[gentoo-commits] proj/blogs-gentoo:master commit in: plugins/easy-table/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] proj/blogs-gentoo:master commit in: plugins/easy-table/
@ 2019-01-02  3:17 Anthony G. Basile
  0 siblings, 0 replies; only message in thread
From: Anthony G. Basile @ 2019-01-02  3:17 UTC (permalink / raw
  To: gentoo-commits

commit:     10a9ee4edcef60c2189085d8ebd2cc0d31b62126
Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Wed Jan  2 03:17:02 2019 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Wed Jan  2 03:17:02 2019 +0000
URL:        https://gitweb.gentoo.org/proj/blogs-gentoo.git/commit/?id=10a9ee4e

Update easy-table 1.8

Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>

 plugins/easy-table/easy-table.php | 56 ++++++++++-----------------------------
 plugins/easy-table/readme.txt     | 12 ++++++---
 2 files changed, 23 insertions(+), 45 deletions(-)

diff --git a/plugins/easy-table/easy-table.php b/plugins/easy-table/easy-table.php
index 4bfe285..1ade56f 100644
--- a/plugins/easy-table/easy-table.php
+++ b/plugins/easy-table/easy-table.php
@@ -4,7 +4,7 @@ Plugin Name: Easy Table
 Plugin URI: http://takien.com/
 Description: Create table in post, page, or widget in easy way.
 Author: Takien
-Version: 1.6
+Version: 1.8
 Author URI: http://takien.com/
 */
 
@@ -106,7 +106,7 @@ function __construct(){
 private function easy_table_base($return){
 	$easy_table_base = Array(
 				'name' 			=> 'Easy Table',
-				'version' 		=> '1.6',
+				'version' 		=> '1.8',
 				'plugin-domain'	=> 'easy-table'
 	);
 	return $easy_table_base[$return];
@@ -570,23 +570,24 @@ function themes(){
 	}
 	return $themes;
 }
-function theme_content() {
-	if(!isset($_GET['edit'])) {
-		return false;
-	}
-		$theme = $_GET['edit'];
-		$dir   = plugin_dir_path(__FILE__).'themes/';
-		if(is_writable($dir.$theme.'/style.css')) {
-			return file_get_contents($dir.$theme.'/style.css');
-		}
-}
+
 /**
 * Register plugin setting
+* @since: 1.7 add sanitize_callback
 */
 function easy_table_register_setting() {
-	register_setting('easy_table_option_field', 'easy_table_plugin_option');
+	$args = array('sanitize_callback'=> array(&$this,'easy_table_sanitize_callback'));
+	register_setting('easy_table_option_field', 'easy_table_plugin_option', $args);
 }
 
+/** 
+* Add sanitize_callback to register_setting to filter the options value 
+* @since: 1.7
+*/
+
+function easy_table_sanitize_callback ( $value ) {
+	return filter_var( $value,FILTER_CALLBACK, array("options"=>"strip_tags"));
+}
 /**
 * Render form
 * @param array 
@@ -1085,35 +1086,6 @@ col4,col5,col6
 
 </div>
 <div class="clear"></div>
-<?php elseif($_GET['gettab'] == 'themes') : ?>
-	<h3><?php _e('Easy Table theme editor');?></h3>
-
-	<div class="row">
-		<div class="columns nine">
-			<textarea name="" id="easy-table-theme-editor"><?php echo esc_textarea($this->theme_content());?></textarea>
-			<input type="submit" class="button primary" value="Save"/>
-		</div>
-		<div class="columns three">
-			<ul>
-				<?php
-					foreach($this->themes() as $theme) {
-						echo '
-						<li><a href="#">'.$theme.'</a> 
-						<a href="options-general.php?page=easy-table&gettab=themes&edit='.$theme.'">edit</a>
-						<a href="&edit-theme=1&clone=1#">clone</a>
-						<a href="#">delete</a>
-						<a href="#">preview</a>
-						</li>';
-					}
-				?>
-			</ul>
-			<form action="">
-				New theme: <br/>
-				<input type="text" value="" placeholder="Theme name" name="themename"/>
-				<input type="submit" value="Create"/>
-			</form>
-		</div>
-	</div>
 
 <?php elseif($_GET['gettab'] == 'support') : ?>
 <p>To ask question, please visit this plugin support on WordPress.org</p>

diff --git a/plugins/easy-table/readme.txt b/plugins/easy-table/readme.txt
index 4e09bf5..96036d6 100644
--- a/plugins/easy-table/readme.txt
+++ b/plugins/easy-table/readme.txt
@@ -2,9 +2,9 @@
 Contributors: takien
 Donate link: http://takien.com/donate
 Tags: table,csv,csv-to-table,post,excel,csv file,widget,tablesorter
-Requires at least: 3.0
-Tested up to: 4.4.1
-Stable tag: 1.6
+Requires at least: 4.0
+Tested up to: 4.9.8
+Stable tag: 1.8
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 
@@ -248,6 +248,12 @@ No
 
 == Changelog ==
 
+= 1.8 =
+* Remove unused and unsafe code that made this plugin taken down from repository.
+
+= 1.7 =
+* Add filter to the option values to prevent security issues (Vulnerability reported by Manuel Garcia Cardenas)
+
 = 1.6 = 
 * Added: exclude_row, exclude_col argument. Useful to hide sort of rows or columns from your data.
 * Added: sslverify=false to wp_remote_get $args


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2019-01-02  3:17 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-01-02  3:17 [gentoo-commits] proj/blogs-gentoo:master commit in: plugins/easy-table/ Anthony G. Basile

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox