help/documentation/wordpress-sdk/license-activation-issues/' ) ?>" target="\_blank"><?php fs\_esc\_html\_echo\_inline( 'License issues?', 'license-issues', $slug ) ?></a>
390
<a id="license\_issues\_link"
391
href="<?php echo esc\_url( $fs->apply\_filters( 'known\_license\_issues\_url', 'https://freemius.com/help/documentation/wordpress-sdk/license-activation-issues/' ) ) ?>"
392
target="\_blank"><?php fs\_esc\_html\_echo\_inline( 'License issues?', 'license-issues', $slug ) ?></a>
400
393
<?php endif ?>
401
394
…
…
422
415
<a class="fs-trigger wp-core-ui" href="#" tabindex="1" style="color: inherit;"><?php echo sprintf(
423
416
fs\_esc\_html\_inline( 'For delivery of security & feature updates, and license management, %s needs to', 'license-sync-disclaimer', $slug ) . '<b class="fs-arrow"></b>',
424
sprintf( '<nobr class="button-link" style="color: inherit;">%s</nobr>', $fs->get\_plugin\_title() )
417
sprintf( '<nobr class="button-link" style="color: inherit;">%s</nobr>', esc\_html( $fs->get\_plugin\_title() ) )
425
418
) ?></a>
426
419
<?php else : ?>
427
420
<a class="fs-trigger wp-core-ui" href="#" tabindex="1" style="color: inherit;"><?php printf(
428
421
fs\_esc\_html\_inline( 'This will allow %s to', 'this-will-allow-x', $slug ) . '<b class="fs-arrow"></b>',
429
sprintf( '<nobr class="button-link" style="color: inherit;">%s</nobr>', $fs->get\_plugin\_title() )
422
sprintf( '<nobr class="button-link" style="color: inherit;">%s</nobr>', esc\_html( $fs->get\_plugin\_title() ) )
430
423
) ?></a>
431
424
<?php endif ?>
…
…
452
445
</div>
453
446
<div class="fs-terms">
454
<a class="fs-tooltip-trigger<?php echo is\_rtl() ? ' rtl' : '' ?>" href="<?php echo $freemius\_site\_url ?>" target="\_blank" rel="noopener" tabindex="1">Powered by Freemius<?php if ( $require\_license\_key ) : ?> <span class="fs-tooltip" style="width: 170px"><?php echo $fs->get\_text\_inline( 'Freemius is our licensing and software updates engine', 'permissions-extensions\_desc' ) ?></span><?php endif ?></a>
447
<a class="fs-tooltip-trigger<?php echo is\_rtl() ? ' rtl' : '' ?>" href="<?php echo esc\_url( $freemius\_activation\_terms\_url ) ?>" target="\_blank" rel="noopener" tabindex="1">Powered by Freemius<?php if ( $require\_license\_key ) : ?> <span class="fs-tooltip" style="width: 170px"><?php echo esc\_html( $fs->get\_text\_inline( 'Freemius is our licensing and software updates engine', 'permissions-extensions\_desc' ) ) ?></span><?php endif ?></a>
455
448
-
456
449
<a href="https://freemius.com/privacy/" target="\_blank" rel="noopener"
457
450
tabindex="1"><?php fs\_esc\_html\_echo\_inline( 'Privacy Policy', 'privacy-policy', $slug ) ?></a>
458
451
-
459
<a href="<?php echo $require\_license\_key ? $freemius\_plugin\_terms\_url : $freemius\_usage\_tracking\_url ?>" target="\_blank" rel="noopener" tabindex="1"><?php $require\_license\_key ? fs\_echo\_inline( 'License Agreement', 'license-agreement', $slug ) : fs\_echo\_inline( 'Terms of Service', 'tos', $slug ) ?></a>
452
<?php if ($require\_license\_key) : ?>
453
<a href="<?php echo esc\_url( $freemius\_plugin\_terms\_url ) ?>" target="\_blank" rel="noopener" tabindex="1"><?php fs\_echo\_inline( 'License Agreement', 'license-agreement', $slug ) ?></a>
454
<?php else : ?>
455
<a href="<?php echo esc\_url( $freemius\_usage\_tracking\_url ) ?>" target="\_blank" rel="noopener" tabindex="1"><?php fs\_echo\_inline( 'Terms of Service', 'tos', $slug ) ?></a>
