wpallstars/wp-multisite-waas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prep Plugin for release on WordPress.org

Browse Source 
Escape everything that should be escaped.
Add nonce checks where needed.
Sanitize all inputs.
Apply Code style changes across the codebase.
Correct many deprecation notices.
Optimize load order of many filters.
This commit is contained in:
David Stone
2025-04-07 09:15:21 -06:00
parent f05ab77418
commit a815fdf179
290 changed files with 2999 additions and 3269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
inc/admin-pages/class-broadcast-edit-admin-page.php
View File

@ -454,7 +454,7 @@ class Broadcast_Edit_Admin_Page extends Edit_Admin_Page {
$item = $query->get_item_by('id', $_GET['id']);
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-broadcasts'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-broadcasts'));
exit;
}

16
inc/admin-pages/class-checkout-form-edit-admin-page.php
View File

@ -107,7 +107,7 @@ class Checkout_Form_Edit_Admin_Page extends Edit_Admin_Page {
*/
public function add_width_control_script(): void {
wp_enqueue_script('wu-checkout-form-edit-modal', wu_get_asset('checkout-form-editor-modal.js', 'js'), [], wu_get_version());
wp_enqueue_script('wu-checkout-form-edit-modal', wu_get_asset('checkout-form-editor-modal.js', 'js'), [], wu_get_version(), true);
}
/**
@ -544,7 +544,7 @@ class Checkout_Form_Edit_Admin_Page extends Edit_Admin_Page {
$default_field['wrapper_html_attr'] = array_merge(
wu_get_isset($default_field, 'wrapper_html_attr', []),
[
'v-if' => sprintf('type && require("type", %s) && require("tab", "%s")', json_encode($reqs), $tab),
'v-if' => sprintf('type && require("type", %s) && require("tab", "%s")', wp_json_encode($reqs), $tab),
'v-cloak' => '1',
]
);
@ -552,11 +552,11 @@ class Checkout_Form_Edit_Admin_Page extends Edit_Admin_Page {
if ('name' === $default_field_slug || 'id' === $default_field_slug || 'default_value' === $default_field_slug) {
unset($default_field['wrapper_html_attr']['v-if']);
$default_field['wrapper_html_attr']['v-show'] = sprintf('type && require("type", %s) && require("tab", "%s")', json_encode($reqs), $tab);
$default_field['wrapper_html_attr']['v-show'] = sprintf('type && require("type", %s) && require("tab", "%s")', wp_json_encode($reqs), $tab);
}
if ('id' === $default_field_slug) {
$default_field['html_attr']['v-bind:required'] = sprintf('type && require("type", %s) && require("tab", "content")', json_encode($reqs));
$default_field['html_attr']['v-bind:required'] = sprintf('type && require("type", %s) && require("tab", "content")', wp_json_encode($reqs));
}
}
@ -1161,10 +1161,10 @@ class Checkout_Form_Edit_Admin_Page extends Edit_Admin_Page {
wp_enqueue_script('wu-checkout-form-editor');
wp_enqueue_script('wu-vue-sortable', '//cdn.jsdelivr.net/npm/sortablejs@1.8.4/Sortable.min.js', [], wu_get_version());
wp_enqueue_script('wu-vue-draggable', '//cdnjs.cloudflare.com/ajax/libs/Vue.Draggable/2.20.0/vuedraggable.umd.min.js', [], wu_get_version());
wp_enqueue_script('wu-vue-sortable', '//cdn.jsdelivr.net/npm/sortablejs@1.8.4/Sortable.min.js', [], wu_get_version(), true);
wp_enqueue_script('wu-vue-draggable', '//cdnjs.cloudflare.com/ajax/libs/Vue.Draggable/2.20.0/vuedraggable.umd.min.js', [], wu_get_version(), true);
wp_enqueue_style('wu-checkout-form-editor', wu_get_asset('checkout-editor.css', 'css'));
wp_enqueue_style('wu-checkout-form-editor', wu_get_asset('checkout-editor.css', 'css'), [], wu_get_version());
}
/**
@ -1500,7 +1500,7 @@ class Checkout_Form_Edit_Admin_Page extends Edit_Admin_Page {
$item = wu_get_checkout_form($item_id);
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-checkout-forms'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-checkout-forms'));
exit;
}

2
inc/admin-pages/class-checkout-form-list-admin-page.php
View File

@ -163,7 +163,7 @@ class Checkout_Form_List_Admin_Page extends List_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'add_checkout_form_field',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'template' => 'single-step',
]

