Skip to content

Commit

Permalink
Merge branch 'hotfix/2.20.2'
Browse files Browse the repository at this point in the history
  • Loading branch information
JasonTheAdams committed Jun 8, 2022
2 parents ec1739a + 8450a70 commit f23d0fb
Show file tree
Hide file tree
Showing 34 changed files with 271 additions and 193 deletions.
4 changes: 2 additions & 2 deletions give.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
* Description: The most robust, flexible, and intuitive way to accept donations on WordPress.
* Author: GiveWP
* Author URI: https://givewp.com/
* Version: 2.20.1
* Version: 2.20.2
* Requires at least: 5.0
* Requires PHP: 7.0
* Text Domain: give
Expand Down Expand Up @@ -305,7 +305,7 @@ private function setup_constants()
{
// Plugin version.
if (!defined('GIVE_VERSION')) {
define('GIVE_VERSION', '2.20.1');
define('GIVE_VERSION', '2.20.2');
}

// Plugin Root File.
Expand Down
22 changes: 12 additions & 10 deletions includes/admin/donors/donor-actions.php
Original file line number Diff line number Diff line change
Expand Up @@ -161,16 +161,18 @@ function give_edit_donor( $args ) {

if ( $output['success'] ) {
wp_safe_redirect(
add_query_arg(
array(
'post_type' => 'give_forms',
'page' => 'give-donors',
'view' => 'overview',
'id' => $donor_id,
'give-messages[]' => 'profile-updated',
),
esc_url( admin_url( 'edit.php' ) )
)
esc_url(
add_query_arg(
array(
'post_type' => 'give_forms',
'page' => 'give-donors',
'view' => 'overview',
'id' => $donor_id,
'give-messages[]' => 'profile-updated',
),
admin_url( 'edit.php' )
)
)
);
}

Expand Down
41 changes: 14 additions & 27 deletions includes/admin/emails/filters.php
Original file line number Diff line number Diff line change
Expand Up @@ -23,41 +23,28 @@ function give_email_notification_row_actions_callback( $row_actions, $email ) {
if ( Give_Email_Notification_Util::is_email_preview( $email ) ) {
$preview_link = sprintf(
'<a href="%1$s" target="_blank">%2$s</a>',
wp_nonce_url(
add_query_arg(
array(
'give_action' => 'preview_email',
'email_type' => $email->config['id'],
),
home_url()
),
'give-preview-email'
),
esc_url(
wp_nonce_url(
add_query_arg(
array(
'give_action' => 'preview_email',
'email_type' => $email->config['id'],
),
home_url()
),
'give-preview-email'
)
),
__( 'Preview', 'give' )
);

$send_preview_email_link = sprintf(
'<a href="%1$s">%2$s</a>',
wp_nonce_url(
add_query_arg(
array(
'give_action' => 'send_preview_email',
'email_type' => $email->config['id'],
'give-messages[]' => 'sent-test-email',
)
),
'give-send-preview-email'
),
__( 'Send test email', 'give' )
);

$send_preview_email_link = give()->tooltips->render_link( [
'tag_content' => esc_html__( 'Send test email', 'give' ),
'label' => sprintf(
esc_html__( 'Click this link to send a test email to yourself at %s', 'give' ),
wp_get_current_user()->user_email
),
'link' => wp_nonce_url(
'link' => esc_url(wp_nonce_url(
add_query_arg(
array(
'give_action' => 'send_preview_email',
Expand All @@ -66,7 +53,7 @@ function give_email_notification_row_actions_callback( $row_actions, $email ) {
)
),
'give-send-preview-email'
)
))
] );

$row_actions['email_preview'] = $preview_link;
Expand Down
48 changes: 26 additions & 22 deletions includes/admin/give-metabox-functions.php
Original file line number Diff line number Diff line change
Expand Up @@ -1158,33 +1158,37 @@ function give_email_preview_buttons( $field ) {

echo sprintf(
'<a href="%1$s" class="button-secondary" target="_blank">%2$s</a>',
wp_nonce_url(
add_query_arg(
[
'give_action' => 'preview_email',
'email_type' => $field_id,
'form_id' => $post->ID,
],
home_url()
),
'give-preview-email'
),
esc_url(
wp_nonce_url(
add_query_arg(
[
'give_action' => 'preview_email',
'email_type' => $field_id,
'form_id' => $post->ID,
],
home_url()
),
'give-preview-email'
)
),
$field['name']
);