456
<?php endif; ?>
460
457
</div>
461
458
</div>
post-smtp/trunk/freemius/templates/forms/affiliation.php
r2830498
r2935537
88
88
$module\_id = $fs->get\_id();
89
89
$affiliate\_program\_terms\_url = "https://freemius.com/plugin/{$module\_id}/{$slug}/legal/affiliate-program/";
90
91
$has\_tabs = $fs->\_add\_tabs\_before\_content();
90
92
?>
91
93
<div id="fs\_affiliation\_content\_wrapper" class="wrap">
…
…
501
503
</div>
502
504
<?php
505
if ( $has\_tabs ) {
506
$fs->\_add\_tabs\_after\_content();
507
}
508
503
509
$params = array(
504
510
'page' => 'affiliation',
post-smtp/trunk/freemius/templates/forms/optout.php
r2839728
r2935537
119
119
$form\_id = "fs\_opt\_out\_{$fs->get\_id()}";
120
120
?>
121
<div id="<?php echo $form\_id ?>"
121
<div id="<?php echo esc\_attr( $form\_id ) ?>"
122
122
class="fs-modal fs-modal-opt-out"
123
data-plugin-id="<?php echo $fs->get\_id() ?>"
124
data-action="<?php echo $fs->get\_ajax\_action( $ajax\_action ) ?>"
125
data-security="<?php echo $fs->get\_ajax\_security( $ajax\_action ) ?>"
123
data-plugin-id="<?php echo esc\_attr( $fs->get\_id() ) ?>"
124
data-action="<?php echo esc\_attr( $fs->get\_ajax\_action( $ajax\_action ) ) ?>"
125
data-security="<?php echo esc\_attr( $fs->get\_ajax\_security( $ajax\_action ) ) ?>"
126
126
style="display: none">
127
127
<div class="fs-modal-dialog">
…
…
146
146
<?php foreach ( $permission\_groups as $i => $permission\_group ) : ?>
147
147
<?php if ( ! empty( $permission\_group\[ 'prompt' \] ) ) : ?>
148
<div class="fs-<?php echo $permission\_group\[ 'id' \] ?>-opt-out fs-opt-out-disclaimer" data-group-id="<?php echo $permission\_group\[ 'id' \] ?>" style="display: none">
148
<div class="fs-<?php echo esc\_attr( $permission\_group\[ 'id' \] ) ?>-opt-out fs-opt-out-disclaimer" data-group-id="<?php echo esc\_attr( $permission\_group\[ 'id' \] ) ?>" style="display: none">
149
149
<div class="fs-modal-body">
150
150
<div class="fs-modal-panel active">
151
151
<div class="notice notice-error inline opt-out-error-message"><p></p></div>
152
152
<?php foreach ( $permission\_group\[ 'prompt' \] as $p ) : ?>
153
<?php // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
153
154
<p><?php echo $p ?></p>
154
155
<?php endforeach ?>
…
…
171
172
$( document ).ready(function() {
172
173
FS.OptOut(
173
'<?php echo $fs->get\_id() ?>',
174
'<?php echo $slug ?>',
175
'<?php echo $fs->get\_module\_type() ?>',
174
<?php echo wp\_json\_encode( $fs->get\_id() ) ?>,
175
<?php echo wp\_json\_encode( $slug ) ?>,
176
<?php echo wp\_json\_encode( $fs->get\_module\_type() ) ?>,
176
177
<?php echo $fs->is\_registered( true ) ? 'true' : 'false' ?>,
177
178
<?php echo $fs->is\_tracking\_allowed() ? 'true' : 'false' ?>,
178
'<?php echo esc\_js( $reconnect\_url ) ?>'
179
<?php echo wp\_json\_encode( $reconnect\_url ) ?>
179
180
);
180
181
});
post-smtp/trunk/freemius/templates/gdpr-optin-js.php
r2830498
r2935537
30
30
cursor = $this.css( 'cursor' ),
31
31
$products = $gdprOptinNotice.find( 'span\[data-plugin-id\]' ),
32
pluginIDs = \[\];
32
pluginIDs = \[\],
33
ajaxUrl = <?php echo Freemius::ajax\_url() ?>;
33
34
34
35
if ( $products.length > 0 ) {
…
…
39
40
40
41
$.ajax({
41
url : <?php echo Freemius::ajax\_url() ?> + '?' + $.param({
42
