Changeset 3359804
- Timestamp:
- 09/11/2025 11:56:04 AM (8 weeks ago)
- Location:
- comments-import-export-woocommerce
- Files:
-
- 146 added
- 18 deleted
- 20 edited
-
tags/2.4.6 (added)
-
tags/2.4.6/Sample_CSV_Comment_Import_Export.csv (added)
-
tags/2.4.6/changelog.txt (added)
-
tags/2.4.6/hf-comments-import-export.php (added)
-
tags/2.4.6/images (added)
-
tags/2.4.6/images/documentation.png (added)
-
tags/2.4.6/images/help.png (added)
-
tags/2.4.6/images/money-back.svg (added)
-
tags/2.4.6/images/other_solutions (added)
-
tags/2.4.6/images/other_solutions/Sequential-order-number-plugin.png (added)
-
tags/2.4.6/images/other_solutions/WordPress-backup-and-migration-plugin.png (added)
-
tags/2.4.6/images/other_solutions/fbt_plugin.png (added)
-
tags/2.4.6/images/other_solutions/gdpr-cookie-concent-plugin.png (added)
-
tags/2.4.6/images/other_solutions/giftcards_plugin.png (added)
-
tags/2.4.6/images/other_solutions/order-import-export-plugin.png (added)
-
tags/2.4.6/images/other_solutions/pdf-invoice-plugin.png (added)
-
tags/2.4.6/images/other_solutions/product-feed-sync.png (added)
-
tags/2.4.6/images/other_solutions/product-import-export-plugin.png (added)
-
tags/2.4.6/images/other_solutions/product-recommendation.png (added)
-
tags/2.4.6/images/other_solutions/promote_crown.png (added)
-
tags/2.4.6/images/other_solutions/request-quote.png (added)
-
tags/2.4.6/images/other_solutions/smart-coupons-plugin.png (added)
-
tags/2.4.6/images/other_solutions/stripe-plugin.png (added)
-
tags/2.4.6/images/other_solutions/subscription-plugin.png (added)
-
tags/2.4.6/images/other_solutions/suite-1-plugin.png (added)
-
tags/2.4.6/images/other_solutions/url-coupons-plugin.png (added)
-
tags/2.4.6/images/other_solutions/user-import-export-plugin.png (added)
-
tags/2.4.6/images/other_solutions/wt-paypal-plugin.png (added)
-
tags/2.4.6/images/pipe-support.png (added)
-
tags/2.4.6/images/sample_csv.png (added)
-
tags/2.4.6/images/setup.png (added)
-
tags/2.4.6/images/support.png (added)
-
tags/2.4.6/images/support.svg (added)
-
tags/2.4.6/images/ui-bg_flat_0_aaaaaa_40x100.png (added)
-
tags/2.4.6/images/ui-icons_222222_256x240.png (added)
-
tags/2.4.6/images/ui-icons_444444_256x240.png (added)
-
tags/2.4.6/images/ui-icons_555555_256x240.png (added)
-
tags/2.4.6/images/ui-icons_777620_256x240.png (added)
-
tags/2.4.6/images/ui-icons_777777_256x240.png (added)
-
tags/2.4.6/images/ui-icons_cc0000_256x240.png (added)
-
tags/2.4.6/images/ui-icons_ffffff_256x240.png (added)
-
tags/2.4.6/images/video.png (added)
-
tags/2.4.6/images/webtoffee-logo_small.png (added)
-
tags/2.4.6/images/wf-ajax-loader.gif (added)
-
tags/2.4.6/images/wf-failed.png (added)
-
tags/2.4.6/images/wf-import.png (added)
-
tags/2.4.6/images/wf-notice.png (added)
-
tags/2.4.6/images/wf-success.png (added)
-
tags/2.4.6/images/white-crown.svg (added)
-
tags/2.4.6/images/wt-crown-gold.png (added)
-
tags/2.4.6/includes (added)
-
tags/2.4.6/includes/class-hf_cmt_impexpcsv-admin-screen.php (added)
-
tags/2.4.6/includes/class-hf_cmt_impexpcsv-ajax-handler.php (added)
-
tags/2.4.6/includes/class-hf_cmt_impexpcsv-cron.php (added)
-
tags/2.4.6/includes/class-hf_cmt_impexpcsv-import-cron.php (added)
-
tags/2.4.6/includes/class-hf_cmt_impexpcsv-system-status-tools.php (added)
-
tags/2.4.6/includes/class-wf-cmt_impexp-plugin-uninstall-feedback.php (added)
-
tags/2.4.6/includes/class-wt-cmt_impexp-plugin-review-request.php (added)
-
tags/2.4.6/includes/exporter (added)
-
tags/2.4.6/includes/exporter/class-hf_cmt_impexpcsv-exporter.php (added)
-
tags/2.4.6/includes/exporter/data (added)
-
tags/2.4.6/includes/exporter/data/data-hf-post-columns.php (added)
-
tags/2.4.6/includes/importer (added)
-
tags/2.4.6/includes/importer/class-hf-csv-parser.php (added)
-
tags/2.4.6/includes/importer/class-hf_cmt_impexpcsv-import.php (added)
-
tags/2.4.6/includes/importer/class-hf_cmt_impexpcsv-importer.php (added)
-
tags/2.4.6/includes/importer/data (added)
-
tags/2.4.6/includes/importer/data/data-hf-post-defaults.php (added)
-
tags/2.4.6/includes/importer/data/data-hf-reserved-fields-pair.php (added)
-
tags/2.4.6/includes/importer/data/data-hf-reserved-fields.php (added)
-
tags/2.4.6/includes/importer/views (added)
-
tags/2.4.6/includes/importer/views/html-hf-import-greeting.php (added)
-
tags/2.4.6/includes/importer/views/html-hf-import-options.php (added)
-
tags/2.4.6/includes/settings (added)
-
tags/2.4.6/includes/settings/class-hf_cmt_impexpcsv-settings.php (added)
-
tags/2.4.6/includes/vendor (added)
-
tags/2.4.6/includes/vendor/sftp-modules (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/AES.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/Base.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/Blowfish.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/DES.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/Hash.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/RC4.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/RSA.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/Random.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/Rijndael.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/TripleDES.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Crypt/Twofish.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Math (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Math/BigInteger.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Net (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Net/SFTP.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/phpseclib/Net/SSH2.php (added)
-
tags/2.4.6/includes/vendor/sftp-modules/readme.txt (added)
-
tags/2.4.6/includes/vendor/sftp-modules/sftp.php (added)
-
tags/2.4.6/includes/views (added)
-
tags/2.4.6/includes/views/export (added)
-
tags/2.4.6/includes/views/export/html-hf-export-WordPress-Comments-normal.php (added)
-
tags/2.4.6/includes/views/export/html-hf-export-WordPress-Comments.php (added)
-
tags/2.4.6/includes/views/html-hf-admin-screen.php (added)
-
tags/2.4.6/includes/views/html-hf-getting-started.php (added)
-
tags/2.4.6/includes/views/html-hf-othersolutions-page.php (added)
-
tags/2.4.6/includes/views/html-wf-help-guide.php (added)
-
tags/2.4.6/includes/views/import (added)
-
tags/2.4.6/includes/views/import/html-hf-import-product-comments.php (added)
-
tags/2.4.6/includes/views/market.php (added)
-
tags/2.4.6/includes/views/settings (added)
-
tags/2.4.6/includes/views/settings/html-hf-settings-products.php (added)
-
tags/2.4.6/js (added)
-
tags/2.4.6/js/product-rev-csv-import-export-for-woocommerce.min.js (added)
-
tags/2.4.6/js/select2.js (added)
-
tags/2.4.6/lang (added)
-
tags/2.4.6/lang/comments-import-export-woocommerce-fr_FR.mo (added)
-
tags/2.4.6/lang/comments-import-export-woocommerce-fr_FR.po (added)
-
tags/2.4.6/lang/comments-import-export-woocommerce.pot (added)
-
tags/2.4.6/license.txt (added)
-
tags/2.4.6/readme.txt (added)
-
tags/2.4.6/styles (added)
-
tags/2.4.6/styles/jquery-ui.css (added)
-
tags/2.4.6/styles/select2.css (added)
-
tags/2.4.6/styles/wf-style.css (added)
-
trunk/changelog.txt (added)
-
trunk/hf-comments-import-export.php (modified) (8 diffs)
-
trunk/includes/class-hf_cmt_impexpcsv-admin-screen.php (modified) (7 diffs)
-
trunk/includes/class-hf_cmt_impexpcsv-cron.php (modified) (1 diff)
-
trunk/includes/class-hf_cmt_impexpcsv-import-cron.php (modified) (5 diffs)
-
trunk/includes/class-wf-cmt_impexp-plugin-uninstall-feedback.php (modified) (3 diffs)
-
trunk/includes/class-wt-cmt_impexp-plugin-review-request.php (modified) (4 diffs)
-
trunk/includes/class-wt-security-helper.php (deleted)
-
trunk/includes/exporter/class-hf_cmt_impexpcsv-exporter.php (modified) (14 diffs)
-
trunk/includes/importer/class-hf-csv-parser.php (modified) (9 diffs)
-
trunk/includes/importer/class-hf_cmt_impexpcsv-import.php (modified) (57 diffs)
-
trunk/includes/importer/views/html-hf-import-greeting.php (modified) (5 diffs)
-
trunk/includes/settings/class-hf_cmt_impexpcsv-settings.php (modified) (2 diffs)
-
trunk/includes/sftp-modules/phpseclib/Crypt/AES.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/Base.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/Blowfish.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/DES.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/Hash.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/RC4.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/RSA.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/Random.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/Rijndael.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/TripleDES.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Crypt/Twofish.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Math/BigInteger.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Net/SFTP.php (deleted)
-
trunk/includes/sftp-modules/phpseclib/Net/SSH2.php (deleted)
-
trunk/includes/sftp-modules/readme.txt (deleted)
-
trunk/includes/sftp-modules/sftp.php (deleted)
-
trunk/includes/vendor (added)
-
trunk/includes/vendor/sftp-modules (added)
-
trunk/includes/vendor/sftp-modules/phpseclib (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/AES.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/Base.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/Blowfish.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/DES.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/Hash.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/RC4.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/RSA.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/Random.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/Rijndael.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/TripleDES.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Crypt/Twofish.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Math (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Math/BigInteger.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Net (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Net/SFTP.php (added)
-
trunk/includes/vendor/sftp-modules/phpseclib/Net/SSH2.php (added)
-
trunk/includes/vendor/sftp-modules/readme.txt (added)
-
trunk/includes/vendor/sftp-modules/sftp.php (added)
-
trunk/includes/views/export/html-hf-export-WordPress-Comments-normal.php (modified) (4 diffs)
-
trunk/includes/views/export/html-hf-export-WordPress-Comments.php (modified) (5 diffs)
-
trunk/includes/views/html-hf-admin-screen.php (modified) (2 diffs)
-
trunk/includes/views/html-hf-othersolutions-page.php (modified) (3 diffs)
-
trunk/includes/views/html-wf-help-guide.php (modified) (1 diff)
-
trunk/includes/views/market.php (modified) (2 diffs)
-
trunk/includes/views/settings/html-hf-settings-products.php (modified) (4 diffs)
-
trunk/js/product-rev-csv-import-export-for-woocommerce.min.js (modified) (4 diffs)
-
trunk/readme.txt (modified) (3 diffs)
-
trunk/temp_import.csv (deleted)
Legend:
- Unmodified
- Added
- Removed
-
comments-import-export-woocommerce/trunk/hf-comments-import-export.php
r3303524 r3359804 1 1 <?php 2 2 3 /* 4 Plugin Name: WordPressComments Import & Export5 Plugin URI: https://wordpress.org/plugins/comments-import-export-woocommerce/6 Description: Import and Export WordPress Comments From and To your Website.7 Author: WebToffee8 Author URI: https://www.webtoffee.com/9 Version: 2.4.510 Text Domain: comments-import-export-woocommerce11 License: GPLv312 License URI: https://www.gnu.org/licenses/gpl-3.0.html3 /** 4 * Plugin Name: Comments Import & Export 5 * Plugin URI: https://wordpress.org/plugins/comments-import-export-woocommerce/ 6 * Description: Import and Export WordPress Comments From and To your Website. 7 * Author: WebToffee 8 * Author URI: https://www.webtoffee.com/ 9 * Version: 2.4.6 10 * Text Domain: comments-import-export-woocommerce 11 * License: GPLv3 12 * License URI: https://www.gnu.org/licenses/gpl-3.0.html 13 13 */ 14 14 … … 26 26 } 27 27 28 if (!defined(' PLUGIN_VERSION')) {29 30 define(" PLUGIN_VERSION", "2.4.5");28 if (!defined('WBTE_CMT_IMP_EXP_VERSION')) { 29 30 define("WBTE_CMT_IMP_EXP_VERSION", "2.4.6"); 31 31 } 32 32 … … 64 64 add_filter('woocommerce_screen_ids', array($this, 'woocommerce_screen_ids')); 65 65 add_filter('plugin_action_links_' . plugin_basename(__FILE__), array($this, 'hw_plugin_action_links')); 66 add_action('init', array($this, 'load_plugin_textdomain'));67 66 add_action('init', array($this, 'catch_export_request'), 20); 68 67 add_action('init', array($this, 'catch_save_settings'), 20); … … 94 93 include_once 'includes/class-wf-cmt_impexp-plugin-uninstall-feedback.php'; 95 94 96 // WT Security Helper97 include_once ('includes/class-wt-security-helper.php');98 95 // review request 99 96 include_once 'includes/class-wt-cmt_impexp-plugin-review-request.php'; … … 115 112 116 113 function hw_product_comments_ie_admin_notice() { 117 global $pagenow; 118 global $post;119 120 if ( !isset($_GET["hw_product_Comment_ie_msg"]) && empty($_GET["hw_product_Comment_ie_msg"])) {114 115 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification not needed. 116 $wf_product_Comment_ie_msg = isset($_GET["hw_product_Comment_ie_msg"]) ? sanitize_text_field(wp_unslash($_GET["hw_product_Comment_ie_msg"])) : ''; // @codingStandardsIgnoreLine. 117 if (empty($wf_product_Comment_ie_msg)) { 121 118 return; 122 119 } 123 124 $wf_product_Comment_ie_msg = sanitize_text_field(wp_unslash($_GET["hw_product_Comment_ie_msg"]));125 120 126 121 switch ($wf_product_Comment_ie_msg) { 127 122 case "1": 128 echo '<div class="update"><p>' . esc_html ('Successfully uploaded via FTP.', 'comments-import-export-woocommerce') . '</p></div>';123 echo '<div class="update"><p>' . esc_html__('Successfully uploaded via FTP.', 'comments-import-export-woocommerce') . '</p></div>'; 129 124 break; 130 125 case "2": 131 echo '<div class="error"><p>' . esc_html ('Error while uploading via FTP.', 'comments-import-export-woocommerce') . '</p></div>';126 echo '<div class="error"><p>' . esc_html__('Error while uploading via FTP.', 'comments-import-export-woocommerce') . '</p></div>'; 132 127 break; 133 128 case "3": 134 echo '<div class="error"><p>' . esc_html ('Please choose the file in CSV format either using Method 1 or Method 2.', 'comments-import-export-woocommerce') . '</p></div>';129 echo '<div class="error"><p>' . esc_html__('Please choose the file in CSV format either using Method 1 or Method 2.', 'comments-import-export-woocommerce') . '</p></div>'; 135 130 break; 136 131 } … … 146 141 147 142 /** 148 * Handle localisation149 */150 public function load_plugin_textdomain() {151 load_plugin_textdomain('comments-import-export-woocommerce', false, dirname(plugin_basename(__FILE__)) . '/lang/');152 }153 154 /**155 143 * Catches an export request and exports the data. This class is only loaded in admin. 156 144 */ 157 145 public function catch_export_request() { 158 if (!empty($_GET['action']) && !empty($_GET['page']) && $_GET['page'] == 'hw_cmt_csv_im_ex') { 159 switch ($_GET['action']) { 146 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification not needed. 147 $action = isset($_GET['action']) ? sanitize_text_field(wp_unslash($_GET['action'])) : ''; // @codingStandardsIgnoreLine. 148 $page = isset($_GET['page']) ? sanitize_text_field(wp_unslash($_GET['page'])) : ''; // @codingStandardsIgnoreLine. 149 150 if (!empty($action) && !empty($page) && $page == 'hw_cmt_csv_im_ex') { 151 switch ($action) { 160 152 case "export" : 161 153 $user_ok = self::hf_user_permission(); … … 172 164 173 165 public function catch_save_settings() { 174 if (!empty($_GET['action']) && !empty($_GET['page']) && $_GET['page'] == 'hw_cmt_csv_im_ex') { 175 switch ($_GET['action']) { 166 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification not needed. 167 $action = isset($_GET['action']) ? sanitize_text_field(wp_unslash($_GET['action'])) : ''; // @codingStandardsIgnoreLine. 168 $page = isset($_GET['page']) ? sanitize_text_field(wp_unslash($_GET['page'])) : ''; // @codingStandardsIgnoreLine. 169 if (!empty($action) && !empty($page) && $page == 'hw_cmt_csv_im_ex') { 170 switch ($action) { 176 171 case "settings" : 177 172 include_once( 'includes/settings/class-hf_cmt_impexpcsv-settings.php' ); … … 210 205 return $footer_text; 211 206 } 207 212 208 $screen = get_current_screen(); 213 209 $allowed_screen_ids = array('comments_page_hw_cmt_csv_im_ex'); 214 if (in_array($screen->id, $allowed_screen_ids) || (isset($_GET['page']) && $_GET['page'] == 'hw_cmt_csv_im_ex')|| (isset($_GET['import']) && $_GET['import'] == 'product_comments_csv')) { 210 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification not needed. 211 $page = isset($_GET['page']) ? sanitize_text_field(wp_unslash($_GET['page'])) : ''; // @codingStandardsIgnoreLine. 212 $import = isset($_GET['import']) ? sanitize_text_field(wp_unslash($_GET['import'])) : ''; // @codingStandardsIgnoreLine. 213 214 if (in_array($screen->id, $allowed_screen_ids) || ($page == 'hw_cmt_csv_im_ex')|| ($import == 'product_comments_csv')) { 215 215 216 if (!get_option('wcie_wt_plugin_reviewed')) { 216 $footer_text = sprintf( 217 wp_kses_post('If you like the plugin please leave us a %1$s review.', 'comments-import-export-woocommerce'), '<a href="https://wordpress.org/support/plugin/comments-import-export-woocommerce/reviews#new-post" target="_blank" class="wt-review-link" data-rated="' . esc_attr__('Thanks :)', 'comments-import-export-woocommerce') . '">★★★★★</a>' 218 ); 219 220 $user_js = "jQuery( 'a.wt-review-link' ).click( function() { 221 jQuery.post( '" . admin_url("admin-ajax.php") . "', { action: 'wcie_wt_review_plugin' } ); 222 jQuery( this ).parent().text( jQuery( this ).data( 'rated' ) ); 223 });"; 224 $js = "<!-- User Import JavaScript -->\n<script type=\"text/javascript\">\njQuery(function($) { $user_js });\n</script>\n"; 225 // echo $js; 217 218 $footer_text = wp_kses_post(sprintf( 219 // Translators: %1$s is the link to the plugin review page with 5 stars symbol. 220 __('If you like the plugin please leave us a %1$s review.', 'comments-import-export-woocommerce'), '<a href="https://wordpress.org/support/plugin/comments-import-export-woocommerce/reviews#new-post" target="_blank" class="wt-review-link" data-rated="' . esc_attr__('Thanks :)', 'comments-import-export-woocommerce') . '">★★★★★</a>' 221 )); 222 223 // $user_js = "jQuery( 'a.wt-review-link' ).on( 'click', function() { 224 // jQuery.post( '" . esc_url(admin_url("admin-ajax.php")) . "', { action: 'wcie_wt_review_plugin' } ); 225 // jQuery( this ).parent().text( jQuery( this ).data( 'rated' ) ); 226 // });"; 227 // $js = "<!-- User Import JavaScript -->\n<script type=\"text/javascript\">\njQuery(function($) { " . esc_js( $user_js ) . "});\n</script>\n"; 226 228 } else { 227 229 $footer_text = __('Thank you for your review.', 'comments-import-export-woocommerce'); -
comments-import-export-woocommerce/trunk/includes/class-hf_cmt_impexpcsv-admin-screen.php
r3301183 r3359804 27 27 28 28 public function custom_comment_columns($columns) { 29 $columns['comment_export_to_csv'] = __('Export' );29 $columns['comment_export_to_csv'] = __('Export', 'comments-import-export-woocommerce'); 30 30 return $columns; 31 31 } … … 43 43 public function process_ajax_export_single_comment() { 44 44 45 $nonce = sanitize_text_field(wp_unslash($_GET['_wpnonce']));46 if (! wp_verify_nonce($nonce,'comments-import-export-woocommerce') || !HW_Product_Comments_Import_Export_CSV::hf_user_permission()) {45 $nonce = isset($_GET['_wpnonce']) ? sanitize_text_field(wp_unslash($_GET['_wpnonce'])) : ''; 46 if (!empty($nonce) && !wp_verify_nonce($nonce,'comments-import-export-woocommerce') || !HW_Product_Comments_Import_Export_CSV::hf_user_permission()) { 47 47 wp_die(esc_html__('You do not have sufficient permissions to access this page.', 'comments-import-export-woocommerce')); 48 48 } 49 49 50 $comment_ID = !empty($_GET['comment_ID']) ? absint( $_GET['comment_ID']) : '';50 $comment_ID = !empty($_GET['comment_ID']) ? absint(wp_unslash($_GET['comment_ID'])) : ''; 51 51 if (!$comment_ID) { 52 52 die; … … 93 93 $screen = get_current_screen(); 94 94 $allowed_creen_id = array('comments_page_hw_cmt_csv_im_ex',); 95 if (in_array($screen->id, $allowed_creen_id) || (isset($_GET['import']) && $_GET['import'] == 'product_comments_csv')) { 95 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification not needed. 96 $import = isset($_GET['import']) ? sanitize_text_field(wp_unslash($_GET['import'])) : ''; // @codingStandardsIgnoreLine. 97 if (in_array($screen->id, $allowed_creen_id) || ($import == 'product_comments_csv')) { 96 98 if ( function_exists( 'WC' ) ) { 97 99 $wc_path = self::hw_get_wc_path(); 98 wp_enqueue_style('woocommerce_admin_styles', $wc_path . '/assets/css/admin.css' );100 wp_enqueue_style('woocommerce_admin_styles', $wc_path . '/assets/css/admin.css', array(), WBTE_CMT_IMP_EXP_VERSION); 99 101 wp_enqueue_script('wc-enhanced-select'); 100 102 }else{ 101 wp_enqueue_style('woocommerce-cmt-select2-css', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/styles/select2.css', basename(__FILE__)), '', PLUGIN_VERSION, '');102 wp_enqueue_script('woocommerce-cmt-select2-js', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/js/select2.js', basename(__FILE__)), array(), PLUGIN_VERSION, true);103 wp_enqueue_style('woocommerce-cmt-select2-css', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/styles/select2.css', basename(__FILE__)), '', WBTE_CMT_IMP_EXP_VERSION, ''); 104 wp_enqueue_script('woocommerce-cmt-select2-js', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/js/select2.js', basename(__FILE__)), array(), WBTE_CMT_IMP_EXP_VERSION, true); 103 105 } 104 wp_enqueue_style('woocommerce-product-csv-importer1', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/styles/wf-style.css', basename(__FILE__)), '', PLUGIN_VERSION, 'screen');105 wp_enqueue_style('woocommerce-product-csv-importer3', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/styles/jquery-ui.css', basename(__FILE__)), '', PLUGIN_VERSION, 'screen');106 wp_enqueue_script('woocommerce-product-csv-importer2', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/js/product-rev-csv-import-export-for-woocommerce.min.js', basename(__FILE__)), '', PLUGIN_VERSION, 'screen');106 wp_enqueue_style('woocommerce-product-csv-importer1', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/styles/wf-style.css', basename(__FILE__)), '', WBTE_CMT_IMP_EXP_VERSION, 'screen'); 107 wp_enqueue_style('woocommerce-product-csv-importer3', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/styles/jquery-ui.css', basename(__FILE__)), '', WBTE_CMT_IMP_EXP_VERSION, 'screen'); 108 wp_enqueue_script('woocommerce-product-csv-importer2', plugins_url(basename(plugin_dir_path(HW_CMT_ImpExpCsv_FILE)) . '/js/product-rev-csv-import-export-for-woocommerce.min.js', basename(__FILE__)), '', WBTE_CMT_IMP_EXP_VERSION, 'screen'); 107 109 wp_enqueue_script('jquery-ui-datepicker'); 110 111 wp_localize_script( 112 'woocommerce-product-csv-importer2', 113 'wbtfe_comment_imp_exp_params', 114 array('messages' => array( 115 'no_file_selected' => esc_html__( 'Please select a file to import', 'comments-import-export-woocommerce' ), 116 )) 117 ); 108 118 } 109 119 } … … 115 125 116 126 $tab = 'import'; 117 $curent_tab = !empty($_GET['tab']) ? sanitize_text_field(wp_unslash($_GET['tab'])) : ''; 127 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification not needed. 128 $curent_tab = !empty($_GET['tab']) ? sanitize_text_field(wp_unslash($_GET['tab'])) : ''; // @codingStandardsIgnoreLine. 118 129 if ($curent_tab) { 119 130 if ('settings' == $curent_tab) { … … 137 148 <script type="text/javascript"> 138 149 jQuery(document).ready(function ($) { 139 var $downloadToCSV = $('<option>').val('download_to_cmtiew_csv_hf').text('<?php esc_html_ _('Download as CSV', 'comments-import-export-woocommerce') ?>');150 var $downloadToCSV = $('<option>').val('download_to_cmtiew_csv_hf').text('<?php esc_html_e('Download as CSV', 'comments-import-export-woocommerce') ?>'); 140 151 $('select[name^="action"]').append($downloadToCSV); 141 152 }); … … 153 164 wp_die(esc_html__('You do not have sufficient permissions to access this page.', 'comments-import-export-woocommerce')); 154 165 } 155 156 $action = $_REQUEST['action'];166 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification is performing in the HW_Cmt_ImpExpCsv_Exporter::do_export() method. 167 $action = isset($_REQUEST['action']) ? sanitize_text_field(wp_unslash($_REQUEST['action'])) : ''; // @codingStandardsIgnoreLine. 157 168 if (!in_array($action, array('download_to_cmtiew_csv_hf'))) 158 169 return; 159 170 160 if (isset($_REQUEST['delete_comments'])) { 161 $cmt_ids = array_map('absint', $_REQUEST['delete_comments']); 171 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification is performing in the HW_Cmt_ImpExpCsv_Exporter::do_export() method. 172 $delete_comments = isset($_REQUEST['delete_comments']) ? wp_unslash($_REQUEST['delete_comments']) : ''; // @codingStandardsIgnoreLine. 173 if (!empty($delete_comments)) { 174 $cmt_ids = array_map('absint', $delete_comments); 162 175 } 163 176 if (empty($cmt_ids)) { … … 165 178 } 166 179 // give an unlimited timeout if possible 167 @set_time_limit(0); 180 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.PHP.DiscouragedPHPFunctions.runtime_configuration_set_time_limit 181 @set_time_limit(0); // @codingStandardsIgnoreLine. 168 182 169 183 if ($action == 'download_to_cmtiew_csv_hf') { -
comments-import-export-woocommerce/trunk/includes/class-hf_cmt_impexpcsv-cron.php
r3162447 r3359804 25 25 $schedules['export_interval'] = array( 26 26 'interval' => (int) $export_interval * 60, 27 // translators: %d is the interval 27 28 'display' => sprintf(__('Every %d minutes', 'comments-import-export-woocommerce'), (int) $export_interval) 28 29 ); -
comments-import-export-woocommerce/trunk/includes/class-hf_cmt_impexpcsv-import-cron.php
r3301183 r3359804 30 30 $schedules['import_interval'] = array( 31 31 'interval' => (int) $import_interval * 60, 32 // translators: %d is the interval 32 33 'display' => sprintf(__('Every %d minutes', 'comments-import-export-woocommerce'), (int) $import_interval) 33 34 ); … … 38 39 39 40 public function hw_new_scheduled_cmt_import() { 40 if ($this->imports_enabled) { 41 if ( !wp_next_scheduled('hw_cmt_csv_im_ex_auto_import_products')) {41 if ($this->imports_enabled) { 42 if ( ! wp_next_scheduled('hw_cmt_csv_im_ex_auto_import_products') ) { 42 43 $start_time = $this->settings['auto_import_start_time']; 43 44 $current_time = current_time('timestamp'); … … 71 72 public function hw_scheduled_import_products() { 72 73 73 //error_log("test run by wp-cron" , 3 , ABSPATH . '/wp-content/uploads/wc-logs/my-cron-log.txt');74 74 define( 'WP_LOAD_IMPORTERS', true ); 75 75 HW_Cmt_ImpExpCsv_ImportCron::product_importer(); 76 76 77 78 // echo '<pre>';print_r($GLOBALS['HW_CSV_Comments_Import']);exit;79 77 if($this->handle_ftp_for_autoimport()){ 80 81 82 // if($this->settings['auto_import_profile']!== ''){ 83 // $profile_array = get_option('hw_prod_csv_imp_exp_mapping'); 84 // $mapping = $profile_array[$this->settings['auto_import_profile']][0]; 85 // $eval_field = $profile_array[$this->settings['auto_import_profile']][1]; 86 // $start_pos = 0; 87 // $end_pos = ''; 88 // 89 // }else{ 90 // $this->error_message = 'Please set a mapping profile'; 91 // $GLOBALS['HW_CSV_Comments_Import']->log->add( 'csv-import', __( 'Failed processing import. Reason:'.$this->error_message, 'comments-import-export-woocommerce' ) ); 92 // } 93 if($this->settings['auto_import_merge']){ $_GET['merge'] = 1; } else { $_GET['merge'] = 0; } 78 if($this->settings['auto_import_merge']){ $_GET['merge'] = 1; } else { $_GET['merge'] = 0; } 94 79 95 //echo wp_next_scheduled('hw_cmt_csv_im_ex_auto_import_products').'<br/>'; 96 //echo date('Y-m-d H:i:s' , wp_next_scheduled('hw_cmt_csv_im_ex_auto_import_products')); 97 //echo $_GET['merge'];exit; 98 // echo $this->file_url;die; 99 $GLOBALS['HW_CSV_Comments_Import']->import_start( $this->file_url, $mapping, $start_pos, $end_pos, $eval_field ); 100 $GLOBALS['HW_CSV_Comments_Import']->import(); 101 $GLOBALS['HW_CSV_Comments_Import']->import_end(); 102 103 //do_action('hw_new_scheduled_cmt_import'); 104 //wp_clear_scheduled_hook('hw_cmt_csv_im_ex_auto_import_products'); 105 //do_action('hw_new_scheduled_cmt_import'); 106 107 die(); 80 81 $GLOBALS['HW_CSV_Comments_Import']->import_start( $this->file_url, array(), 0, null, array() ); 82 $GLOBALS['HW_CSV_Comments_Import']->import(); 83 $GLOBALS['HW_CSV_Comments_Import']->import_end(); 84 85 86 die(); 108 87 }else{ 109 $GLOBALS['HW_CSV_Comments_Import']->log->add( 'csv-import', __( 'Fetching file failed. Reason:'.$this->error_message, 'comments-import-export-woocommerce' ) ); 88 // translators: %s is the error message 89 $GLOBALS['HW_CSV_Comments_Import']->log->add( 'csv-import', sprintf( __('Fetching file failed. Reason: %s', 'comments-import-export-woocommerce'), $this->error_message ) ); 110 90 } 111 91 … … 139 119 $this->error_message = ""; 140 120 $success = false; 121 122 // Include SFTP addon. 123 include_once(plugin_dir_path(__FILE__) . 'vendor/sftp-modules/sftp.php'); 141 124 142 125 // if ($use_pasv) … … 213 196 require_once 'importer/class-hf_cmt_impexpcsv-import.php'; 214 197 require_once 'importer/class-hf-csv-parser.php'; 215 // echo "ddddd";die;216 // if (!class_exists('WC_Logger')) {217 // $class_wc_logger = ABSPATH . 'wp-content/plugins/woocommerce/includes/class-wc-logger.php';218 // if (file_exists($class_wc_logger)) {219 // require $class_wc_logger;220 // }221 //222 // }223 // else224 // {225 // $class_wc_logger = ABSPATH . 'wp-content/plugins/comments-import-export-woocommerce/includes/WP_Logging.php';226 // if (file_exists($class_wc_logger)) {227 // require $class_wc_logger;228 // }229 // }230 198 231 $class_wc_logger = ABSPATH . 'wp-includes/pluggable.php'; 232 // require_once($class_wc_logger); 233 // wp_set_current_user(1); // escape user access check while running cron 199 $class_wc_logger = ABSPATH . 'wp-includes/pluggable.php'; 234 200 235 201 $GLOBALS['HW_CSV_Comments_Import'] = new HW_Cmt_ImpExpCsv_Import(); 236 237 202 $GLOBALS['HW_CSV_Comments_Import']->import_page = 'comments_csv_cron'; 203 $GLOBALS['HW_CSV_Comments_Import']->delimiter = ','; // need to give option in settingn , if some queries are coming 238 204 } 239 205 -
comments-import-export-woocommerce/trunk/includes/class-wf-cmt_impexp-plugin-uninstall-feedback.php
r3301183 r3359804 199 199 action: 'cmtimport_submit_uninstall_reason', 200 200 reason_id: (0 === $radio.length) ? 'none' : $radio.val(), 201 reason_info: (0 !== $input.length) ? $input.val().trim() : '' 201 reason_info: (0 !== $input.length) ? $input.val().trim() : '', 202 _wpnonce: '<?php echo esc_js(wp_create_nonce('cmtimport_submit_uninstall_reason')); ?>' 202 203 }, 203 204 beforeSend: function () { … … 220 221 global $wpdb; 221 222 223 if ( ! empty($_POST['_wpnonce']) && ! wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['_wpnonce'])), 'cmtimport_submit_uninstall_reason')) { 224 wp_send_json_error(); 225 } 226 222 227 if (!isset($_POST['reason_id'])) { 223 228 wp_send_json_error(); 224 229 } 225 226 227 230 228 231 $data = array( … … 233 236 'url' => '', 234 237 'user_email' => '', 235 'reason_info' => isset($_REQUEST['reason_info']) ? trim(stripslashes($_REQUEST['reason_info'])) : '',236 'software' => $_SERVER['SERVER_SOFTWARE'],238 'reason_info' => isset($_REQUEST['reason_info']) ? sanitize_textarea_field(wp_unslash($_REQUEST['reason_info'])) : '', 239 'software' => isset($_SERVER['SERVER_SOFTWARE']) ? sanitize_text_field(wp_unslash($_SERVER['SERVER_SOFTWARE'])) : '', 237 240 'php_version' => phpversion(), 238 241 'mysql_version' => $wpdb->db_version(), -
comments-import-export-woocommerce/trunk/includes/class-wt-cmt_impexp-plugin-review-request.php
r3301183 r3359804 48 48 $this->set_vars(); 49 49 50 add_action($this->activation_hook, array($this, 'on_activate')); 51 add_action($this->deactivation_hook, array($this, 'on_deactivate')); 52 53 if ($this->check_condition()) /* checks the banner is active now */ { 50 add_action( $this->activation_hook, array( $this, 'on_activate' ) ); 51 add_action( $this->deactivation_hook, array( $this, 'on_deactivate' ) ); 52 add_action( 'admin_init', array( $this, 'init' ) ); 53 } 54 55 public function init(){ 56 if ( $this->check_condition() ) { /* checks the banner is active now */ 54 57 55 $this->banner_message = sprintf(wp_kses_post("Hey, we at %sWebToffee%s would like to thank you for using our plugin. We would really appreciate if you could take a moment to drop a quick review that will inspire us to keep going.", 'comments-import-export-woocommerce'), '<strong>', '</strong>'); 58 // translators: %1$s HTML strong tag opening, %2$s HTML strong tag closing. 59 $this->banner_message = sprintf(__('Hey, we at %1$sWebToffee%2$s would like to thank you for using our plugin. We would really appreciate if you could take a moment to drop a quick review that will inspire us to keep going.', 'comments-import-export-woocommerce'), '<strong>', '</strong>'); 56 60 57 61 /* button texts */ … … 63 67 add_action('admin_print_footer_scripts', array($this, 'add_banner_scripts')); /* add banner scripts */ 64 68 add_action('wp_ajax_' . $this->ajax_action_name, array($this, 'process_user_action')); /* process banner user action */ 65 } 69 } 66 70 } 67 71 … … 184 188 /* prepare data object */ 185 189 var data_obj = { 186 _wpnonce: '<?php echo wp_json_encode($nonce); ?>',187 action: '<?php echo wp_json_encode($this->ajax_action_name); ?>',190 _wpnonce: '<?php echo esc_js($nonce); ?>', 191 action: '<?php echo esc_js($this->ajax_action_name); ?>', 188 192 wt_review_action_type: '' 189 193 }; … … 218 222 })(jQuery) 219 223 </script> 220 <?php224 <?php 221 225 } 222 226 -
comments-import-export-woocommerce/trunk/includes/exporter/class-hf_cmt_impexpcsv-exporter.php
r3301183 r3359804 24 24 } 25 25 26 $do_action = isset($_REQUEST['action']) ? $_REQUEST['action']: '';26 $do_action = isset($_REQUEST['action']) ? sanitize_text_field(wp_unslash($_REQUEST['action'])) : ''; 27 27 28 28 if ('download_to_cmtiew_csv_hf' === $do_action) { … … 31 31 } 32 32 } else { 33 if ( !wp_verify_nonce($_nonce, 'comments-import-export-woocommerce')) {33 if ( ! wp_doing_cron() && ! wp_verify_nonce($_nonce, 'comments-import-export-woocommerce') ) { 34 34 wp_die(esc_html__('You do not have sufficient permissions to access this page.', 'comments-import-export-woocommerce')); 35 35 } … … 44 44 } 45 45 46 $export_limit = !empty($_POST['limit']) ? intval( $_POST['limit']) : 999999999;46 $export_limit = !empty($_POST['limit']) ? intval(wp_unslash($_POST['limit'])) : 999999999; 47 47 $limit = 100; 48 $delimiter = !empty($_POST['delimiter']) ? $_POST['delimiter']: ','; // WPCS: CSRF ok, input var ok.49 $articles = !empty($_POST['articles']) ? Wt_WWCIEP_Security_Helper::sanitize_item($_POST['articles'], 'int_arr') : '';50 $products = !empty($_POST['products']) ? Wt_WWCIEP_Security_Helper::sanitize_item($_POST['products'], 'int_arr') : '';48 $delimiter = !empty($_POST['delimiter']) ? sanitize_text_field(wp_unslash($_POST['delimiter'])) : ','; // WPCS: CSRF ok, input var ok. 49 $articles = !empty($_POST['articles']) ? array_map('absint', wp_unslash($_POST['articles'])) : array(); 50 $products = !empty($_POST['products']) ? array_map('absint', wp_unslash($_POST['products'])) : array(); 51 51 if ($limit > $export_limit) 52 52 $limit = $export_limit; 53 53 54 if (isset($_POST['woo_enable']) && $_POST['woo_enable'] != 0) {54 if (isset($_POST['woo_enable']) && absint($_POST['woo_enable']) !== 0) { 55 55 $woo_set = '1'; 56 56 $product_enable = 'product'; … … 61 61 $cmd_type = null; 62 62 } 63 $cmt_date_from = !empty($_POST['cmt_date_from']) ? $_POST['cmt_date_from'] :date('Y-m-d 00:00', 0);64 $cmt_date_to = !empty($_POST['cmt_date_to']) ? $_POST['cmt_date_to'] :date('Y-m-d 23:59', current_time('timestamp'));63 $cmt_date_from = !empty($_POST['cmt_date_from']) ? sanitize_text_field(wp_unslash($_POST['cmt_date_from'])) : gmdate('Y-m-d 00:00', 0); 64 $cmt_date_to = !empty($_POST['cmt_date_to']) ? sanitize_text_field(wp_unslash($_POST['cmt_date_to'])) : gmdate('Y-m-d 23:59', current_time('timestamp')); 65 65 $csv_columns = include('data/data-hf-post-columns.php'); 66 $user_columns_name = !empty($_POST['columns_name']) ? Wt_WWCIEP_Security_Helper::sanitize_item($_POST['columns_name'], 'text_arr') : $csv_columns;67 $export_columns = !empty($_POST['columns']) ? Wt_WWCIEP_Security_Helper::sanitize_item($_POST['columns'], 'text_arr') : '';66 $user_columns_name = !empty($_POST['columns_name']) ? array_map('sanitize_text_field', wp_unslash($_POST['columns_name'])) : $csv_columns; 67 $export_columns = !empty($_POST['columns']) ? array_map('sanitize_text_field', wp_unslash($_POST['columns'])) : ''; 68 68 if ($limit > $export_limit) 69 69 $limit = $export_limit; … … 78 78 79 79 $wpdb->hide_errors(); 80 // @codingStandardsIgnoreStart 80 81 @set_time_limit(0); 81 if (function_exists('apache_setenv')) 82 if (function_exists('apache_setenv')){ 83 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 82 84 @apache_setenv('no-gzip', 1); 85 } 86 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.PHP.DiscouragedPHPFunctions.runtime_configuration_ini_set 83 87 @ini_set('zlib.output_compression', 0); 88 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 84 89 @ob_end_clean(); 90 // @codingStandardsIgnoreEnd 85 91 if ($enable_ftp_ie) { 86 92 $upload_path = wp_upload_dir(); 87 93 $file_path = $upload_path['path'] . '/'; 88 $file = (!empty($settings['export_ftp_file_name'])) ? $file_path . $settings['export_ftp_file_name'] : "WP_comments-export-" . date('Y_m_d_H_i_s', current_time('timestamp')) . ".csv";;89 // $file = "WP_comments-export-" . date('Y_m_d_H_i_s', current_time('timestamp')) . ".csv";90 $fp = fopen($file, 'w'); 94 $file = (!empty($settings['export_ftp_file_name'])) ? $file_path . sanitize_file_name($settings['export_ftp_file_name']) : "WP_comments-export-" . gmdate('Y_m_d_H_i_s', current_time('timestamp')) . ".csv"; 95 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fopen 96 $fp = fopen($file, 'w'); // @codingStandardsIgnoreLine. 91 97 } else { 92 98 header('Content-Type: text/csv; charset=UTF-8'); 93 header('Content-Disposition: attachment; filename=WP-comments-export-' . date('Y_m_d_H_i_s', current_time('timestamp')) . '.csv');99 header('Content-Disposition: attachment; filename=WP-comments-export-' . gmdate('Y_m_d_H_i_s', current_time('timestamp')) . '.csv'); 94 100 header('Pragma: no-cache'); 95 101 header('Expires: 0'); 96 $fp = fopen('php://output', 'w'); 102 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fopen 103 $fp = fopen('php://output', 'w'); // @codingStandardsIgnoreLine. 97 104 } 98 105 99 106 // Headers 100 // $all_meta_keys = array('');101 107 global $wpdb; 102 108 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 103 $all_meta_keys = $wpdb->get_col("SELECT DISTINCT pm.meta_key FROM {$wpdb->commentmeta} AS pm LEFT JOIN {$wpdb->comments} AS p ON p.comment_ID = pm.comment_id WHERE p.comment_approved IN ( '0','1') "); 109 $all_meta_keys = $wpdb->get_col("SELECT DISTINCT pm.meta_key FROM {$wpdb->commentmeta} AS pm LEFT JOIN {$wpdb->comments} AS p ON p.comment_ID = pm.comment_id WHERE p.comment_approved IN ( '0','1') "); // @codingStandardsIgnoreLine. 104 110 $found_coupon_meta = array(); 105 111 // Some of the values may not be usable (e.g. arrays of arrays) but the worse … … 124 130 foreach ($csv_columns as $column => $value) { 125 131 126 if ('comment_meta' == $column && isset($export_columns[$column])) { //exprt comment meta header132 if ('comment_meta' == $column && isset($export_columns[$column])) { //exprt comment meta header 127 133 foreach ($all_meta_keys as $comment_meta) { 128 134 $row[] = 'meta:' . self::format_data($comment_meta); … … 146 152 $row = apply_filters('wt_comments_csv_export_columns', $row); 147 153 $row = array_map('HW_Cmt_ImpExpCsv_Exporter::wrap_column', $row); 148 fwrite($fp, implode($delimiter, $row) . "\n"); 154 155 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_write_fwrite 156 fwrite($fp, implode($delimiter, $row) . "\n"); // @codingStandardsIgnoreLine. 149 157 unset($row); 150 158 $args = array( … … 170 178 171 179 if ($woo_set != '0') { 172 if (!empty($products)) { 173 for ($i = 0; $i < count($products); $i++) { 174 $args = array( 175 'post__in' => implode(',', $products), 176 'orderby' => 'comment_ID', 177 'order' => 'ASC', 178 'post_type' => $product_enable, 179 'type' => $cmd_type, 180 'number' => $export_limit, 181 'suppress_filters' => false, 182 'date_query' => array( 183 array( 184 'before' => $cmt_date_to, 185 'after' => $cmt_date_from, 186 'inclusive' => true, 187 ), 180 if (!empty($products) && is_array($products)) { 181 $args = array( 182 'post__in' => implode(',', $products), 183 'orderby' => 'comment_ID', 184 'order' => 'ASC', 185 'post_type' => $product_enable, 186 'type' => $cmd_type, 187 'number' => $export_limit, 188 'suppress_filters' => false, 189 'date_query' => array( 190 array( 191 'before' => $cmt_date_to, 192 'after' => $cmt_date_from, 193 'inclusive' => true, 188 194 ), 189 ); 190 } 191 } 192 } else { 193 if (!empty($articles)) { 194 for ($i = 0; $i < count($articles); $i++) { 195 $args = array( 196 'post__in' => implode(',', $articles), 197 'orderby' => 'comment_ID', 198 'order' => 'ASC', 199 'post_type' => $product_enable, 200 'type' => $cmd_type, 201 'number' => $export_limit, 202 'suppress_filters' => false, 203 'date_query' => array( 204 array( 205 'before' => $cmt_date_to, 206 'after' => $cmt_date_from, 207 'inclusive' => true, 208 ), 195 ), 196 ); 197 } 198 } else { 199 if (!empty($articles) && is_array($articles)) { 200 $args = array( 201 'post__in' => implode(',', $articles), 202 'orderby' => 'comment_ID', 203 'order' => 'ASC', 204 'post_type' => $product_enable, 205 'type' => $cmd_type, 206 'number' => $export_limit, 207 'suppress_filters' => false, 208 'date_query' => array( 209 array( 210 'before' => $cmt_date_to, 211 'after' => $cmt_date_from, 212 'inclusive' => true, 209 213 ), 210 ); 211 212 // $args['post__in'] = implode(',', $articles); 213 } 214 ), 215 ); 214 216 } 215 217 } … … 246 248 247 249 if (is_array($meta_value)) { 248 $meta_value = json_encode($meta_value);250 $meta_value = wp_json_encode($meta_value); 249 251 } 250 252 … … 283 285 if (isset($comment_meta_value)) { 284 286 if (is_array($comment_meta_value)) { 285 $comment_meta_value = json_encode($comment_meta_value);287 $comment_meta_value = wp_json_encode($comment_meta_value); 286 288 } 287 289 $row[] = self::format_data($comment_meta_value); … … 320 322 $row = apply_filters('wt_comments_export_csv_data', $row); 321 323 $row = array_map('HW_Cmt_ImpExpCsv_Exporter::wrap_column', $row); 322 fwrite($fp, implode($delimiter, $row) . "\n"); 324 325 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_write_fwrite 326 fwrite($fp, implode($delimiter, $row) . "\n"); // @codingStandardsIgnoreLine. 