echo sprintf(
' <a href="%1$s" aria-label="%2$s" class="button-secondary">%3$s</a>',
wp_nonce_url(
add_query_arg(
[
'give_action' => 'send_preview_email',
'email_type' => $field_id,
'give-messages[]' => 'sent-test-email',
'form_id' => $post->ID,
]
),
'give-send-preview-email'
),
esc_url(
wp_nonce_url(
add_query_arg(
[
'give_action' => 'send_preview_email',
'email_type' => $field_id,
'give-messages[]' => 'sent-test-email',
'form_id' => $post->ID,
]
),
'give-send-preview-email'
)
),
esc_attr__( 'Send Test Email.', 'give' ),
esc_html__( 'Send Test Email', 'give' )
);
Expand Down
6 changes: 3 additions & 3 deletions includes/admin/import-functions.php
Original file line number Diff line number Diff line change
Expand Up @@ -702,15 +702,15 @@ function give_save_import_donation_to_db( $raw_key, $row_data, $main_key = [], $

// check for duplicate donor by donor id
if ( ! empty( $csv_data['donor_id'] ) && ! empty( $data['donor_id'] ) && $csv_data['donor_id'] === $data['donor_id'] ) {
$donor = array_search( (int) $data['donor_id'], array_column( 'id', $donors_list ) );
$donor = array_search( (int) $data['donor_id'], array_column( $donors_list, 'id' ) );
if ( ! empty( $donor ) ) {
$dry_run_duplicate_donor = true;
}
}

// check for duplicate donor by user id
if ( empty( $dry_run_duplicate_donor ) && ! empty( $csv_data['user_id'] ) && ! empty( $data['user_id'] ) && $csv_data['user_id'] === $data['user_id'] ) {
$donor = array_search( (int) $data['user_id'], array_column( 'user_id', $donors_list ) );
$donor = array_search( (int) $data['user_id'], array_column( $donors_list, 'user_id' ) );
if ( ! empty( $donor ) ) {
$dry_run_duplicate_donor = true;
} else {
Expand Down Expand Up @@ -1120,5 +1120,5 @@ function give_import_page_url( $parameter = [] ) {
];
$import_query_arg = wp_parse_args( $parameter, $defalut_query_arg );

return add_query_arg( $import_query_arg, admin_url( 'edit.php' ) );
return esc_url_raw( add_query_arg( $import_query_arg, admin_url( 'edit.php' ) ) );
}
44 changes: 24 additions & 20 deletions includes/admin/payments/class-payments-table.php
Original file line number Diff line number Diff line change
Expand Up @@ -606,16 +606,18 @@ function get_row_actions( $payment ) {

$actions['email_links'] = sprintf(
'<a class="resend-single-donation-receipt" href="%1$s" aria-label="%2$s">%3$s</a>',
wp_nonce_url(
add_query_arg(
[
'give-action' => 'email_links',
'purchase_id' => $payment->ID,
],
$this->base_url
),
'give_payment_nonce'
),
esc_url(
wp_nonce_url(
add_query_arg(
[
'give-action' => 'email_links',
'purchase_id' => $payment->ID,
],
$this->base_url
),
'give_payment_nonce'
)
),
sprintf( __( 'Resend Donation %s Receipt', 'give' ), $payment->ID ),
__( 'Resend Receipt', 'give' )
);
Expand All @@ -625,16 +627,18 @@ function get_row_actions( $payment ) {
if ( current_user_can( 'view_give_payments' ) ) {
$actions['delete'] = sprintf(
'<a class="delete-single-donation" href="%1$s" aria-label="%2$s">%3$s</a>',
wp_nonce_url(
add_query_arg(
[
'give-action' => 'delete_payment',
'purchase_id' => $payment->ID,
],
$this->base_url
),
'give_donation_nonce'
),
esc_url(
wp_nonce_url(
add_query_arg(
[
'give-action' => 'delete_payment',
'purchase_id' => $payment->ID,
],
$this->base_url
),
'give_donation_nonce'
)
),
sprintf( __( 'Delete Donation %s', 'give' ), $payment->ID ),
__( 'Delete', 'give' )
);
Expand Down
24 changes: 13 additions & 11 deletions includes/admin/payments/view-payment-details.php
Original file line number Diff line number Diff line change
Expand Up @@ -137,16 +137,18 @@
echo sprintf(
'<span class="delete-donation" id="delete-donation-%d"><a class="delete-single-donation delete-donation-button dashicons dashicons-trash" href="%s" aria-label="%s"></a></span>',
$payment_id,
wp_nonce_url(
add_query_arg(
array(
'give-action' => 'delete_payment',
'purchase_id' => $payment_id,
),
$base_url
),
'give_donation_nonce'
),
esc_url(
wp_nonce_url(
add_query_arg(
array(
'give-action' => 'delete_payment',
'purchase_id' => $payment_id,
),
$base_url
),
'give_donation_nonce'
)
),
sprintf( __( 'Delete Donation %s', 'give' ), $payment_id )
);
}
Expand Down Expand Up @@ -357,7 +359,7 @@
<a href="<?php echo $purchase_url; ?>"><?php _e( 'View all donations for this donor &raquo;', 'give' ); ?></a>
</p>
</div>