url : ajaxUrl + (ajaxUrl.includes('?') ? '&' : '?') + $.param({
42
43
action : '<?php echo $fs->get\_ajax\_action( 'gdpr\_optin\_action' ) ?>',
43
44
security : '<?php echo $fs->get\_ajax\_security( 'gdpr\_optin\_action' ) ?>',
post-smtp/trunk/freemius/templates/partials/network-activation.php
r2830498
r2935537
62
62
<?php foreach ( $sites as $site ) : ?>
63
63
<tr<?php if ( ! empty( $site\['license\_id'\] ) ) {
64
echo ' data-license-id="' . $site\['license\_id'\] . '"';
64
echo ' data-license-id="' . esc\_attr( $site\['license\_id'\] ) . '"';
65
65
} ?>>
66
66
<?php if ( $require\_license\_key ) : ?>
67
67
<td><input type="checkbox" value="true" /></td>
68
68
<?php endif ?>
69
<td class="blog-id"><span><?php echo $site\['blog\_id'\] ?></span>.</td>
69
<td class="blog-id"><span><?php echo esc\_html( $site\['blog\_id'\] ) ?></span>.</td>
70
70
<td width="600"><span><?php
71
71
$url = str\_replace( 'http://', '', str\_replace( 'https://', '', $site\['url'\] ) );
72
echo $url;
72
echo esc\_html( $url );
73
73
?></span>
74
74
<?php foreach ($site\_props as $prop) : ?>
75
<input class="<?php echo $prop ?>" type="hidden" value="<?php echo esc\_attr($site\[$prop\]) ?>" />
75
<input class="<?php echo esc\_attr( $prop ) ?>" type="hidden" value="<?php echo esc\_attr($site\[$prop\]) ?>" />
76
76
<?php endforeach ?>
77
77
</td>
post-smtp/trunk/freemius/templates/plugin-info/description.php
r2839728
r2935537
57
57
<?php $i = 0;
58
58
foreach ( $screenshots as $s => $url ) : ?>
59
<?php
60
// Relative URLs are replaced with WordPress.org base URL
61
// therefore we need to set absolute URLs.
62
$url = 'http' . ( WP\_FS\_\_IS\_HTTPS ? 's' : '' ) . ':' . $url;
63
?>
64
59
<li class="<?php echo ( 0 === $i % 2 ) ? 'odd' : 'even' ?>">
65
60
<style>
post-smtp/trunk/freemius/templates/plugin-info/screenshots.php
r2749024
r2935537
23
23
<?php $i = 0;
24
24
foreach ( $screenshots as $s => $url ) : ?>
25
<?php
26
// Relative URLs are replaced with WordPress.org base URL
27
// therefore we need to set absolute URLs.
28
$url = 'http' . ( WP\_FS\_\_IS\_HTTPS ? 's' : '' ) . ':' . $url;
29
?>
30
25
<li>
31
26
<a href="<?php echo $url ?>" title="<?php echo esc\_attr( sprintf( fs\_text\_inline( 'Click to view full-size screenshot %d', 'view-full-size-x', $plugin->slug ), $i ) ) ?>"><img src="<?php echo $url ?>"></a>
post-smtp/trunk/freemius/templates/tabs-capture-js.php
r2830498
r2935537
43
43
aboveTabsHtml = settingHtml.substr(0, tabsPosition);
44
44
45
var tabsHtml = $('.wrap .nav-tab-wrapper').clone().wrap('<div>').parent().html();
45
var tabsHtml = $('.wrap .nav-tab-wrapper').clone().wrap('<div>').parent().html(),
46
ajaxUrl = <?php echo Freemius::ajax\_url() ?>;
46
47
47
48
$.ajax({
48
url : <?php echo Freemius::ajax\_url() ?> + '?' + $.param({
49
url : ajaxUrl + (ajaxUrl.includes('?') ? '&' : '?') + $.param({
49
50
action : '<?php echo $fs->get\_ajax\_action( 'store\_tabs' ) ?>',
50
51
security : '<?php echo $fs->get\_ajax\_security( 'store\_tabs' ) ?>',
post-smtp/trunk/postman-smtp.php
r2929002
r2935537
7
7
\* Plugin URI: https://wordpress.org/plugins/post-smtp/
8
8
\* Description: Email not reliable? Post SMTP is the first and only WordPress SMTP plugin to implement OAuth 2.0 for Gmail, Hotmail and Yahoo Mail. Setup is a breeze with the Configuration Wizard and integrated Port Tester. Enjoy worry-free delivery even if your password changes!