323 327 unset($row); 324 328 } 325 329 } 326 330 if ($enable_ftp_ie) { 327 include_once(plugin_dir_path(__FILE__) . '../ sftp-modules/sftp.php');331 include_once(plugin_dir_path(__FILE__) . '../vendor/sftp-modules/sftp.php'); 328 332 329 333 $remote_path = isset($settings['export_ftp_path']) ? $settings['export_ftp_path'] : null; … … 354 358 355 359 if ($use_ftps) { 356 $ftp_conn = @ftp_ssl_connect($ftp_server) or die(esc_html__("Could not connect to $ftp_server", 'comments-import-export-woocommerce')); 360 // translators: %s is the FTP server 361 $ftp_conn = @ftp_ssl_connect($ftp_server) or die(esc_html(sprintf(__("Could not connect to %s", 'comments-import-export-woocommerce'), $ftp_server))); 357 362 } else { 358 $ftp_conn = @ftp_connect($ftp_server) or die(esc_html__("Could not connect to $ftp_server", 'comments-import-export-woocommerce')); 363 // translators: %s is the FTP server 364 $ftp_conn = @ftp_connect($ftp_server) or die(esc_html(sprintf(__("Could not connect to %s", 'comments-import-export-woocommerce'), $ftp_server))); 359 365 } 360 366 $login = @ftp_login($ftp_conn, $ftp_user, $ftp_password); … … 379 385 } 380 386 381 fclose($fp); 387 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_write_fclose 388 fclose($fp); // @codingStandardsIgnoreLine. 382 389 exit; 383 390 } … … 394 401 case '_sale_price_dates_from': 395 402 case '_sale_price_dates_to': 396 return $meta_value ? date('Y-m-d', $meta_value) : '';403 return $meta_value ? gmdate('Y-m-d', $meta_value) : ''; 397 404 break; 398 405 case '_upsell_ids': 399 406 case '_crosssell_ids': 400 return implode('|', array_filter((array) json_decode($meta_value))); 407 $decoded = json_decode($meta_value, true); 408 return is_array($decoded) ? implode('|', array_filter($decoded)) : ''; 401 409 break; 402 410 default: -
comments-import-export-woocommerce/trunk/includes/importer/class-hf-csv-parser.php
r3301183 r3359804 49 49 if ($enc) 50 50 setlocale(LC_ALL, 'en_US.' . $enc); 51 @ini_set('auto_detect_line_endings', true); 51 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.PHP.DiscouragedPHPFunctions.runtime_configuration_ini_set 52 @ini_set('auto_detect_line_endings', true); // @codingStandardsIgnoreLine. 52 53 53 54 $parsed_data = array(); … … 55 56 56 57 // Put all CSV data into an associative array 57 if (($handle = fopen($file, "r")) !== FALSE) { 58 // PHPCS ignore reason: Direct read is intentional for CSV parsing. 59 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fopen 60 if (($handle = fopen($file, "r")) !== FALSE) { // @codingStandardsIgnoreLine. 58 61 59 62 $header = fgetcsv($handle, 0, $delimiter, '"', '"'); … … 107 110 break; 108 111 } 109 fclose($handle); 112 // PHPCS ignore reason: Direct read is intentional for CSV parsing. 113 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fclose 114 fclose($handle); // @codingStandardsIgnoreLine. 110 115 } 111 116 return array($parsed_data, $raw_headers, $position); … … 164 169 if (!isset($item['comment_post_ID']) || $item['comment_post_ID'] == '') { 165 170 if (isset($item['comment_post_title']) && $item['comment_post_title'] != '') { 166 $comment_post = get_page_by_title($item['comment_post_title'], OBJECT, 'post'); 167 $pid = $comment_post ? $comment_post->ID : ''; 171 $comment_post = null; 172 $query = new WP_Query( array( 173 'post_type' => 'post', 174 'title' => $item['comment_post_title'], 175 'posts_per_page' => 1, 176 'post_status' => 'any', 177 ) ); 178 179 if ( $query->have_posts() ) { 180 $comment_post = $query->posts[0]; // first matched post object 181 } 182 183 wp_reset_postdata(); 184 185 $pid = ! empty( $comment_post ) ? $comment_post->ID : ''; 168 186 $item['comment_post_ID'] = $pid; 169 187 } elseif (isset($item['comment_post_name']) && $item['comment_post_name'] != '') { … … 175 193 176 194 // Merging 177 $merging = (! empty($_GET['merge']) && $_GET['merge']) ? true : false; 195 // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Nonce verification already done in the dispatch() method. 196 $merging = (! empty($_GET['merge']) ); // @codingStandardsIgnoreLine. 178 197 $post_id = (! empty($item['comment_ID'])) ? $item['comment_ID'] : 0; 179 198 $post_id = (! empty($item['post_id'])) ? $item['post_id'] : $post_id; … … 183 202 184 203 if (function_exists('WC')) { 204 // translators: %s is the row number 185 205 $HW_CSV_Comments_Import->log->add('csv-import', sprintf(__('> Row %s - preparing for merge.', 'comments-import-export-woocommerce'), $this->row)); 186 206 } … … 188 208 if (! $post_id) { 189 209 if (function_exists('WC')) { 210 // translators: %s is the row number 190 211 $HW_CSV_Comments_Import->log->add('csv-import', __('> > Cannot merge without id. Importing instead.', 'comments-import-export-woocommerce')); 191 212 } … … 198 219 $post_pass_type = '"' . $post_db_type . '"'; 199 220 // Check product to merge exists 200 $db_query = $wpdb->prepare("201 SELECT comment_ID202 FROM $wpdb->comments203 WHERE $wpdb->comments = $post_id");204 221 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 205 $found_product_id = $wpdb->get_var($ db_query);222 $found_product_id = $wpdb->get_var($wpdb->prepare("SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = %d", $post_id)); // @codingStandardsIgnoreLine. 206 223 if (! $found_product_id) { 207 $HW_CSV_Comments_Import->log->add('csv-import', sprintf(__('> > Skipped. Cannot find product comments with ID %s. Importing instead.', 'comments-import-export-woocommerce'), $item['ID'])); 224 // translators: %s is the product id 225 $HW_CSV_Comments_Import->log->add('csv-import', sprintf(__('> > Skipped. Cannot find product comments with ID %s. Importing instead.', 'comments-import-export-woocommerce'), $post_id)); 208 226 $merging = false; 209 227 } else { 210 211 228 $post_id = $found_product_id; 212 229 // translators: %s is the product id 213 230 $HW_CSV_Comments_Import->log->add('csv-import', sprintf(__('> > Found product comments with ID %s.', 'comments-import-export-woocommerce'), $post_id)); 214 231 } … … 222 239 $product['merging'] = false; 223 240 if (function_exists('WC')) { 241 // translators: %s is the row number 224 242 $HW_CSV_Comments_Import->log->add('csv-import', sprintf(__('> Row %s - preparing for import.', 'comments-import-export-woocommerce'), $this->row)); 225 243 } -
comments-import-export-woocommerce/trunk/includes/importer/class-hf_cmt_impexpcsv-import.php
r3303524 r3359804 31 31 var $import_results = array(); 32 32 var $new_id = array(); 33 var $clean_before_import = 0; 33 34 34 35 /** … … 37 38 public function __construct() 38 39 { 39 40 40 if (function_exists('WC')) { 41 if ( WC()->version < '2.7.0') {41 if ( version_compare( WC()->version, '2.7.0', '<' ) ) { 42 42 $this->log = new WC_Logger(); 43 43 } else { … … 51 51 public function hf_log_data_change($content = 'csv-import', $data = '') 52 52 { 53 if ( WC()->version < '2.7.0') {53 if ( version_compare( WC()->version, '2.7.0', '<' ) ) { 54 54 $this->log->add($content, $data); 55 55 } else { … … 82 82 global $woocommerce; 83 83 } 84 85 // Nonce validations. 86 $step = isset( $_GET['step'] ) ? absint( wp_unslash( $_GET['step'] ) ) : 0; 87 switch ($step) { 88 case 1: 89 check_admin_referer('import-upload'); 90 break; 91 92 case 2: 93 check_admin_referer('import-options'); 94 break; 95 96 case 3: 97 case 4: 98 // Strict nonce and permission check 99 check_admin_referer( HW_CMT_IMP_EXP_ID, 'wt_nonce' ); 100 if ( ! HW_Product_Comments_Import_Export_CSV::hf_user_permission() ) { 101 wp_die( 102 esc_html__( 'Access Denied', 'comments-import-export-woocommerce' ), 103 esc_html__( 'Error', 'comments-import-export-woocommerce' ), 104 array( 'response' => 403 ) 105 ); 106 } 107 break; 108 } 109 110 84 111 add_action('init', array($this, 'hf_cmt_im_ex_StartSession'), 1); 85 112 86 // Sanitize and validate delimiter 87 $this->delimiter = !empty($_POST['delimiter']) ? 88 sanitize_text_field(stripslashes(trim($_POST['delimiter']))) : (!empty($_GET['delimiter']) ? 89 sanitize_text_field(stripslashes(trim($_GET['delimiter']))) : 90 ','); 91 92 // Sanitize and validate profile 93 $this->profile = !empty($_POST['profile']) ? 94 sanitize_text_field(stripslashes(trim($_POST['profile']))) : (!empty($_GET['profile']) ? 95 sanitize_text_field(stripslashes(trim($_GET['profile']))) : 96 ''); 113 // Delimiter (default: comma) 114 if ( isset( $_POST['delimiter'] ) ) { 115 $delimiter = sanitize_text_field( wp_unslash( $_POST['delimiter'] ) ); 116 } elseif ( isset( $_GET['delimiter'] ) ) { 117 $delimiter = sanitize_text_field( wp_unslash( $_GET['delimiter'] ) ); 118 } else { 119 $delimiter = ','; 120 } 121 122 // Ensure it's a single character 123 $this->delimiter = substr( $delimiter, 0, 1 ); 124 125 // Profile (default: empty string) 126 if ( isset( $_POST['profile'] ) ) { 127 $this->profile = sanitize_text_field( wp_unslash( $_POST['profile'] ) ); 128 } elseif ( isset( $_GET['profile'] ) ) { 129 $this->profile = sanitize_text_field( wp_unslash( $_GET['profile'] ) ); 130 } else { 131 $this->profile = ''; 132 } 97 133 98 134 if (!$this->delimiter) … … 114 150 $this->header(); 115 151 116 check_admin_referer('import-upload');117 118 152 if (!empty($_GET['file_url'])) 119 $this->file_url = esc_attr($_GET['file_url']); 153 $this->file_url = isset( $_GET['file_url'] ) ? sanitize_text_field( wp_unslash( $_GET['file_url'] ) ) : ''; 154 120 155 if (!empty($_GET['file_id'])) 121 $this->id = absint($_GET['file_id']);122 123 if ( !empty($_GET['clearmapping']) || $this->handle_upload())156 $this->id = isset( $_GET['file_id'] ) ? absint( wp_unslash( $_GET['file_id'] ) ) : 0; 157 158 if ( ! empty( $_GET['clearmapping'] ) || $this->handle_upload() ) { 124 159 $this->import_options(); 125 else 126 //esc_html_e( 'Error with handle_upload!', 'comments-import-export-woocommerce' ); 127 wp_redirect(wp_get_referer() . '&hw_product_comment_ie_msg=3'); 160 } 128 161 exit; 129 162 break; … … 131 164 $this->header(); 132 165 133 check_admin_referer('import-options'); 134 135 $this->id = absint($_POST['import_id']); 166 $this->id = isset( $_POST['import_id'] ) ? absint( wp_unslash( $_POST['import_id'] ) ) : 0; 136 167 137 168 if ($this->file_url_import_enabled) 138 $this->file_url = esc_attr($_POST['import_url']); 139 if ($this->id) 140 $file = get_attached_file($this->id); 141 else if ($this->file_url_import_enabled) 142 $file = ABSPATH . $this->file_url; 169 $this->file_url = isset( $_POST['import_url'] ) ? sanitize_text_field( wp_unslash( $_POST['import_url'] ) ) : ''; 170 if ($this->id){ 171 $file = get_attached_file( $this->id ); 172 } else if ( $this->file_url_import_enabled ) { 173 // Build absolute path. 174 $target = ABSPATH . ltrim( $this->file_url, '/\\' ); 175 176 // Resolve symlinks and normalize path. 177 $real = realpath( $target ); 178 179 if ( false === $real ) { 180 wp_die( esc_html__( 'Invalid file path.', 'comments-import-export-woocommerce' ) ); 181 } 182 183 // Ensure file is inside ABSPATH (prevents ../../ traversal) 184 if ( strpos( $real, realpath( ABSPATH ) ) !== 0 ) { 185 wp_die( esc_html__( 'Access denied.', 'comments-import-export-woocommerce' ), '', array( 'response' => 403 ) ); 186 } 187 188 $file = $real; 189 } 143 190 144 191 $file = str_replace("\\", "/", $file); 145 192 146 193 if ($file) { 147 ?>194 ?> 148 195 <table id="import-progress" class="widefat_importer widefat"> 149 196 <thead> … … 183 230 action: 'product_comments_csv_import_request', 184 231 file: '<?php echo esc_js($file); ?>', 185 mapping: '<?php echo json_encode(Wt_WWCIEP_Security_Helper::sanitize_item($_POST['map_from'], 'text_arr')); ?>',232 mapping: '<?php echo wp_json_encode( ( ! empty($_POST['map_from']) ? array_map( 'sanitize_text_field', wp_unslash( (array) $_POST['map_from'] ) ) : array() ) ); ?>', 186 233 profile: '<?php echo esc_js($this->profile); ?>', 187 eval_field: '<?php echo esc_html(stripslashes(json_encode(Wt_WWCIEP_Security_Helper::sanitize_item($_POST['eval_field'], 'text_arr'), JSON_HEX_APOS)))?>',234 eval_field: '<?php echo wp_json_encode( ( ! empty($_POST['eval_field']) ? array_map( 'sanitize_text_field', wp_unslash( (array) $_POST['eval_field'] ) ) : array() ), JSON_HEX_APOS); ?>', 188 235 delimiter: '<?php echo esc_js($this->delimiter); ?>', 189 236 clean_before_import: '<?php echo esc_js($this->clean_before_import); ?>', … … 212 259 213 260 return $.ajax({ 214 url: <?php echo wp_json_encode(esc_url_raw($url)); ?>,261 url: '<?php echo esc_url_raw($url); ?