8
inc/admin-pages/class-customer-edit-admin-page.php
View File

@ -765,7 +765,7 @@ class Customer_Edit_Admin_Page extends Edit_Admin_Page {
[
'html_attr' => [
'data-wu-app' => 'customer_save',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'original_user_id' => $this->get_object()->get_user_id(),
'user_id' => $this->get_object()->get_user_id(),
@ -797,7 +797,7 @@ class Customer_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'display_name',
'data-search-field' => 'display_name',
'data-max-items' => 1,
'data-selected' => json_encode($this->get_object()->get_user()->data),
'data-selected' => wp_json_encode($this->get_object()->get_user()->data),
],
'wrapper_html_attr' => [
'v-cloak' => '1',
@ -1082,7 +1082,7 @@ class Customer_Edit_Admin_Page extends Edit_Admin_Page {
$item = wu_get_customer($item_id);
if ( ! $item || $item->get_type() !== 'customer') {
wp_redirect(wu_network_admin_url('wp-ultimo-customers'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-customers'));
exit;
}
@ -1123,7 +1123,7 @@ class Customer_Edit_Admin_Page extends Edit_Admin_Page {
]
);
wp_redirect($redirect_url);
wp_safe_redirect($redirect_url);
exit;
}

2
inc/admin-pages/class-customer-list-admin-page.php
View File

@ -260,7 +260,7 @@ class Customer_List_Admin_Page extends List_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'add_new_customer',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'set_password' => false,
'type' => 'existing',

11
inc/admin-pages/class-customizer-admin-page.php
View File

@ -89,7 +89,16 @@ abstract class Customizer_Admin_Page extends Edit_Admin_Page {
parent::register_scripts();
wp_enqueue_script('wu-customizer', wu_get_asset('customizer.js', 'js'), ['jquery', 'wu-vue', 'wu-block-ui'], \WP_Ultimo::VERSION, ['async' => true, 'in_footer' => true]);
wp_enqueue_script(
'wu-customizer',
wu_get_asset('customizer.js', 'js'),
['jquery', 'wu-vue', 'wu-block-ui'],
\WP_Ultimo::VERSION,
[
'async' => true,
'in_footer' => true,
]
);
wp_enqueue_style('wp-color-picker');

4
inc/admin-pages/class-dashboard-admin-page.php
View File

@ -604,9 +604,9 @@ class Dashboard_Admin_Page extends Base_Admin_Page {
$slug = $args['slug'];
$header_strings = json_encode($args['headers']);
$header_strings = wp_json_encode($args['headers']);
$data_strings = json_encode($args['data']);
$data_strings = wp_json_encode($args['data']);
$html = "<div class='wu-bg-gray-100 wu-p-2 wu-text-right wu-border-0 wu-border-b wu-border-solid wu-border-gray-400'>

4
inc/admin-pages/class-discount-code-edit-admin-page.php
View File

@ -409,7 +409,7 @@ class Discount_Code_Edit_Admin_Page extends Edit_Admin_Page {
'wrapper_classes' => '',
'html_attr' => [
':name' => "'allowed_products[]'",
':checked' => json_encode(!$this->get_object()->get_limit_products() || in_array($product_id, $this->get_object()->get_allowed_products())), // phpcs:ignore
':checked' => wp_json_encode(!$this->get_object()->get_limit_products() || in_array($product_id, $this->get_object()->get_allowed_products())), // phpcs:ignore
':value' => $product_id,
],
'wrapper_html_attr' => [
@ -609,7 +609,7 @@ class Discount_Code_Edit_Admin_Page extends Edit_Admin_Page {
$item = wu_get_discount_code($item_id);
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-discount_codes'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-discount_codes'));
exit;
}