9
\* Version: 2.5.7
9
\* Version: 2.5.8-beta.1
10
10
\* Author: Post SMTP
11
11
\* Text Domain: post-smtp
…
…
103
103
define( 'POST\_SMTP\_PATH', \_\_DIR\_\_ );
104
104
define( 'POST\_SMTP\_URL', plugins\_url('', POST\_SMTP\_BASE ) );
105
define( 'POST\_SMTP\_VER', '2.5.7' );
105
define( 'POST\_SMTP\_VER', '2.5.8' );
106
106
define( 'POST\_SMTP\_DB\_VERSION', '1.0.1' );
107
107
define( 'POST\_SMTP\_ASSETS', plugin\_dir\_url( \_\_FILE\_\_ ) . 'assets/' );
post-smtp/trunk/readme.txt
r2933433
r2935537
94
94
\*\*Advanced Email Delivery and Logs Extension\*\*
95
95
With the \[Advanced Email Delivery and Logs Extension\](https://postmansmtp.com/extensions/advanced-email-delivery/), boost your email efficiency and improve deliverability. Also, implement effective email quota management and streamlined log storage for optimal email communication.
96
97
96
\= Post SMTP Membership Plans =
98
97
\[Post SMTP membership plans\](https://postmansmtp.com/membership-plan/) offer access to all pro extensions along with other benefits including 1-year extension updates and support, Email Reporting, Logging, and Tracking, all other SMTP Services and a 30-day money-back guarantee.
…
…
305
304
\== Changelog ==
306
305
306
\= 2.5.8 - 2023-07-06 =
307
\*\*IMPROVEMENTS\*\*
308
309
\* Added function to escape backend email content popup HTML.
310
\* Added Failed/success labels for better visibility.
311
\* Displayed error message on hover and in the popup to simplify the interface and UX in the log section.
312
\* Updated Feedback SDK to the latest version
313
314
\*\*FIXES\*\*
315
316
\* Fix: Pagination was getting reset on resending emails.
317
307
318
\= 2.5.7 - 2023-06-21 =
308
319
\*\*IMPROVEMENTS\*\*
post-smtp/trunk/script/postman-email-logs.js
r2919441
r2935537
90
90
\` );
91
91
92
if( data\['success'\] == '<span title="Successful"></span>' ) {
92
if( data\['success'\] == '<span title="Success">Success</span>' ) {
93
93
94
94
jQuery( status ).addClass( 'ps-email-log-status-success' );
…
…
320
320
if( response.success === true ) {
321
321
322
logsDT.ajax.reload();
322
logsDT.ajax.reload( null, false );
323
323
324
324
}
…
…
510
510
511
511
alert( response.message );
512
logsDT.ajax.reload();
512
logsDT.ajax.reload( null, false );
513
513
514
514
}
…
…
558
558
559
559
alert( response.message );
560
logsDT.ajax.reload();
560
logsDT.ajax.reload( null, false );
561
561
562
562
}
…
…
564
564
565
565
alert( response.message );
566
logsDT.ajax.reload();
566
logsDT.ajax.reload( null, false );
567
567
568
568
}
…
…
574
574
} );
575
575
576
577
jQuery( document ).on( 'click', '.ps-status-log', function( e ) {
578
579
e.preventDefault();
580
var \_details = jQuery( this ).siblings( 'span' ).attr( 'title' );
581
jQuery( '.ps-popup-container' ).html( \`<h1>Details</h1>${\_details}\` );
582
583
} );
584
576
585
})
post-smtp/trunk/style/postman.css
r2919441
r2935537
1334
1334
color: #fff;
1335
1335
font-weight: 600;
1336
height: 9px;
1337
width: 9px;
1338
border-radius: 50px;
1336
border-radius: 25px;
1339
1337
display: inline-block;
1340
1338
margin-right: 5px;
1341
1339
cursor: pointer;
1342
}
1343
1340
padding: 2px 10px;
1341
}
1344
1342
1345
1343
.ps-email-log-status-success span {
…
…
1543
1541
display: inline-block;
1544
1542
font-family: inherit;
1545
}
1543
margin-left: 5px;
1544
}