>', 215 262 data: data, 216 263 type: 'POST', … … 249 296 $(results.import_results).each(function(index, row) { 250 297 251 $('#import-progress tbody').append('<tr id="row-' + i + '" class="' + row['status'] + '"><td><mark class="result" title="' + row['status'] + '">' + row['post_id'] + '</mark></td><td class="row">' + i + '</td><td>' + row['post_id'] + '</td><td> <a href="' + row['comment_link'] + '" target="_blank" title="Comment: ' + row['cmd_title'] + '">Comment :' + row['post_id'] + '</a> </td><td class="reason">' + row['reason'] + '</td></tr>');298 $('#import-progress tbody').append('<tr id="row-' + i + '" class="' + row['status'] + '"><td><mark class="result" title="' + row['status'] + '">' + row['post_id'] + '</mark></td><td class="row">' + i + '</td><td>' + row['post_id'] + '</td><td> <a href="' + row['comment_link'] + '" target="_blank">Comment :' + row['post_id'] + '</a> </td><td class="reason">' + row['reason'] + '</td></tr>'); 252 299 i++; 253 300 }); … … 278 325 if ($enc) 279 326 setlocale(LC_ALL, 'en_US.' . $enc); 280 @ini_set('auto_detect_line_endings', true); 327 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.PHP.DiscouragedPHPFunctions.runtime_configuration_ini_set 328 @ini_set('auto_detect_line_endings', true); // @codingStandardsIgnoreLine. 281 329 282 330 $count = 0; … … 286 334 287 335 // Get CSV positions 288 if (($handle = fopen($file, "r")) !== FALSE) { 289 290 while (($postmeta = fgetcsv($handle, 0, $this->delimiter, '"', '"')) !== FALSE) { 291 $count++; 292 293 if ($count >= $limit) { 294 $previous_position = $position; 295 $position = ftell($handle); 296 $count = 0; 336 if ( file_exists( $file ) && is_readable( $file ) ) { 337 338 // PHPCS ignore reason: Direct read is intentional for CSV parsing. 339 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fopen 340 $handle = @fopen( $file, 'r' ); // @codingStandardsIgnoreLine. 341 342 if ( false !== $handle ) { 343 344 while (($postmeta = fgetcsv($handle, 0, $this->delimiter, '"', '"')) !== FALSE) { 345 $count++; 346 347 if ($count >= $limit) { 348 $previous_position = $position; 349 $position = ftell($handle); 350 $count = 0; 351 $import_count++; 352 353 // Import rows between $previous_position $position 354 ?>rows.push([<?php echo esc_js($previous_position); ?>, <?php echo esc_js($position); ?>]); 355 <?php 356 } 357 } 358 359 // Remainder 360 if ($count > 0) { 361 ?> 362 rows.push([<?php echo esc_js($position); ?>, '']); 363 <?php 297 364 $import_count++; 298 299 // Import rows between $previous_position $position300 ?>rows.push([<?php echo esc_js($previous_position); ?>, <?php echo esc_js($position); ?>]);301 <?php302 365 } 366 367 // PHPCS ignore reason: Direct read is intentional for CSV parsing. 368 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fclose 369 @fclose( $handle ); // @codingStandardsIgnoreLine. 303 370 } 304 305 // Remainder306 if ($count > 0) {307 ?>rows.push([<?php echo esc_js($position); ?>, '']);308 <?php309 $import_count++;310 }311 312 fclose($handle);313 371 } 314 372 ?> … … 318 376 import_rows(data[0], data[1]); 319 377 $('body').on('product_comments_csv_import_request_complete', function() { 320 if (done_count == <?php echo wp_json_encode($import_count); ?>) {378 if (done_count == <?php echo esc_js($import_count); ?>) { 321 379 322 380 import_done(); … … 355 413 356 414 $.ajax({ 357 url: <?php echo wp_json_encode( esc_url_raw( $raw_final_url ) ); ?>,415 url: '<?php echo esc_url_raw( $raw_final_url ); ?>', 358 416 data: data, 359 417 type: 'POST', … … 366 424 }); 367 425 </script> 368 <?php426 <?php 369 427 } else { 370 428 echo '<p class="error">' . esc_html__('Error finding uploaded file!', 'comments-import-export-woocommerce') . '</p>'; … … 372 430 break; 373 431 case 3: 374 // Strict nonce and permission check375 $nonce = isset($_POST['wt_nonce']) ? sanitize_text_field($_POST['wt_nonce']) : '';376 if (!wp_verify_nonce($nonce, HW_CMT_IMP_EXP_ID) || !HW_Product_Comments_Import_Export_CSV::hf_user_permission()) {377 wp_die(esc_html__('Access Denied', 'comments-import-export-woocommerce'));378 }379 432 380 433 // Sanitize and validate file path 381 $file = sanitize_text_field(stripslashes($_POST['file']));434 $file = ! empty( $_POST['file'] ) ? sanitize_text_field( wp_unslash( $_POST['file'] ) ) : ''; 382 435 if (filter_var($file, FILTER_VALIDATE_URL) || !self::is_valid_file_path($file)) { 383 436 wp_die(esc_html__('Invalid file path', 'comments-import-export-woocommerce')); … … 385 438 386 439 // Sanitize mapping and other inputs 387 $mapping = json_decode(stripslashes(Wt_WWCIEP_Security_Helper::sanitize_item($_POST['mapping'], 'text_arr')), true); 388 $profile = isset($_POST['profile']) ? sanitize_text_field($_POST['profile']) : ''; 389 $eval_field = Wt_WWCIEP_Security_Helper::sanitize_item($_POST['eval_field'], 'text_arr'); 390 $start_pos = isset($_POST['start_pos']) ? absint($_POST['start_pos']) : 0; 391 $end_pos = isset($_POST['end_pos']) ? absint($_POST['end_pos']) : ''; 440 $raw_mapping = ! empty($_POST['mapping']) ? sanitize_text_field(wp_unslash($_POST['mapping'])) : ''; 441 $mapping = json_decode($raw_mapping, true); 442 $mapping = is_array($mapping) ? array_map('sanitize_text_field', $mapping) : array(); 443 $profile = isset( $_POST['profile'] ) ? sanitize_text_field( wp_unslash( $_POST['profile'] ) ) : ''; 444 $eval_field = ! empty( $_POST['eval_field'] ) ? array_map( 'sanitize_text_field', wp_unslash( (array) $_POST['eval_field'] ) ) : array(); 445 $start_pos = isset( $_POST['start_pos'] ) ? absint( wp_unslash( $_POST['start_pos'] ) ) : 0; 446 $end_pos = isset( $_POST['end_pos'] ) ? absint( wp_unslash( $_POST['end_pos'] ) ) : ''; 392 447 393 448 add_filter('http_request_timeout', array($this, 'bump_request_timeout')); … … 396 451 gc_enable(); 397 452 453 // @codingStandardsIgnoreStart 398 454 @set_time_limit(0); 399 @ob_flush(); 400 @flush(); 455 @ob_flush(); //phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 456 @flush(); //phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 457 // @codingStandardsIgnoreEnd 401 458 $wpdb->hide_errors(); 402 459 … … 415 472 // die($results); 416 473 echo "<!--WC_START-->"; 417 echo json_encode($results);474 echo wp_json_encode($results); 418 475 echo "<!--WC_END-->"; 419 476 exit; 420 477 break; 421 478 case 4: 422 // Strict nonce and permission check423 $nonce = isset($_POST['wt_nonce']) ? sanitize_text_field($_POST['wt_nonce']) : '';424 if (!wp_verify_nonce($nonce, HW_CMT_IMP_EXP_ID) || !HW_Product_Comments_Import_Export_CSV::hf_user_permission()) {425 wp_die(esc_html__('Access Denied', 'comments-import-export-woocommerce'));426 }427 428 479 // Sanitize processed posts and post orphans 429 $this->processed_posts = isset( $_POST['processed_posts']) ?430 array_map( 'absint', Wt_WWCIEP_Security_Helper::sanitize_item($_POST['processed_posts'], 'int_arr')) :480 $this->processed_posts = isset( $_POST['processed_posts'] ) ? 481 array_map( 'absint', wp_unslash( (array) $_POST['processed_posts'] ) ) : 431 482 array(); 432 $this->post_orphans = isset( $_POST['post_orphans']) ?433 array_map( 'absint', Wt_WWCIEP_Security_Helper::sanitize_item($_POST['post_orphans'], 'int_arr')) :483 $this->post_orphans = isset( $_POST['post_orphans'] ) ? 484 array_map( 'absint', wp_unslash( (array) $_POST['post_orphans'] ) ) : 434 485 array(); 435 486 436 487 // Sanitize file path 437 $file = isset( $_POST['file']) ? sanitize_text_field(stripslashes($_POST['file'])) : '';488 $file = isset( $_POST['file'] ) ? sanitize_text_field( wp_unslash( $_POST['file'] ) ) : ''; 438 489 439 490 echo esc_html__('Step 1...', 'comments-import-export-woocommerce') . ' '; … … 464 515 465 516 if (in_array(pathinfo($file, PATHINFO_EXTENSION), array('txt', 'csv'))) { 466 unlink($file); 517 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.WP.AlternativeFunctions.file_system_read_unlink 518 @unlink( $file ); // @codingStandardsIgnoreLine. 467 519 } 468 520 $this->import_end(); … … 499 551 // Set locale 500 552 $enc = mb_detect_encoding($file, 'UTF-8, ISO-8859-1', true); 501 if ($enc) 553 if ($enc){ 502 554 setlocale(LC_ALL, 'en_US.' . $enc); 503 @ini_set('auto_detect_line_endings', true); 504 @delete_option('wt_post_comment_alter_id'); 555 } 556 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.PHP.DiscouragedPHPFunctions.runtime_configuration_ini_set 557 @ini_set('auto_detect_line_endings', true); // @codingStandardsIgnoreLine. 558 delete_option('wt_post_comment_alter_id'); 505 559 // Get headers 506 if (($handle = fopen($file, "r")) !== FALSE) { 507 508 $row = $raw_headers = array(); 509 510 $header = fgetcsv($handle, 0, $this->delimiter, '"', '"'); 511 512 while (($postmeta = fgetcsv($handle, 0, $this->delimiter, '"', '"')) !== FALSE) { 513 foreach ($header as $key => $heading) { 514 if (!$heading) 515 continue; 516 $s_heading = strtolower($heading); 517 $row[$s_heading] = (isset($postmeta[$key])) ? $this->format_data_from_csv($postmeta[$key], $enc) : ''; 518 $raw_headers[$s_heading] = $heading; 519 } 520 break; 521 } 522 fclose($handle); 560 if ( file_exists( $file ) && is_readable( $file ) ) { 561 // PHPCS ignore reason: Direct read is intentional for CSV parsing. 562 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fopen 563 $handle = @fopen( $file, 'r' ); // @codingStandardsIgnoreLine. 564 if ( false !== $handle ) { 565 566 $row = $raw_headers = array(); 567 568 $header = fgetcsv($handle, 0, $this->delimiter, '"', '"'); 569 570 while (($postmeta = fgetcsv($handle, 0, $this->delimiter, '"', '"')) !== FALSE) { 571 foreach ($header as $key => $heading) { 572 if (!$heading) 573 continue; 574 $s_heading = strtolower($heading); 575 $row[$s_heading] = (isset($postmeta[$key])) ? $this->format_data_from_csv($postmeta[$key], $enc) : ''; 576 $raw_headers[$s_heading] = $heading; 577 } 578 break; 579 } 580 // PHPCS ignore reason: Direct read is intentional for CSV parsing. 581 // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fclose 582 @fclose( $handle ); // @codingStandardsIgnoreLine. 583 } 523 584 } 524 585 525 586 $mapping_from_db = get_option('hw_prod_comment_csv_imp_exp_mapping'); 526 587 527 if ($this->profile !== '' && !empty($_GET['clearmapping'])) { 588 // phpcs:ignore WordPress.Security.NonceVerification.Missing 589 if ($this->profile !== '' && !empty($_GET['clearmapping'])) { // @codingStandardsIgnoreLine. 528 590 unset($mapping_from_db[$this->profile]); 529 591 update_option('hw_prod_comment_csv_imp_exp_mapping', $mapping_from_db); … … 535 597 $saved_mapping = null; 536 598 $saved_evaluation = null; 537 if ($mapping_from_db && is_array($mapping_from_db) && $this->profile !== '' && count($mapping_from_db) == 2 && empty($_GET['clearmapping'])) { 538 //if(count(array_intersect_key ( $mapping_from_db[0] , $row)) == count($mapping_from_db[0])){ 539 $reset_action = 'admin.php?clearmapping=1&profile=' . $this->profile . '&import=' . $this->import_page . '&step=1&merge=' . (!empty($_GET['merge']) ? 1 : 0) . '&file_url=' . $this->file_url . '&delimiter=' . $this->delimiter . '&merge_empty_cells=' . $this->merge_empty_cells . '&file_id=' . $this->id . ''; 540 $reset_action = esc_attr(wp_nonce_url($reset_action, 'import-upload')); 541 echo '<h3>' . esc_html__('Columns are pre-selected using the Mapping file: "<b style="color:gray">' . $this->profile . '</b>". <a href="' . $reset_action . '"> Delete</a> this mapping file.', 'comments-import-export-woocommerce') . '</h3>'; 599 // phpcs:ignore WordPress.Security.NonceVerification.Missing 600 $merge = (!empty($_GET['merge']) ? 1 : 0); // @codingStandardsIgnoreLine. 601 602 // phpcs:ignore WordPress.Security.NonceVerification.Missing 603 if ($mapping_from_db && is_array($mapping_from_db) && $this->profile !== '' && count($mapping_from_db) == 2 && empty($_GET['clearmapping'])) { // @codingStandardsIgnoreLine. 604 605 $reset_action = wp_nonce_url( 'admin.php?clearmapping=1&profile=' . $this->profile . '&import=' . $this->import_page . '&step=1&merge=' . $merge . '&file_url=' . $this->file_url . '&delimiter=' . $this->delimiter . '&merge_empty_cells=' . $this->merge_empty_cells . '&file_id=' . $this->id, 'import-upload' ); 606 printf( 607 /* translators: 1: mapping file name, 2: reset link URL */ 608 esc_html__( 'Columns are pre-selected using the Mapping file: %1$s. %2$s this mapping file.', 'comments-import-export-woocommerce' ), 609 '<b style="color:gray">' . esc_html( $this->profile ) . '</b>', 610 '<a href="' . esc_url( $reset_action ) . '">' . esc_html__( 'Delete', 'comments-import-export-woocommerce' ) . '</a>' 611 ); 542 612 $saved_mapping = $mapping_from_db[0]; 543 $saved_evaluation = $mapping_from_db[1]; 544 //} 545 } 546 547 $merge = (!empty($_GET['merge']) && $_GET['merge']) ? 1 : 0; 613 $saved_evaluation = $mapping_from_db[1]; 614 } 548 615 549 616 include('views/html-hf-import-options.php'); … … 565 632 566 633 if ($this->clean_before_import == 1) { 567 $deletequery = "TRUNCATE TABLE wp_comments"; 568 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 569 if (!$wpdb->query($deletequery)) { 634 635 $deletequery = "TRUNCATE TABLE {$wpdb->prefix}comments"; 636 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.PreparedSQL.NotPrepared 637 if (! $wpdb->query( $deletequery ) ) { // @codingStandardsIgnoreLine. 570 638 $this->add_import_result('failed', esc_html__('Didn`t able to clean the previous comments', 'comments-import-export-woocommerce'), esc_html__('Didn`t able to clean the previous comments', 'comments-import-export-woocommerce'), '-', ''); 571 639 return; … … 629 697 if (function_exists('WC')) { 630 698 631 632 if (WC()->version < '2.7.0') { 699 if ( version_compare( WC()->version, '2.7.0', '<' ) ) { 633 700 $memory = size_format(woocommerce_let_to_num(ini_get('memory_limit'))); 634 701 $wp_memory = size_format(woocommerce_let_to_num(WP_MEMORY_LIMIT)); … … 679 746 { 680 747 global $wpdb; 681 $args = apply_filters('hf_cmt_imp_post_exist_qry_args', array()); //Added a filter if anyone want to restrict import comments for post which has comment_status is closed. 682 if ($cmd_type === 'comment') { 683 $query = "SELECT ID FROM $wpdb->posts WHERE ID = %d AND post_type='post'"; // comment_status removed from query for importing post which has comment_status is closed. 684 $query = apply_filters('wt_cmt_imp_post_exists_query', $query); 685 if ($args) { 686 foreach ($args as $key => $value) { 687 $query .= " AND $key='$value'"; 688 } 689 } 690 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 691 $posts_that_exist = $wpdb->get_col($wpdb->prepare($query, $id)); 692 if (!