Skip to content

Commit

Permalink
4.4.57
Browse files Browse the repository at this point in the history
  • Loading branch information
@pixelbart
pixelbart committed Oct 7, 2021
1 parent 81d4eb8 commit 0eb44a1
Show file tree
Hide file tree
Showing 8 changed files with 495 additions and 107 deletions.
40 changes: 40 additions & 0 deletions core/class-helper.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -449,4 +449,44 @@ public static function is_feedback_disabled()

return false;
}

/**
* Returns the allowed HTML tags and attributes for the kses function
* that are allowed when saving the settings.
*
* @version 4.4.57
* @since 4.4.56
*
* @return array
*/
public static function kses_allowed_tags()
{
$tags = [
'a' => [
'class' => [],
'href' => [],
'title' => [],
],
'br' => [
'class' => [],
],
'em' => [
'class' => [],
],
'strong' => [
'class' => [],
],
'hr' => [
'class' => [],
],
'p' => [
'class' => [],
],
'div' => [
'class' => [],
],
];

return apply_filters('helpful/kses/allowed_tags', $tags);
}
}
163 changes: 132 additions & 31 deletions core/tabs/class-details.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,41 +61,110 @@ public function __construct()
public function register_settings()
{
$fields = [
'helpful_credits',
'helpful_hide_in_content',
'helpful_post_types',
'helpful_exists_hide',
'helpful_count_hide',
'helpful_widget',
'helpful_widget_amount',
'helpful_widget_pro',
'helpful_widget_contra',
'helpful_widget_pro_recent',
'helpful_widget_contra_recent',
'helpful_only_once',
'helpful_percentages',
'helpful_form_status_pro',
'helpful_form_email_pro',
'helpful_form_status_contra',
'helpful_form_email_contra',
'helpful_metabox',
'helpful_widget_hide_publication',
'helpful_hide_admin_columns',
'helpful_shrink_admin_columns',
'helpful_feedback_widget',
'helpful_feedback_disabled',
'helpful_wordpress_user',
'helpful_ip_user',
'helpful_credits' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_hide_in_content' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_post_types' => [
'type' => 'array',
],
'helpful_exists_hide' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_count_hide' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_widget' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_widget_amount' => [
'type' => 'integer',
'sanitize_callback' => 'intval'
],
'helpful_widget_pro' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_widget_contra' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_widget_pro_recent' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_widget_contra_recent' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_only_once' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_percentages' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_form_status_pro' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_form_email_pro' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_form_status_contra' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_form_email_contra' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_metabox' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_widget_hide_publication' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_hide_admin_columns' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_shrink_admin_columns' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_feedback_widget' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_feedback_disabled' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_wordpress_user' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'helpful_ip_user' => [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
];

$fields = apply_filters('helpful_details_settings_group', $fields);

foreach ($fields as $field):
$args = [
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field'
];

foreach ($fields as $field => $args):
register_setting('helpful-details-settings-group', $field, apply_filters('helpful_settings_group_args', $args, $field));
endforeach;
}
Expand Down Expand Up @@ -157,4 +226,36 @@ public function register_tab_alerts()
echo Helper::get_alert($message, 'success', 1500);
}
}

/**
* Filters the values of an option before saving them. Thus does not allow every HTML element
* and makes Helpful a bit more secure.
*
* @version 4.4.57
* @since 4.4.57
*
* @param mixed $value
*
* @return mixed
*/
public function sanitize_input($value)
{
return wp_kses($value, Helper::kses_allowed_tags());
}

/**
* Filters the values of an option before saving them. Thus does not allow
* HTML element and makes Helpful a bit more secure.
*
* @version 4.4.57
* @since 4.4.57
*
* @param mixed $value
*
* @return mixed
*/
public function sanitize_input_without_tags($value)
{
return wp_kses($value, []);
}
}
Loading

0 comments on commit 0eb44a1

Please sign in to comment.