</div>
<!-- /.column-container -->

Expand Down
46 changes: 26 additions & 20 deletions includes/admin/reports/class-gateways-reports-table.php
Original file line number Diff line number Diff line change
Expand Up @@ -74,13 +74,15 @@ public function column_default( $item, $column_name ) {
$value = $item[ $column_name ] ?
sprintf(
'<a href="%s">%s</a>',
add_query_arg(
array(
'status' => 'publish',
'gateway' => $item['ID'],
),
$donation_list_page_url
),
esc_url(
add_query_arg(
array(
'status' => 'publish',
'gateway' => $item['ID'],
),
$donation_list_page_url
)
),
$item[ $column_name ]
) :
$item[ $column_name ];
Expand All @@ -90,13 +92,15 @@ public function column_default( $item, $column_name ) {
$value = $item[ $column_name ] ?
sprintf(
'<a href="%s">%s</a>',
add_query_arg(
array(
'status' => 'pending',
'gateway' => $item['ID'],
),
$donation_list_page_url
),
esc_url(
add_query_arg(
array(
'status' => 'pending',
'gateway' => $item['ID'],
),
$donation_list_page_url
)
),
$item[ $column_name ]
) :
$item[ $column_name ];
Expand All @@ -106,12 +110,14 @@ public function column_default( $item, $column_name ) {
$value = $item[ $column_name ] ?
sprintf(
'<a href="%s">%s</a>',
add_query_arg(
array(
'gateway' => $item['ID'],
),
$donation_list_page_url
),
esc_url(
add_query_arg(
array(
'gateway' => $item['ID'],
),
$donation_list_page_url
)
),
$item[ $column_name ]
) :
$item[ $column_name ];
Expand Down
2 changes: 1 addition & 1 deletion includes/admin/reports/graphing.php
Original file line number Diff line number Diff line change
Expand Up @@ -809,7 +809,7 @@ function give_parse_report_dates( $data ) {
$tab = isset( $_GET['tab'] ) ? sanitize_text_field( $_GET['tab'] ) : 'earnings';
$id = isset( $_GET['form-id'] ) ? $_GET['form-id'] : null;

wp_redirect( add_query_arg( $dates, admin_url( 'edit.php?post_type=give_forms&page=give-reports&legacy=true&tab=' . esc_attr( $tab ) . '&view=' . esc_attr( $view ) . '&form-id=' . absint( $id ) ) ) );
wp_redirect( esc_url(add_query_arg( $dates, admin_url( 'edit.php?post_type=give_forms&page=give-reports&legacy=true&tab=' . esc_attr( $tab ) . '&view=' . esc_attr( $view ) . '&form-id=' . absint( $id ) ) ) ) );
give_die();
}

Expand Down
2 changes: 1 addition & 1 deletion includes/admin/tools/export/export-functions.php
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ function give_do_ajax_export() {

$json_data = [
'step' => 'done',
'url' => add_query_arg( $args, admin_url() ),
'url' => esc_url_raw(add_query_arg( $args, admin_url() )),
];

}
Expand Down
2 changes: 1 addition & 1 deletion includes/ajax-functions.php
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ function give_get_ajax_url( $query = [] ) {
$ajax_url = add_query_arg( $query, $ajax_url );
}

return apply_filters( 'give_ajax_url', $ajax_url );
return esc_url_raw( apply_filters( 'give_ajax_url', $ajax_url ) );
}

/**
Expand Down
Loading

0 comments on commit f23d0fb

Please sign in to comment.