$posts_that_exist) { 693 return true; 694 } 695 return false; 696 } else { 697 $query = "SELECT ID FROM $wpdb->posts WHERE ID = %d AND post_type='product'"; // comment_status removed from query for importing post which has comment_status is closed. 698 $query = apply_filters('wt_cmt_imp_post_exists_query', $query); 699 if ($args) { 700 foreach ($args as $key => $value) { 701 $query .= " AND $key='$value'"; 702 } 703 } 704 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 705 $posts_that_exist = $wpdb->get_col($wpdb->prepare($query, $id)); 706 707 if (!$posts_that_exist) { 708 return true; 709 } 710 return false; 711 } 748 $args = apply_filters('hf_cmt_imp_post_exist_qry_args', array()); // Added a filter if anyone want to restrict import comments for post which has comment_status is closed. 749 $args_allowed_columns = array( 750 'post_status', 751 'post_author', 752 'post_date', 753 'post_name', 754 'post_parent', 755 ); 756 757 758 $query = "SELECT ID FROM $wpdb->posts WHERE ID = %d AND post_type=%s"; // comment_status removed from query for importing post which has comment_status is closed. 759 $placeholder_arr = array( $id ); 760 $placeholder_arr[] = $cmd_type === 'comment' ? 'post' : 'product'; 761 $query = apply_filters( 'wt_cmt_imp_post_exists_query', $query, $placeholder_arr ); 762 if (is_array($args) && !empty($args)) { 763 foreach ($args as $key => $value) { 764 if ( ! in_array( $key, $args_allowed_columns, true ) ) { 765 continue; 766 } 767 $query .= " AND $key=%s"; 768 $placeholder_arr[] = $value; 769 } 770 } 771 772 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 773 $posts_that_exist = $wpdb->get_col( $wpdb->prepare( $query, $placeholder_arr ) ); // @codingStandardsIgnoreLine. 774 return ( ! $posts_that_exist ); 712 775 } 713 776 /** … … 722 785 return true; 723 786 } 724 if (empty($_POST['file_url'])) { 787 788 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verification already done in the dispatch() method. 789 if ( empty( $_POST['file_url'] ) ) { // @codingStandardsIgnoreLine. 790 791 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verification already done in the dispatch() method. 792 if ( empty( $_FILES['import']["name"] ) ) { // @codingStandardsIgnoreLine. 793 ?> 794 <script type="text/javascript"> 795 window.location.href = '<?php echo esc_url( admin_url( 'edit-comments.php?page=hw_cmt_csv_im_ex' ) ); ?>'; 796 </script> 797 <?php 798 } 799 800 725 801 $file = wp_import_handle_upload(); 726 802 727 if ( isset($file['error'])) {803 if ( isset( $file['error'] ) ) { 728 804 echo '<p><strong>' . esc_html__('Sorry, there has been an error.', 'comments-import-export-woocommerce') . '</strong><br />'; 729 echo esc_html($file['error']) . '</p>'; 805 echo wp_kses_post( $file['error'] ); 806 echo ' <a href="'. esc_url( wp_get_referer() ) . '">'.esc_html__('Back', 'comments-import-export-woocommerce').' </a>'; 807 echo '</p>'; 730 808 return false; 731 809 } … … 734 812 return true; 735 813 } else { 736 $sanitized_file_url = sanitize_text_field($_POST['file_url']); 737 738 if (file_exists(ABSPATH . $sanitized_file_url)) { 739 $this->file_url = esc_attr($sanitized_file_url); 814 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verification already done in the dispatch() method. 815 $sanitized_file_url = sanitize_text_field( wp_unslash( $_POST['file_url'] ) ); // @codingStandardsIgnoreLine. 816 $full_path = realpath( ABSPATH . $sanitized_file_url ); 817 818 if ( $full_path !== false && strpos( $full_path, ABSPATH ) === 0 && file_exists( $full_path ) ) { 819 $this->file_url = esc_attr( $sanitized_file_url ); 740 820 return true; 741 821 } else { … … 748 828 } 749 829 750 public function product_comment_exists($id) 751 { 830 public function product_comment_exists( $id ) { 752 831 global $wpdb; 753 $query = "SELECT comment_ID FROM $wpdb->comments WHERE comment_ID = %d AND comment_approved != 'trash' ";754 832 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 755 $posts_that_exist = $wpdb->get_col($wpdb->prepare($query, $id)); 756 if ($posts_that_exist) { 757 foreach ($posts_that_exist as $post_exists) { 758 return true; 759 } 760 } 761 762 return false; 833 $posts_that_exist = $wpdb->get_col( $wpdb->prepare("SELECT comment_ID FROM {$wpdb->comments} WHERE comment_ID = %d AND comment_approved != 'trash' ", $id) ); // @codingStandardsIgnoreLine. 834 835 return (is_array( $posts_that_exist ) && ! empty( $posts_that_exist ) ); 763 836 } 764 837 … … 786 859 if ($post['comment_type'] != 'woodiscuz') { 787 860 $cmd_type = 'comment'; 788 $product_post = esc_html__('The post doesn\'t exist.', 'comments-import-export-woocommerce');861 $product_post = __('The post doesn\'t exist.', 'comments-import-export-woocommerce'); 789 862 } else { 790 863 $cmd_type = $post['comment_type']; 791 $product_post = esc_html__('The product doesn\'t exist.', 'comments-import-export-woocommerce');864 $product_post = __('The product doesn\'t exist.', 'comments-import-export-woocommerce'); 792 865 } 793 866 … … 818 891 if ($is_post_exist_in_db && ! $post_type_inserted_by_wtim) { 819 892 820 $usr_msg = 'This Comment ID Already Exists'; 821 $this->add_import_result('skipped', __($usr_msg, 'comments-import-export-woocommerce'), $processing_product_id, $comment_txt); 893 $this->add_import_result('skipped', __('This Comment ID Already Exists', 'comments-import-export-woocommerce'), $processing_product_id, $comment_txt); 822 894 if (function_exists('WC')) { 823 $this->hf_log_data_change('csv-import', sprintf(__('> “%s”' . $usr_msg, 'comments-import-export-woocommerce'), esc_html($processing_product_title)), true); 895 // translators: %s is the product title 896 $this->hf_log_data_change( 'csv-import', sprintf( __('> “%s” This Comment ID Already Exists', 'comments-import-export-woocommerce'), esc_html($processing_product_title)), true ); 824 897 } 825 898 unset($post); … … 834 907 if ($is_product__id_not_exist) { 835 908 $usr_msg = $product_post; 836 $this->add_import_result('skipped', __($usr_msg, 'comments-import-export-woocommerce'), $processing_product_id, $comment_txt);909 $this->add_import_result('skipped', $usr_msg, $processing_product_id, $comment_txt); 837 910 if (function_exists('WC')) { 838 $this->hf_log_data_change('csv-import', sprintf(__('> “%s”' . $usr_msg, 'comments-import-export-woocommerce'), esc_html($processing_product_title)), true); 911 // translators: %s is the product title 912 $this->hf_log_data_change( 'csv-import', sprintf(__('> “%s” ', 'comments-import-export-woocommerce') . $usr_msg, esc_html($processing_product_title)), true ); 839 913 } 840 914 unset($post); … … 848 922 $post_id = $processing_product_id; 849 923 if (function_exists('WC')) { 924 // translators: %s is the product id 850 925 $this->hf_log_data_change('csv-import', sprintf(__('> Merging post ID %s.', 'comments-import-export-woocommerce'), $post_id), true); 851 926 } … … 858 933 } 859 934 if (!empty($post['comment_date'])) { 860 $postdata['comment_date'] = date("Y-m-d H:i:s", strtotime($post['comment_date']));935 $postdata['comment_date'] = get_date_from_gmt( gmdate( 'Y-m-d H:i:s', strtotime( $post['comment_date'] ) ) ); 861 936 } 862 937 if (!empty($post['comment_date_gmt'])) { 863 $postdata['comment_date_gmt'] = date("Y-m-d H:i:s", strtotime($post['comment_date_gmt']));938 $postdata['comment_date_gmt'] = gmdate( 'Y-m-d H:i:s', strtotime( $post['comment_date_gmt'] ) ); 864 939 } 865 940 if (!empty($post['comment_author_email'])) { … … 906 981 // Insert product 907 982 if (function_exists('WC')) { 983 // translators: %s is the product id 908 984 $this->hf_log_data_change('csv-import', sprintf(__('> Inserting %s', 'comments-import-export-woocommerce'), esc_html($processing_product_id)), true); 909 985 } … … 934 1010 'comment_ID' => $processing_product_id, 935 1011 'comment_post_ID' => $post['comment_post_ID'], 936 'comment_date' => ($post['comment_date']) ? date('Y-m-d H:i:s', strtotime($post['comment_date'])) : '',937 'comment_date_gmt' => ($post['comment_date_gmt']) ? date('Y-m-d H:i:s', strtotime($post['comment_date_gmt'])) : '',1012 'comment_date' => ! empty( $post['comment_date'] ) ? get_date_from_gmt( gmdate( 'Y-m-d H:i:s', strtotime( $post['comment_date'] ) ) ) : '', 1013 'comment_date_gmt' => ! empty( $post['comment_date_gmt'] ) ? gmdate( 'Y-m-d H:i:s', strtotime( $post['comment_date_gmt'] ) ) : '', 938 1014 'comment_author' => $post['comment_author'], 939 1015 'comment_author_email' => $post['comment_author_email'], … … 973 1049 if ($cmd_type === 'woodiscuz') { 974 1050 global $wpdb; 975 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching 976 $wpdb->insert($wpdb->commentmeta, array('comment_ID' => $post_id, 'meta_key' => 'verified', 'meta_value' => '1')); 1051 // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.DirectDatabaseQuery.SlowDBQuery 1052 $wpdb->insert($wpdb->commentmeta, array('comment_ID' => $post_id, 'meta_key' => 'verified', 'meta_value' => '1')); // @codingStandardsIgnoreLine. 977 1053 } 978 1054 if (!empty($post['postmeta']) && is_array($post['postmeta'])) { //insert comment meta to wp_commentmeta table … … 985 1061 //$new_Id.push($post_id); 986 1062 if (function_exists('WC')) { 987 $this->hf_log_data_change('csv-import', sprintf(__($post_id . 'hi'), esc_html($processing_product_title)));1063 $this->hf_log_data_change('csv-import', $post_id . 'hi'. esc_html($processing_product_title)); 988 1064 } 989 1065 if (is_wp_error($post_id) || $post_id == false) { … … 991 1067 $this->add_import_result('failed', __('Failed to import product comment', 'comments-import-export-woocommerce'), $processing_product_id); 992 1068 if (function_exists('WC')) { 1069 // translators: %s is the product title 993 1070 $this->hf_log_data_change('csv-import', sprintf(__('Failed to import product comment “%s”', 'comments-import-export-woocommerce'), esc_html($processing_product_title))); 994 1071 } … … 997 1074 } else { 998 1075 if (function_exists('WC')) { 1076 // translators: %s is the product id 999 1077 $this->hf_log_data_change('csv-import', sprintf(__('> Inserted - post ID is %s.', 'comments-import-export-woocommerce'), $post_id)); 1000 1078 } … … 1011 1089 $this->add_import_result('merged', 'Merge successful', $post_id, $comment_txt); 1012 1090 if (function_exists('WC')) { 1091 // translators: %s is the product id 1013 1092 $this->hf_log_data_change('csv-import', sprintf(__('> Finished merging post ID %s.', 'comments-import-export-woocommerce'), $post_id)); 1014 1093 } … … 1016 1095 $this->add_import_result('imported', 'Import successful', $post_id, $comment_txt); 1017 1096 if (function_exists('WC')) { 1097 // translators: %s is the product id 1018 1098 $this->hf_log_data_change('csv-import', sprintf(__('> Finished importing post ID %s.', 'comments-import-export-woocommerce'), $post_id)); 1019 1099 } … … 1049 1129 // Additional URL security checks 1050 1130 $allowed_hosts = apply_filters('hw_import_allowed_hosts', array( 1051 parse_url(home_url(), PHP_URL_HOST)1131 wp_parse_url(home_url(), PHP_URL_HOST) 1052 1132 )); 1053 $url_host = parse_url($url, PHP_URL_HOST);1133 $url_host = wp_parse_url($url, PHP_URL_HOST); 1054 1134 1055 1135 if (!in_array($url_host, $allowed_hosts)) { … … 1060 1140 $file_name = basename(current(explode('?', $url))); 1061 1141 $wp_filetype = wp_check_filetype($file_name, null); 1062 $parsed_url = @parse_url($url);1142 $parsed_url = wp_parse_url($url); 1063 1143 1064 1144 // Check parsed URL … … 1096 1176 1097 1177 // Upload the file 1098 $upload = wp_upload_bits($file_name, '', wp_remote_retrieve_body($response));1178 $upload = wp_upload_bits($file_name, null, wp_remote_retrieve_body($response)); 1099 1179 1100 1180 if ($upload['error']) … … 1105 1185 1106 1186 if (0 == $filesize) { 1107 @unlink($upload['file']);1187 wp_delete_file($upload['file']); 1108 1188 unset($upload); 1109 1189 return new WP_Error('import_file_error', __('Zero size file downloaded', 'comments-import-export-woocommerce')); … … 1128 1208 private function handle_ftp() 1129 1209 { 1130 $enable_ftp_ie = !empty($_POST['enable_ftp_ie']); 1210 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verification already done in the dispatch() method. 1211 $enable_ftp_ie = !empty($_POST['enable_ftp_ie']); // @codingStandardsIgnoreLine. 1131 1212 1132 1213 // Update the setting early if FTP is disabled … … 1139 1220 1140 1221 // Sanitize and validate user input 1141 $ftp_server = !empty($_POST['ftp_server']) ? sanitize_text_field(trim(rtrim($_POST['ftp_server'], "-"))) : ''; 1142 $ftp_server_path = !empty($_POST['ftp_server_path']) ? sanitize_text_field($_POST['ftp_server_path']) : ''; 1222 1223 // @codingStandardsIgnoreStart 1224 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verification already done in the dispatch() method. 1225 $ftp_server = !empty($_POST['ftp_server']) ? sanitize_text_field(wp_unslash(rtrim($_POST['ftp_server'], "-"))) : ''; 1226 $ftp_server_path = !empty($_POST['ftp_server_path']) ? sanitize_text_field(wp_unslash($_POST['ftp_server_path'])) : ''; 1143 1227 $ftp_user = !empty($_POST['ftp_user']) ? sanitize_text_field(wp_unslash($_POST['ftp_user'])) : ''; 1144 $ftp_port = !empty($_POST['ftp_port']) ? absint( $_POST['ftp_port']) : 21;1228 $ftp_port = !empty($_POST['ftp_port']) ? absint(wp_unslash($_POST['ftp_port'])) : 21; 1145 1229 $ftp_password = !empty($_POST['ftp_password']) ? sanitize_text_field(wp_unslash($_POST['ftp_password'])) : ''; 1146 1230 $use_ftps = !empty($_POST['use_ftps']); 1147 1231 $use_pasv = !empty($_POST['use_pasv']); 1232 // @codingStandardsIgnoreEnd 1233 1148 1234 // Save FTP settings 1149 1235 $settings = [ … … 1173 1259 1174 1260 if ($ftp_port == 22) { 1175 include_once(plugin_dir_path(__FILE__) . '../ sftp-modules/sftp.php');1261 include_once(plugin_dir_path(__FILE__) . '../vendor/sftp-modules/sftp.php'); 1176 1262 1177 1263 // Assume SFTP connection … … 1217 1303 if ($use_ftps) { 1218 1304 // Try SSL connect with timeout 1219 $ftp_conn = @ftp_ssl_connect($ftp_server, 21, $ftp_timeout); 1305 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 1306 $ftp_conn = @ftp_ssl_connect($ftp_server, 21, $ftp_timeout); // @codingStandardsIgnoreLine. 