Changeset 879752

Timestamp:

03/21/2014 09:11:17 PM (12 years ago)

Author:

BrianLayman

Message:

Updated to current version of WordPress
Resolved issues with quotes and apostrophes in the original field
Removed the excessive use of prepare()

Location:

word-filter-plus

Files:

• branches/1.0.1 (added)
• branches/1.0.1/csv-manip.php (added)
• branches/1.0.1/index.php (added)
• branches/1.0.1/readme.txt (added)
• branches/1.0.1/screenshot-1.png (added)
• branches/1.0.1/screenshot-2.png (added)
• branches/1.0.1/screenshot-3.png (added)
• branches/1.0.1/screenshot-4.png (added)
• branches/1.0.1/screenshot-5.png (added)
• branches/1.0.1/wfp-settings.php (added)
• branches/1.0.1/word-filter-plus.php (added)
• branches/2.0 (added)
• branches/2.0/csv-manip.php (added)
• branches/2.0/index.php (added)
• branches/2.0/readme.txt (added)
• branches/2.0/screenshot-1.png (added)
• branches/2.0/screenshot-2.png (added)
• branches/2.0/screenshot-3.png (added)
• branches/2.0/screenshot-4.png (added)
• branches/2.0/screenshot-5.png (added)
• branches/2.0/wfp-settings.php (added)
• branches/2.0/word-filter-plus.php (added)
• trunk/csv-manip.php (modified) (2 diffs)
• trunk/readme.txt (modified) (2 diffs)
• trunk/wfp-settings.php (modified) (7 diffs)
• trunk/word-filter-plus.php (modified) (10 diffs)

word-filter-plus/trunk/csv-manip.php

@@ -5 +5 @@
  * @package word-filter-plus
  * 
- * Copyright 2012 - eHermits, Inc. LTD - GNU 2
+ * Copyright 2014 - eHermits, Inc. LTD 
  * 
  */
@@ -22 +22 @@
             // If there is a separator ( ; ) or a quote ( " ) or a linebreak in the string, we need to quote it.
             $needQuote = FALSE;
+            
+            // This do while executes only once even though it is while false
+            // This is a TODO that needs to be looked at
             do {
                 if ( strpos( $val, '"' ) !== FALSE ) {

word-filter-plus/trunk/readme.txt

@@ -4 +4 @@
 Tags: replace, filter, risky, language, post, comment, page, censor, bbcode, moderate, clean
 Requires at least: 2.9
-Tested up to: 3.3
-Stable tag: 1.0.1
+Tested up to: 3.8.1
+Stable tag: 2.0
 
 Update or clean the contents of your site, by filtering or replacing words and phrases in your posts, pages, excerpts, titles and comments.
@@ -75 +75 @@
 == Changelog ==
 
+= 1.0 =
+* First release
+
 = 1.0.1 =
 * Redefined a static method that was causing problems on activation
 
-= 1.0 =
-* First release
+= 2.0 =
+* Fixed the repeated addition of slashes during save.  This may make this version incompatible with earlier releases. Contact the me if you have issues upgrading and I will resolve this.
+* Fixed excessive use if prepare statements
 