1220 1307 if (!$ftp_conn) { 1221 1308 // Try plain FTP fallback automatically 1222 $ftp_conn = @ftp_connect($ftp_server, 21, $ftp_timeout); 1309 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 1310 $ftp_conn = @ftp_connect($ftp_server, 21, $ftp_timeout); // @codingStandardsIgnoreLine. 1223 1311 if ($ftp_conn) { 1224 1312 $use_ftps = false; // Downgrade to FTP mode … … 1227 1315 } else { 1228 1316 // Try normal FTP connect 1229 $ftp_conn = @ftp_connect($ftp_server, 21, $ftp_timeout); 1317 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 1318 $ftp_conn = @ftp_connect($ftp_server, 21, $ftp_timeout); // @codingStandardsIgnoreLine. 1230 1319 } 1231 1320 … … 1235 1324 1236 1325 // Login attempt 1237 if (!@ftp_login($ftp_conn, $ftp_user, $ftp_password)) { 1326 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 1327 if (!@ftp_login($ftp_conn, $ftp_user, $ftp_password)) { // @codingStandardsIgnoreLine. 1238 1328 ftp_close($ftp_conn); 1239 1329 throw new Exception('FTP login failed. Please check your username and password.'); … … 1246 1336 1247 1337 // File download attempt 1248 if (!@ftp_get($ftp_conn, ABSPATH . $local_file, $server_file, FTP_BINARY)) { 1338 // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged 1339 if (!@ftp_get($ftp_conn, ABSPATH . $local_file, $server_file, FTP_BINARY)) { // @codingStandardsIgnoreLine. 1249 1340 ftp_close($ftp_conn); 1250 1341 throw new Exception('Failed to download the file from the FTP/FTPS server. Check file path and permissions.'); … … 1254 1345 $success = true; 1255 1346 } catch (Exception $e) { 1256 error_log('FTP error: ' . $e->getMessage()); 1257 wp_die(esc_html__($e->getMessage(), 'comments-import-export-woocommerce')); 1258 } 1259 1260 1261 1262 1263 1264 // $ftp_conn = $use_ftps ? ftp_ssl_connect($ftp_server, 21) : ftp_connect($ftp_server, 21); 1265 // // var_dump( 'fewfkjwerfnw');exit; 1266 1267 // if (!$ftp_conn) { 1268 // throw new Exception('Unable to connect to the FTP/FTPS server. Please verify the Host/IP and Port.'); 1269 // } 1270 1271 // if (!ftp_login($ftp_conn, $ftp_user, $ftp_password)) { 1272 // ftp_close($ftp_conn); 1273 // throw new Exception('FTP/FTPS login failed. Please check username and password.'); 1274 // } 1275 1276 // if ($use_pasv) { 1277 // ftp_pasv($ftp_conn, true); 1278 // } 1279 1280 // if (!ftp_get($ftp_conn, ABSPATH . $local_file, $server_file, FTP_BINARY)) { 1281 // ftp_close($ftp_conn); 1282 // throw new Exception('Failed to download the file from the FTP/FTPS server. Please check the file path or file permissions.'); 1283 // } 1284 1285 // ftp_close($ftp_conn); 1286 // $success = true; 1347 // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_error_log 1348 error_log('FTP error: ' . $e->getMessage()); // @codingStandardsIgnoreLine. 1349 wp_die(esc_html($e->getMessage())); 1350 } 1351 1287 1352 } 1288 1353 … … 1294 1359 } 1295 1360 } catch (Exception $e) { 1296 wp_die(esc_html__($e->getMessage(), 'comments-import-export-woocommerce')); 1297 } 1298 } 1299 1300 1301 // Display import page title 1302 // public function header() 1303 // { 1304 // echo esc_html('<div class="wrap"><div class="icon32" id="icon-woocommerce-importer"><br></div>'); 1305 // echo esc_html('<h2>' . (empty($_GET['merge']) ? esc_html__('Import', 'comments-import-export-woocommerce') : esc_html__('Merge WordPress Comments', 'comments-import-export-woocommerce')) . '</h2>'); 1306 1307 // } 1361 wp_die(esc_html($e->getMessage())); 1362 } 1363 } 1308 1364 1309 1365 // Display import page title … … 1311 1367 { 1312 1368 echo '<div class="wrap"><div class="icon32" id="icon-woocommerce-importer"><br></div>'; 1313 echo '<h2>' . (empty($_GET['merge']) ? esc_html__('Import', 'comments-import-export-woocommerce') : esc_html__('Merge WordPress Comments', 'comments-import-export-woocommerce')) . '</h2>'; 1369 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verification not needed. 1370 echo '<h2>' . (empty($_GET['merge']) ? esc_html__('Import', 'comments-import-export-woocommerce') : esc_html__('Merge WordPress Comments', 'comments-import-export-woocommerce')) . '</h2>'; // @codingStandardsIgnoreLine. 1314 1371 } 1315 1372 … … 1327 1384 public function greet() 1328 1385 { 1329 $action = 'admin.php?import=product_comments_csv&step=1&merge=' . (!empty($_GET['merge']) ? 1 : 0); 1386 // phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verification not needed. 1387 $action = 'admin.php?import=product_comments_csv&step=1&merge=' . (!empty($_GET['merge']) ? 1 : 0); // @codingStandardsIgnoreLine. 1330 1388 $bytes = apply_filters('import_upload_size_limit', wp_max_upload_size()); 1331 1389 $size = size_format($bytes); … … 1345 1403 public static function is_valid_file_path($file_url) 1346 1404 { 1347 1348 1405 $real_file_path = realpath($file_url); 1349 1406 … … 1351 1408 return false; 1352 1409 } 1353 1354 1410 1355 1411 $content_dir = realpath(WP_CONTENT_DIR); // Get the real path of WP_CONTENT_DIR. -
comments-import-export-woocommerce/trunk/includes/importer/views/html-hf-import-greeting.php
r3301183 r3359804 25 25 <?php if (! empty($upload_dir['error'])) : ?> 26 26 <div class="error"> 27 <p><?php esc_html_e('Before you can upload your import file, you will need to fix the following error:' ); ?></p>27 <p><?php esc_html_e('Before you can upload your import file, you will need to fix the following error:', 'comments-import-export-woocommerce'); ?></p> 28 28 <p><strong><?php echo esc_html($upload_dir['error']); ?></strong></p> 29 29 </div> … … 34 34 <tr> 35 35 <th> 36 <label for="upload"><?php esc_html_e('Method 1: Select a file from your computer' ); ?></label>36 <label for="upload"><?php esc_html_e('Method 1: Select a file from your computer', 'comments-import-export-woocommerce'); ?></label> 37 37 </th> 38 38 <td> … … 40 40 <input type="hidden" name="action" value="save" /> 41 41 <input type="hidden" name="max_file_size" value="<?php echo esc_attr(absint($bytes)); ?>" /> 42 <small><?php printf(esc_html__('Maximum size: %s', 'comments-import-export-woocommerce'), esc_html($size)); ?></small> 42 <small> 43 <?php 44 // translators: %s is the maximum size 45 printf(esc_html__('Maximum size: %s', 'comments-import-export-woocommerce'), esc_html($size)); 46 ?> 47 </small> 43 48 44 49 </td> … … 126 131 <tr> 127 132 <th> 128 <label for="profile"><?php esc_html_e('Select a mapping file.' ); ?></label>133 <label for="profile"><?php esc_html_e('Select a mapping file.', 'comments-import-export-woocommerce'); ?></label> 129 134 </th> 130 135 <td> … … 147 152 </table> 148 153 <p class="submit"> 149 <input type="submit" class="button button-primary" value="<?php esc_attr_e('Upload file and import' ); ?>" />154 <input type="submit" class="button button-primary" value="<?php esc_attr_e('Upload file and import', 'comments-import-export-woocommerce'); ?>" /> 150 155 </p> 151 156 </form> -
comments-import-export-woocommerce/trunk/includes/settings/class-hf_cmt_impexpcsv-settings.php
r3301183 r3359804 31 31 $allowed_modes = array('Enabled', 'Disabled'); 32 32 33 $auto_export = in_array($_POST['auto_export'] ?? '', $allowed_modes, true) ? $_POST['auto_export']: 'Disabled';33 $auto_export = in_array($_POST['auto_export'] ?? '', $allowed_modes, true) ? sanitize_text_field( wp_unslash( $_POST['auto_export'] ) ) : 'Disabled'; 34 34 $auto_export_start_time = isset($_POST['auto_export_start_time']) ? sanitize_text_field(wp_unslash($_POST['auto_export_start_time'])) : ''; 35 35 $auto_export_interval = isset($_POST['auto_export_interval']) ? absint(wp_unslash($_POST['auto_export_interval'])) : 0; … … 38 38 $export_ftp_file_name = ! empty($_POST['export_ftp_file_name']) ? sanitize_text_field(wp_unslash($_POST['export_ftp_file_name'])) : ''; 39 39 40 $auto_import = in_array($_POST['auto_import'] ?? '', $allowed_modes, true) ? $_POST['auto_import']: 'Disabled';40 $auto_import = in_array($_POST['auto_import'] ?? '', $allowed_modes, true) ? sanitize_text_field( wp_unslash( $_POST['auto_import'] ) ) : 'Disabled'; 41 41 $auto_import_start_time = isset($_POST['auto_import_start_time']) ? sanitize_text_field(wp_unslash($_POST['auto_import_start_time'])) : ''; 42 42 $auto_import_interval = isset($_POST['auto_import_interval']) ? absint(wp_unslash($_POST['auto_import_interval'])) : 0; -
comments-import-export-woocommerce/trunk/includes/views/export/html-hf-export-WordPress-Comments-normal.php
r3301183 r3359804 50 50 'post_type' => 'Product', 51 51 'post_status' => 'publish', 52 'suppress_filters' => true53 52 ); 54 53 $products = get_posts($args); … … 77 76 'post_type' => 'Post', 78 77 'post_status' => 'publish', 79 'suppress_filters' => true80 78 ); 81 79 $articles = get_posts($args); … … 92 90 'post_type' => 'Post', 93 91 'post_status' => 'publish', 94 'suppress_filters' => true95 92 ); 96 93 $articles = get_posts($args); … … 135 132 136 133 <input name= "columns[<?php echo esc_attr($pkey); ?>]" type="checkbox" value="<?php echo esc_attr($pkey); ?>" checked> 137 <label for="columns[<?php echo esc_attr($pkey); ?>]"><?php e sc_html_e($pcolumn, 'comments-import-export-woocommerce'); ?></label>134 <label for="columns[<?php echo esc_attr($pkey); ?>]"><?php echo esc_html($pcolumn); ?></label> 138 135 </td> 139 136 <td> -
comments-import-export-woocommerce/trunk/includes/views/export/html-hf-export-WordPress-Comments.php
r3301183 r3359804 37 37 var product = jQuery ( '#p_woodis').closest( 'tr' ); 38 38 var article = jQuery ( '#a_woodis').closest( 'tr' ); 39 $( '#wodis_enable' ). change(function(){39 $( '#wodis_enable' ).on( 'change', function(){ 40 40 if ( $( this ).is( ':checked' ) ) { 41 41 $( product ).show(); … … 45 45 $( product ).hide(); 46 46 } 47 }). change();47 }).trigger( 'change' ); 48 48 }); 49 49 </script> … … 64 64 'post_type' => 'Product', 65 65 'post_status' => 'publish', 66 'suppress_filters' => true67 66 ); 68 67 $products = get_posts($args); … … 91 90 'post_type' => 'Post', 92 91 'post_status' => 'publish', 93 'suppress_filters' => true94 92 ); 95 93 $articles = get_posts($args); … … 132 130 133 131 <input name= "columns[<?php echo esc_attr($pkey); ?>]" type="checkbox" value="<?php echo esc_attr($pkey); ?>" checked> 134 <label for="columns[<?php echo esc_attr($pkey); ?>]"><?php e sc_html_e($pcolumn, 'comments-import-export-woocommerce'); ?></label>132 <label for="columns[<?php echo esc_attr($pkey); ?>]"><?php echo esc_html($pcolumn); ?></label> 135 133 </td> 136 134 <td> -
comments-import-export-woocommerce/trunk/includes/views/html-hf-admin-screen.php
r3301183 r3359804 2 2 <div class="icon32" id="icon-woocommerce-importer"><br></div> 3 3 <h2 class="nav-tab-wrapper woo-nav-tab-wrapper"> 4 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex')) ?>" class="nav-tab <?php echo ($tab == 'import') ? 'nav-tab-active' : ''; ?>"><?php esc_html_e('WordPress Comments Import / Export', 'comments-import-export-woocommerce'); ?></a>5 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex&tab=settings')) ?>" class="nav-tab <?php echo ($tab == 'settings') ? 'nav-tab-active' : ''; ?>"><?php esc_html_e('Settings', 'comments-import-export-woocommerce'); ?></a>6 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex&tab=help')); ?>" class="nav-tab <?php echo ('help' == $tab) ? 'nav-tab-active' : ''; ?>"><?php esc_html_e('Help', 'comments-import-export-woocommerce'); ?></a>7 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex&tab=othersolutions')); ?>" class="nav-tab <?php echo ('othersolutions' == $tab) ? 'nav-tab-active' : ''; ?>"><?php esc_html_e('Other Solutions', 'comments-import-export-woocommerce'); ?></a>4 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex')) ?>" class="nav-tab <?php echo esc_attr( 'import' === $tab ? 'nav-tab-active' : '' ); ?>"><?php esc_html_e('WordPress Comments Import / Export', 'comments-import-export-woocommerce'); ?></a> 5 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex&tab=settings')) ?>" class="nav-tab <?php echo esc_attr( 'settings' === $tab ? 'nav-tab-active' : '' ); ?>"><?php esc_html_e('Settings', 'comments-import-export-woocommerce'); ?></a> 6 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex&tab=help')); ?>" class="nav-tab <?php echo esc_attr( 'help' === $tab ? 'nav-tab-active' : '' ); ?>"><?php esc_html_e('Help', 'comments-import-export-woocommerce'); ?></a> 7 <a href="<?php echo esc_url(admin_url('admin.php?page=hw_cmt_csv_im_ex&tab=othersolutions')); ?>" class="nav-tab <?php echo esc_attr( 'othersolutions' === $tab ? 'nav-tab-active' : '' ); ?>"><?php esc_html_e('Other Solutions', 'comments-import-export-woocommerce'); ?></a> 8 8 </h2> 9 9 <?php … … 23 23 $this->admin_othersolutions_page(); 24 24 break; 25 26 25 default : 27 26 $this->admin_import_page(); -
comments-import-export-woocommerce/trunk/includes/views/html-hf-othersolutions-page.php
r3288894 r3359804 363 363 ?> 364 364 <div class="wt_premium_button" style="width: 100%;"> 365 <a href="<?php echo esc_url($value['premium_url']); ?>" class="wt_get_premium_btn" target="_blank"><img src="<?php echo esc_url($wt_admin_img_path . '/promote_crown.png'); ?>" style="width: 10px;height: 10px;"><?php esc_html_e(' Get Premium', ' wt-import-export-for-woo'); ?></a>365 <a href="<?php echo esc_url($value['premium_url']); ?>" class="wt_get_premium_btn" target="_blank"><img src="<?php echo esc_url($wt_admin_img_path . '/promote_crown.png'); ?>" style="width: 10px;height: 10px;"><?php esc_html_e(' Get Premium', 'comments-import-export-woocommerce'); ?></a> 366 366 </div> 367 367 <?php } … … 370 370 <div class="wt_installed_button"> 371 371 <button class="wt_installed_btn"> 372 <?php esc_html_e('Installed', ' wt-import-export-for-woo'); ?>372 <?php esc_html_e('Installed', 'comments-import-export-woocommerce'); ?> 373 373 </button> 374 374 </div> … … 379 379 ) { 380 380 ?> 381 <div class="wt_free_button<?php echo (empty($value['premium_url'])) ? ' full_width' : ''; ?>">382 <a class="wt_free_btn_a" href="<?php echo esc_url( $value['basic_url']); ?>" target="_blank">383 <button class="wt_free_btn<?php echo (empty($value['premium_url'])) ? ' full_width' : ''; ?>">384 <?php esc_html_e('Get Free Plugin', ' wt-import-export-for-woo'); ?>381 <div class="wt_free_button<?php echo esc_attr( empty( $value['premium_url'] ) ? ' full_width' : '' ); ?>"> 382 <a class="wt_free_btn_a" href="<?php echo esc_url( $value['basic_url'] ); ?>" target="_blank"> 383 <button class="wt_free_btn<?php echo esc_attr( empty( $value['premium_url'] ) ? ' full_width' : '' ); ?>"> 384 <?php esc_html_e('Get Free Plugin', 'comments-import-export-woocommerce'); ?> 385 385 </button> 386 386 </a> -
comments-import-export-woocommerce/trunk/includes/views/html-wf-help-guide.php
r3301183 r3359804 39 39 <h3><?php esc_html_e('Documentation', 'comments-import-export-woocommerce'); ?></h3> 40 40 <p style=""><?php esc_html_e('Refer to our documentation to set and get started', 'comments-import-export-woocommerce'); ?></p> 41 <a target="_blank" href="https://www.webtoffee.com/category/documentation/product-import-export-plugin-for-woocommerce/" class="button-primary"><?php esc_html_e('Documentation', ' wf_csv_import_export'); ?></a>41 <a target="_blank" href="https://www.webtoffee.com/category/documentation/product-import-export-plugin-for-woocommerce/" class="button-primary"><?php esc_html_e('Documentation', 'comments-import-export-woocommerce'); ?></a> 42 42 </div> 43 43 -
comments-import-export-woocommerce/trunk/includes/views/market.php
r3301183 r3359804 11 11 <div class="pipe-review-widget"> 12 12 <?php 13 echo sprintf(wp_kses_post('<div class=""><p><i>If you like the plugin please leave us a %1$s review!</i><p></div>', 'comments-import-export-woocommerce'), '<a href="https://wordpress.org/support/plugin/comments-import-export-woocommerce/reviews#new-post" target="_blank" class="xa-pipe-rating-link" data-reviewed="' . esc_attr__('Thanks for the review.', 'comments-import-export-woocommerce') . '">★★★★★</a>'); 14 ?> 13 echo wp_kses_post('<div class=""><p><i>' . sprintf( 14 // Translators: %1$s is the link to the plugin review page. 15 __('If you like the plugin please leave us a %1$s review!', 'comments-import-export-woocommerce'), 16 '<a href="https://wordpress.org/support/plugin/comments-import-export-woocommerce/reviews/#new-post" target="_blank" class="xa-pipe-rating-link" data-reviewed="' . 17 esc_attr__('Thanks for the review.', 'comments-import-export-woocommerce') . 18 '">★★★★★</a>' 19 ) . '</i></p></div>'); 20 ?> 15 21 </div> 16 22 … … 21 27 <div class="wt-comment-ierpro-mainfeatures"> 22 28 <ul> 23 <li class="money-back"><?php esc_html_e('30 Day Money Back Guarantee' ); ?></li>24 <li class="support"><?php esc_html_e('Fast and Superior Support' ); ?></li>25 <li class="pipe-support"><?php esc_html_e('Third party plugin support' ); ?></li>29 <li class="money-back"><?php esc_html_e('30 Day Money Back Guarantee', 'comments-import-export-woocommerce'); ?></li> 30 <li class="support"><?php esc_html_e('Fast and Superior Support', 'comments-import-export-woocommerce'); ?></li> 31 <li class="pipe-support"><?php esc_html_e('Third party plugin support', 'comments-import-export-woocommerce'); ?></li> 26 32 </ul> 27 33 <div class="wt-ierpro-btn-wrapper"> 28 <a href="https://www.webtoffee.com/plugins/" class="wt-ierpro-blue-btn" target="_blank"><?php esc_html_e('PREMIUM PLUGINS' ); ?></a>34 <a href="https://www.webtoffee.com/plugins/" class="wt-ierpro-blue-btn" target="_blank"><?php esc_html_e('PREMIUM PLUGINS', 'comments-import-export-woocommerce'); ?></a> 29 35 </div> 30 36 </div> -
comments-import-export-woocommerce/trunk/includes/views/settings/html-hf-settings-products.php
r3303524 r3359804 31 31 wp_localize_script('woocommerce-product-csv-importer', 'woocommerce_product_csv_importer_params', array('auto_export' => $auto_export, 'auto_import' => $auto_import)); 32 32 if ($scheduled_timestamp = wp_next_scheduled('hw_cmt_csv_im_ex_auto_export_products')) { 33 $scheduled_desc = sprintf(__('The next export is scheduled on <code>%s</code>', 'comments-import-export-woocommerce'), get_date_from_gmt(date('Y-m-d H:i:s', $scheduled_timestamp), $datefor . ' ' . $timefor)); 33 // translators: %s is the scheduled time 34 $scheduled_desc = sprintf(__('The next export is scheduled on <code>%s</code>', 'comments-import-export-woocommerce'), get_date_from_gmt(gmdate('Y-m-d H:i:s', $scheduled_timestamp), $datefor . ' ' . $timefor)); 34 35 } else { 35 36 $scheduled_desc = __('There is no export scheduled.', 'comments-import-export-woocommerce'); 36 37 } 37 38 if ($scheduled_import_timestamp = wp_next_scheduled('hw_cmt_csv_im_ex_auto_import_products')) { 38 $scheduled_import_desc = sprintf(__('The next import is scheduled on <code>%s</code>', 'comments-import-export-woocommerce'), get_date_from_gmt(date('Y-m-d H:i:s', $scheduled_import_timestamp), $datefor . ' ' . $timefor)); 39 // translators: %s is the scheduled time 40 $scheduled_import_desc = sprintf(__('The next import is scheduled on <code>%s</code>', 'comments-import-export-woocommerce'), get_date_from_gmt(gmdate('Y-m-d H:i:s', $scheduled_import_timestamp), $datefor . ' ' . $timefor)); 39 41 } else { 40 42 $scheduled_import_desc = __('There is no import scheduled.', 'comments-import-export-woocommerce'); … … 149 151 <td> 150 152 <input type="text" name="auto_export_start_time" id="auto_export_start_time" value="<?php echo esc_attr($auto_export_start_time); ?>"/> 151 <span class="description"><?php echo sprintf(wp_kses_post('Local time is <code>%s</code>.', 'comments-import-export-woocommerce'), esc_html(date_i18n($timefor))) . ' ' . esc_html($scheduled_desc); ?></span>152 153 <br/> 153 <span class="description"><?php echo wp_kses_post('<code>Enter like 6:18pm or 12:27am</code>', 'comments-import-export-woocommerce'); ?></span> 154 <span class="description"> 155 <?php 156 // translators: %s is the scheduled time 157 echo wp_kses_post(sprintf(__('Local time is <code>%s</code>.', 'comments-import-export-woocommerce'), date_i18n($timefor))) . ' ' . wp_kses_post($scheduled_desc); 158 ?> 159 </span> 160 <br/><br/> 161 <span class="description"><code><?php echo wp_kses_post(__('Enter like 6:18pm or 12:27am', 'comments-import-export-woocommerce')); ?></code></span> 154 162 </td> 155 163 </tr> … … 194 202 <td> 195 203 <input type="text" name="auto_import_start_time" id="auto_export_start_time" value="<?php echo esc_attr($auto_import_start_time); ?>"/> 196 <span class="description"><?php echo sprintf(esc_html__('Local time is <code>%s</code>.', 'comments-import-export-woocommerce'), esc_html(date_i18n($timefor))) . ' ' . esc_html($scheduled_import_desc); ?></span>197 204 <br/> 198 <span class="description"><?php esc_html_e('<code>Enter like 6:18pm or 12:27am</code>', 'comments-import-export-woocommerce'); ?></span> 205 <span class="description"> 206 <?php 207 // translators: %s is the scheduled time. 208 echo wp_kses_post(sprintf(__('Local time is <code>%s</code>.', 'comments-import-export-woocommerce'), date_i18n($timefor))) . ' ' . wp_kses_post($scheduled_import_desc); 209 ?> 210 </span> 211 <br/><br/> 212 <span class="description"><code><?php esc_html_e('Enter like 6:18pm or 12:27am', 'comments-import-export-woocommerce'); ?></code></span> 199 213 </td> 200 214 </tr> … … 224 238 <tr> 225 239 <th> 226 <label for="auto_import_profile"><?php esc_html_e('Select a mapping file.' ); ?></label>240 <label for="auto_import_profile"><?php esc_html_e('Select a mapping file.', 'comments-import-export-woocommerce'); ?></label> 227 241 </th> 228 242 <td> -
comments-import-export-woocommerce/trunk/js/product-rev-csv-import-export-for-woocommerce.min.js
r1578679 r3359804 27 27 }); 28 28 "use strict"; 29 a("select[name=auto_export]"). change(function() {29 a("select[name=auto_export]").on('change', function() { 30 30 if("Disabled" === a(this).val()){ 31 31 a(".export_section").hide(); … … 37 37 // a(".export_section").hide(); 38 38 // }; 39 a("select[name=auto_export]"). change(function() {39 a("select[name=auto_export]").on('change', function() { 40 40 if("Disabled" === a(this).val()){ 41 41 a(".export_section").hide(); … … 45 45 }) 46 46 47 a("select[name=auto_import]"). change(function() {47 a("select[name=auto_import]").on('change', function() { 48 48 if("Disabled" === a(this).val()){ 49 49 a(".import_section").hide(); … … 55 55 // a(".import_section").hide(); 56 56 // } 57 58 jQuery('#import-upload-form').on('submit', function(e) { 59 if( ! jQuery('#enable_ftp_ie').is(':checked') && ! jQuery('input[type="file"][name="import"]').val() ) { 60 alert(wbtfe_comment_imp_exp_params.messages.no_file_selected); 61 jQuery('input[type="file"][name="import"]').trigger('focus'); 62 e.preventDefault(); 63 } 64 }); 57 65 }); -
comments-import-export-woocommerce/trunk/readme.txt
r3303524 r3359804 1 === WordPressComments Import & Export ===1 === Comments Import & Export === 2 2 Contributors: webtoffee 3 3 Donate link: https://www.webtoffee.com/plugins/ … … 5 5 Requires at least: 3.0.1 6 6 Tested up to: 6.8 7 Requires PHP: 7 8 Stable tag: 2.4. 57 Requires PHP: 7.0 8 Stable tag: 2.4.6 9 9 License: GPLv3 10 10 License URI: http://www.gnu.org/licenses/gpl-3.0.html … … 92 92 == Changelog == 93 93 94 = 2.4.5 2025-05-30 = 95 * [Fix] Access Denied Issue. 94 = 2.4.6 2025-09-11 = 95 * [Compatibility] – Tested OK with WooCommerce 10.1.2 96 * [Update] – Plugin Check Plugin fixes. 96 97 97 = 2.4.4 2025-05-27 = 98 * [Fix] Vulnerability issues. 98 [See changelog for all versions](https://plugins.svn.wordpress.org/comments-import-export-woocommerce/trunk/changelog.txt) 99 99 100 = 2.4.3 2025-05-07 =101 * [Fix] Vulnerability issues.102 * [Fix] SFTP Connectivity Issues103 104 = 2.4.2 2025-04-25 =105 * [Compatibility] Tested OK with WordPress 6.8106 107 = 2.4.1 2025-04-21 =108 * [Fix] Vulnerability. @Octovian thanks for pointing out the issue.109 110 = 2.4.0 2024-11-15 =111 * [Compatibility] Tested OK with WordPress 6.7112 113 = 2.3.9 2024-10-03 =114 * [Fix] Added File path validation Check.115 * [Compatibility] Tested OK with WordPress 6.6.2116 117 = 2.3.8 2024-08-20 =118 * [Fix] Vulnerability issue reported by scottaglia.119 * [Compatibility] Tested OK with WordPress 6.6.1120 121 = 2.3.7 2024-05-28 =122 * [Fix] The comment merge option isn't functioning properly.123 * [Compatibility] Tested OK with WordPress 6.5.3124 125 = 2.3.6 2024-01-11 =126 * [Fix] Security check failed.127 * Tested OK with WordPress 6.4.2128 129 = 2.3.5 2023-11-23 =130 * Tested OK with WordPress 6.4.1131 132 = 2.3.4 2023-08-31 =133 * Tested OK with WordPress 6.3134 135 = 2.3.3 2023-07-11 =136 * Tested OK with WordPress 6.2137 138 = 2.3.2 2023-01-09 =139 * Tested OK with WordPress 6.1140 * Security fixes141 142 = 2.3.1 2022-08-31 =143 * Tested OK with WordPress 6.0.2144 145 = 2.3.0 2022-05-26 =146 * Tested OK with WordPress 6.0147 148 = 2.2.9 =149 * Tested OK with WP 5.8150 151 = 2.2.8 =152 * Tested OK with WC 5.3.0 and WP 5.7.2153 * Improvement:- Import comments based on post_title and post_name.154 155 = 2.2.7 =156 * Improvement:- Warnings fix.157 158 = 2.2.6 =159 * Minor Content Changed.160 * New filter hook added in import.161 162 = 2.2.5 =163 * Tested OK with WC 5.2.2 and WP 5.7.1164 165 = 2.2.4 =166 * Tested OK with WC 5.1.0 and WP 5.7.0167 168 = 2.2.3 =169 * Tested OK with WP 5.6 and WC 4.8.0.170 171 = 2.2.2 =172 * Tested OK with WP 5.5.3 and WC 4.7.0.173 174 = 2.2.1 =175 * Tested OK with WP 5.5.1 and WC 4.5.2.176 177 = 2.2.0 =178 * Tested OK with WP 5.4.0 and WC 4.0.1.179 180 = 2.1.12 =181 * Support WP Translating.182 * Tested OK with WC 4.0.0183 184 = 2.1.11 =185 * [Improvement] Security186 187 = 2.1.10 =188 * Security Fix.189 190 = 2.1.9 =191 * [Improvement] Security192 193 = 2.1.8 =194 * Bug Fix:- CSS and JS.195 * Improvement:- sFTP support.196 * Improvement:- Export and Import Comment meta.197 * Tested OK with WC 3.8.1 and WP 5.3.2198 199 = 2.1.7 =200 * Tested OK with WC 3.8 and WP 5.2.4201 202 = 2.1.6 =203 * Bug Fix:- FTP Export and Import.204 * Bug Fix:- Scheduled FTP Export and Import.205 * Bug Fix:- Linking with parent comment.206 * Improvement:- Provision to specify file name on scheduled export.207 * Improvement:- Export to specific path on scheduled export.208 * Improvement:- Option to specify import file name with path on scheduled import.209 * Tested OK with WC 3.7.1 and WP 5.2.3210 211 = 2.1.5 =212 * Bug Fix:- Exported file contain gibberish content.213 * update information hook added.214 215 = 2.1.4 =216 * Tested OK with WC 3.7.0217 218 = 2.1.3 =219 * Tested OK with WC 3.6.5220 221 = 2.1.2 =222 * Tested OK with WC 3.6.4 and WP 5.2.2223 224 = 2.1.1 =225 * Tested OK with WC 3.6.2226 227 = 2.1.0 =228 * Bug Fix.229 * Tested OK with WC 3.5.5 and WP 5.1230 * UI Changed.231 232 = 2.0.9 =233 * Bug Fix.234 * Tested OK with WC 3.5.4 and WP 5.0.3235 236 = 2.0.8 =237 * Tested OK with WC 3.5.0 and WP 4.9.8238 239 = 2.0.7 =240 * Tested OK with WC 3.4.5241 * Review link added on footer.242 243 = 2.0.6 =244 * Tested OK with WC 3.4.4245 * Bug fix, comment_status check removed for import.246 * Error messages updated.247 248 = 2.0.5 =249 * Tested OK with WP 4.9.6 and WC 3.4.2.250 * Bug fix, comment data filtered, Warnings fixed.251 * CSV Injection was fixed - reported by one of our user (Bhushan B. Patil252 ) CVE-2018-11526253 254 = 2.0.4 =255 * Fix with bulk CSV export from Comments list table.256 257 = 2.0.3 =258 * Sub Menu Section Changed.259 260 = 2.0.2 =261 * Minor Content Changed.262 263 = 2.0.1 =264 * Version Tested.265 266 = 2.0.0 =267 * Comments Import/Export.268 * Filterd by Products.269 * Mapping CSV File.270 * Auto Import/Export option.271 * WooDiscuz Comments Export/Import.272 273 = 1.0.4 =274 * Grammer Check.275 276 = 1.0.3 =277 * Improved Ajax Actions.278 279 = 1.0.2 =280 * Bug Fix.281 282 = 1.0.1 =283 * Version Tested.284 285 = 1.0.0 =286 * Export /Import WordPress Comments.287 100 288 101 == Upgrade Notice == 289 102 290 = 2.4.5 = 291 * [Fix] Access Denied Issue. 103 = 2.4.6 = 104 * [Compatibility] – Tested OK with WooCommerce 10.1.2 105 * [Update] – Plugin Check Plugin fixes.
Note: See TracChangeset
for help on using the changeset viewer.