 == Upgrade Notice ==

word-filter-plus/trunk/wfp-settings.php

@@ -5 +5 @@
  * @package word-filter-plus
  * 
- * Copyright 2012 - eHermits, Inc. LTD - GNU 2
+ * Copyright 2014 - eHermits, Inc. LTD
  * 
  */
@@ -182 +182 @@
             }
             $id             = $_POST['id'];
-            $original       = $_POST['original']; //do not stripslashes_deep, base_64 encode then. ( ver 0.2 )
-            $replacer   = stripslashes_deep( $_POST['replacer'] );
+            $original       = stripslashes_deep( $_POST['original'] );
+            $replacer       = stripslashes_deep( $_POST['replacer'] );
             $in_posts       = $_POST['in_posts'];
             $in_comments    = $_POST['in_comments'];
@@ -210 +210 @@
                             VALUES ( %s, %s, %s, %s, %s, %s, %s, %s, %s )", 
                             array( 
-                                $wpdb->escape( base64_encode( trim( $original[ $i ] ) ) ), 
-                                $wpdb->escape( trim( $replacer[ $i ] ) ), 
+                                $wpdb->escape( $original[ $i ] ), 
+                                $wpdb->escape( $replacer[ $i ] ), 
                                 $wpdb->escape( $in_posts[ $i ] ), 
                                 $wpdb->escape( $in_comments[ $i ] ), 
@@ -225 +225 @@
                     } elseif ( !empty( $original[ $i ] ) && !empty( $id[ $i ] ) ) {
                         $wpdb->update( $this->parent->plugin_table_name, 
-                            array( 'original'   => $wpdb->escape( base64_encode( trim( $original[ $i ] ) ) ), 
-                                'replacement'       => $wpdb->escape( trim( $replacer[ $i ] ) ), 
+                            array( 'original'       => $wpdb->escape( $original[ $i ] ), 
+                                'replacement'       => $wpdb->escape( $replacer[ $i ] ), 
                                 'in_posts'          => $wpdb->escape( $in_posts[ $i ] ), 
                                 'in_comments'       => $wpdb->escape( $in_comments[ $i ] ), 
@@ -486 +486 @@
 </style>
 <div id="tcc-donate-donate">
-<p><img src="http://www.gravatar.com/avatar/1f7624ae2dd3d0ed7a9e423017313c9e?s=64" height="64" width="64" /><?php esc_html_e( 'Hi there! If you enjoy this plugin, consider showing your appreciation by making a small donation to its author!', 'tcc-donate' ); ?></p>
+<p><img src="http://www.gravatar.com/avatar/1f7624ae2dd3d0ed7a9e423017313c9e?s=64" height="64px" width="64px" /><?php esc_html_e( 'Hi there! If you enjoy this plugin, consider showing your appreciation by making a small donation to its author!', 'tcc-donate' ); ?></p>
 <p style="text-align: center"><a href="http://thecodecave.com/donate" target="_new"><?php esc_html_e( 'Click here to donate using PayPal' ); ?></a></p>
 </div>
@@ -519 +519 @@
             <form method="post" action="<?php echo $this->curLink;?>">
             <?php wp_nonce_field( 'wfp_settings_plus_nonce_action', 'wfp_settings_plus_nonce' ); ?>
-            <table class="widefat fixed" width="650" align="center" width="100%" id="word-replacer-list">
+            <table class="widefat fixed" width="650px" align="center" width="100%" id="word-replacer-list">
                 <thead>
                     <tr>
-                        <th width="40">Delete</th>
-                        <th>Original</th><th width="5">&nbsp;</th><th>Replacement</th>
-                        <th class="replacer_expandable" width="40">Posts</th>
-                        <th class="replacer_expandable" width="70">Comments</th>
-                        <th class="replacer_expandable" width="40">Pages</th>
-                        <th class="replacer_expandable" width="40">Titles</th>
-                        <th class="replacer_expandable" width="80">Case Insensitive</th>
-                        <th class="replacer_expandable" width="80">Partial Match</th>
-                        <th class="replacer_expandable" width="40">Regex</th>
-                        <th class="replacer_expandall" width="20"><a style="color:black" href="#" title="Expand/Collapse">&laquo;&raquo;</a></th>
+                        <th width="45px">Delete</th>
+                        <th>Original</th>
+                        <th width="5">&nbsp;</th>
+                        <th>Replacement</th>
+                        <th class="replacer_expandable" width="40px">Posts</th>
+                        <th class="replacer_expandable" width="75px">Comments</th>
+                        <th class="replacer_expandable" width="40px">Pages</th>
+                        <th class="replacer_expandable" width="40px">Titles</th>
+                        <th class="replacer_expandable" width="80px">Case Insensitive</th>
+                        <th class="replacer_expandable" width="80px">Partial Match</th>
+                        <th class="replacer_expandable" width="40px">Regex</th>
+                        <th class="replacer_expandable" width="20px"><a style="color:black" href="#" title="Expand/Collapse">&laquo;&raquo;</a></th>
                     </tr>
                 </thead>
@@ -549 +551 @@
                             <input type="hidden" name="id[<?php echo intval( $i );?>]" value="<?php echo $aReplacement['id']; ?>" />
                             <input type="hidden" name="count" value="" />
-                            <input style="width:100%" type="text" name="original[<?php echo intval( $i );?>]" id="original_<?php echo intval( $i );?>" value="<?php echo htmlspecialchars( base64_decode( $aReplacement['original'], true )?base64_decode( $aReplacement['original'] ):$aReplacement['original'] ) ?>" /></td><td> &raquo; </td>
+                            <input style="width:100%" type="text" name="original[<?php echo intval( $i );?>]" id="original_<?php echo intval( $i );?>" value="<?php echo $this->parent->_specialchar( $aReplacement['original'] ) ?>" /></td><td> &raquo; </td>
                         <td>
                             <textarea style="resize:vertical;width:100%" name="replacer[<?php echo intval( $i );?>]"><?php echo $this->parent->_specialchar( $aReplacement['replacement'] ); ?></textarea>

word-filter-plus/trunk/word-filter-plus.php

@@ -4 +4 @@
 Plugin URI: http://wordpress.org/extend/plugins/word-filter-plus/
 Description: Filter or replace words or phrases in posts, pages, excerpts, titles and/or comments.
-Author: Brian C. Layman
-Version: 1.0.1
-Author URI: http://TheCodeCave.com
+Author: Brian Layman
+Version: 2.0
+Author URI: http://eHermitsInc.com
 
 */
 
-/*  Copyright 2012 eHermits, Inc.
-
-    This plugin includes code & inspiration from many GNU projects including:  
+/*  Copyright 2014 eHermits, Inc.
+
+    This plugin includes code & inspiration from many GPL projects including:  
         The core replacement code was based upon the "Word Replacer" plugin by Takien.
         The CVS Export includes some code from Otto's member export plugin.
@@ -67 +67 @@
          * @var array The list of the current fields in the database
          */
-        var $field_names = array('original', 'replacement', 'in_posts', 'in_comments', 'in_pages', 'in_titles', 'case_insensitive', 'partial_match', 'use_regex' );
+        var $field_names = array( 'original', 'replacement', 'in_posts', 'in_comments', 'in_pages', 'in_titles', 'case_insensitive', 'partial_match', 'use_regex' );
 
         function word_filter_plus(){
@@ -139 +139 @@
             if ( !$word_filter_plus_replacements = get_transient( 'word_filter_plus_replacements' ) ) {
                 /* It wasn't there, so regenerate the data and save the transient*/
-                $word_filter_plus_replacements = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM " . $this->plugin_table_name . " ORDER BY id" ), ARRAY_A ) ;
+                $word_filter_plus_replacements = $wpdb->get_results( "SELECT * FROM " . $this->plugin_table_name . " ORDER BY id" , ARRAY_A ) ;
                 set_transient( 'word_filter_plus_replacements', $word_filter_plus_replacements );
             }
@@ -177 +177 @@
             require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
               
-            if( $wpdb->get_var( $wpdb->prepare( 'show tables like "' . $this->plugin_table_name . '"' ) ) !== $this->plugin_table_name ) {
+            if( $wpdb->get_var( 'show tables like "' . $this->plugin_table_name . '"' ) !== $this->plugin_table_name ) {
                 dbDelta( $sql );
                 add_option( WFP_OPTION_VER, $this->plugin_version );
@@ -198 +198 @@
             foreach( $this->replacement_list() as $aReplacement ) {
                 $i++;
-                $original       = base64_decode( $aReplacement['original'], true )?base64_decode( $aReplacement['original'] ):$aReplacement['original'];
+                $original       = htmlspecialchars_decode( $this->_specialchar( $aReplacement['original'] ) );
                 $replacement    = htmlspecialchars_decode( $this->_specialchar( $aReplacement['replacement'] ) );
                 $in_posts       = $aReplacement['in_posts'];
@@ -218 +218 @@
                 $i++;
                 if ( $aReplacement['in_comments'] == 'yes' ) {          
-                    $original = base64_decode( $aReplacement['original'], true )?base64_decode( $aReplacement['original'] ):$aReplacement['original'];
-                    $replacement    = stripslashes( $aReplacement['replacement'] );
-                    $case_insensitive   = $aReplacement['case_insensitive'];
-                    $partial_match  = $aReplacement['partial_match'];
-                    $use_regex      = $aReplacement['use_regex'];
+                    $original       = stripslashes( $aReplacement[ 'original' ] );
+                    $replacement    = stripslashes( $aReplacement[ 'replacement' ] );
+                    $case_insensitive   = $aReplacement[ 'case_insensitive' ];
+                    $partial_match  = $aReplacement[ 'partial_match' ];
+                    $use_regex      = $aReplacement[ 'use_regex' ];
 
                     $content = $this->do_replacement( $original, $replacement, $case_insensitive, $partial_match, $use_regex, $content );
@@ -235 +235 @@
                 $i++;
                 if( $aReplacement['in_titles']  == 'yes' ) {
-                    $original       = base64_decode( $aReplacement['original'], true )?base64_decode( $aReplacement['original'] ):$aReplacement['original'];
-                    $replacement    = stripslashes( $aReplacement['replacement'] );
-                    $case_insensitive = $aReplacement['case_insensitive'];
-                    $partial_match  = $aReplacement['partial_match'];
-                    $use_regex      = $aReplacement['use_regex'];
+                    $original       = stripslashes( $aReplacement[ 'original' ] );
+                    $replacement    = stripslashes( $aReplacement[ 'replacement' ] );
+                    $case_insensitive = $aReplacement[ 'case_insensitive' ];
+                    $partial_match  = $aReplacement[ 'partial_match' ];
+                    $use_regex      = $aReplacement[ 'use_regex' ];
 
                     $content = $this->do_replacement( $original, $replacement, $case_insensitive, $partial_match, $use_regex, $content );
@@ -275 +275 @@
                 if ( get_transient( 'batch_running' ) ) {
                     if ( WFP_DEBUG ) error_log("Adding cancel Record");
-                    $wpdb->query( $wpdb->prepare( "insert into $wpdb->options (option_name, option_value, autoload) values ('wfp_cancel','1','no');" ) );
+                    $wpdb->query( "insert into $wpdb->options (option_name, option_value, autoload) values ('wfp_cancel','1','no');" );
                 }
                 delete_transient( 'batch_running' );
@@ -331 +331 @@
             while ( $row = mysql_fetch_assoc( $result ) ) {
                 set_time_limit( 30 ); // No one query can take more than 30 seconds, but the script can run for longer.
-                $sql = $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->options where option_name = 'wfp_cancel';" );
+                $sql = "SELECT COUNT(*) FROM $wpdb->options where option_name = 'wfp_cancel';";
                 $cancelled = $wpdb->get_var( $sql ); 
                 if ( $cancelled > 0 ) {
@@ -439 +439 @@
                 if ( $cancelled > 0 ) {
                     if ( WFP_DEBUG ) error_log( "Batch cancelled. Exiting: $cancelled || $sql" );
-                    $wpdb->query( $wpdb->prepare( "delete FROM $wpdb->options where option_name = 'wfp_cancel';" ) );
+                    $wpdb->query( "delete FROM $wpdb->options where option_name = 'wfp_cancel';" );
                     wp_clear_scheduled_hook( WFP_COMMENT_EVENT );
                     delete_option( WFP_OPTION_ITERATION );