30
inc/admin-pages/class-domain-edit-admin-page.php
View File

@ -94,6 +94,26 @@ class Domain_Edit_Admin_Page extends Edit_Admin_Page {
add_action('wu_after_delete_domain_modal', [$this, 'domain_after_delete_actions']);
}
/**
* Registers the necessary scripts and styles for this admin page.
*
* @since 2.0.0
* @return void
*/
public function register_scripts(): void {
parent::register_scripts();
wp_enqueue_script(
'wu-dns-table',
wu_get_asset('dns-table.js', 'js'),
['jquery', 'wu-vue'],
\WP_Ultimo::VERSION,
[
'async' => true,
'in_footer' => true,
]
);
}
/**
* Adds the extra delete fields to the delete form.
@ -126,8 +146,8 @@ class Domain_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'domain',
'data-search-field' => 'domain',
'data-max-items' => 1,
'data-exclude' => json_encode([$domain->get_id()]),
'data-include' => json_encode($domain->get_blog_id()),
'data-exclude' => wp_json_encode([$domain->get_id()]),
'data-include' => wp_json_encode($domain->get_blog_id()),
],
'wrapper_html_attr' => [
'v-if' => $is_primary_domain && $has_other_domains ? 'true' : 'false',
@ -312,7 +332,7 @@ class Domain_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'title',
'data-search-field' => 'title',
'data-max-items' => 1,
'data-selected' => $this->get_object()->get_site() ? json_encode($this->get_object()->get_site()->to_search_results()) : '',
'data-selected' => $this->get_object()->get_site() ? wp_json_encode($this->get_object()->get_site()->to_search_results()) : '',
],
'wrapper_html_attr' => [
'v-cloak' => '1',
@ -322,7 +342,7 @@ class Domain_Edit_Admin_Page extends Edit_Admin_Page {
]
);
$check_for_active_string = sprintf('%s.includes(stage)', json_encode(\WP_Ultimo\Models\Domain::INACTIVE_STAGES));
$check_for_active_string = sprintf('%s.includes(stage)', wp_json_encode(\WP_Ultimo\Models\Domain::INACTIVE_STAGES));
$this->add_fields_widget(
'basic',
@ -502,7 +522,7 @@ class Domain_Edit_Admin_Page extends Edit_Admin_Page {
$item = wu_get_domain($item_id);
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-domains'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-domains'));
exit;
}

2
inc/admin-pages/class-domain-list-admin-page.php
View File

@ -196,7 +196,7 @@ class Domain_List_Admin_Page extends List_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'add_new_domain',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'type' => 'add',
'primary_domain' => false,

6
inc/admin-pages/class-edit-admin-page.php
View File

@ -184,7 +184,7 @@ abstract class Edit_Admin_Page extends Base_Admin_Page {
*/
$this->get_object()->unlock();
wp_redirect(
wp_safe_redirect(
remove_query_arg(
[
'remove-lock',
@ -856,7 +856,7 @@ abstract class Edit_Admin_Page extends Base_Admin_Page {
$url = add_query_arg($array_params);
wp_redirect($url);
wp_safe_redirect($url);
return true;
}
@ -885,7 +885,7 @@ abstract class Edit_Admin_Page extends Base_Admin_Page {
$url = str_replace('_', '-', (string) $object->model);
$url = wu_network_admin_url("wp-ultimo-{$url}s");
wp_redirect($url);
wp_safe_redirect($url);
exit;
}

2
inc/admin-pages/class-email-edit-admin-page.php
View File

@ -528,7 +528,7 @@ class Email_Edit_Admin_Page extends Edit_Admin_Page {
$item = $query->get_item_by('id', $_GET['id']);
if (! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-emails'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-emails'));
exit;
}

4
inc/admin-pages/class-email-template-customize-admin-page.php
View File

@ -496,7 +496,7 @@ class Email_Template_Customize_Admin_Page extends Customizer_Admin_Page {
'style' => 'margin-top: -6px;',
'data-wu-app' => 'email_template_customizer',
'data-wu-customizer-panel' => true,
'data-state' => json_encode($state),
'data-state' => wp_json_encode($state),
],
]
);
@ -577,7 +577,7 @@ class Email_Template_Customize_Admin_Page extends Customizer_Admin_Page {
$url = add_query_arg('updated', '1');
wp_redirect($url);
wp_safe_redirect($url);
exit;
}

4
inc/admin-pages/class-event-view-admin-page.php
View File

@ -178,7 +178,7 @@ class Event_View_Admin_Page extends Edit_Admin_Page {
[
'title' => __('Event Payload', 'wp-multisite-waas'),
'loading_text' => __('Loading Payload', 'wp-multisite-waas'),
'payload' => json_encode($object->get_payload(), JSON_PRETTY_PRINT),
'payload' => wp_json_encode($object->get_payload(), JSON_PRETTY_PRINT),
]
);
}
@ -272,7 +272,7 @@ class Event_View_Admin_Page extends Edit_Admin_Page {
}
}
wp_redirect(wu_network_admin_url('wp-ultimo-events'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-events'));
exit;
}

8
inc/admin-pages/class-hosting-integration-wizard-admin-page.php
View File

@ -93,7 +93,7 @@ class Hosting_Integration_Wizard_Admin_Page extends Wizard_Admin_Page {
}
if ( ! $this->integration) {
wp_redirect(network_admin_url('admin.php?page=wp-ultimo-settings'));
wp_safe_redirect(network_admin_url('admin.php?page=wp-ultimo-settings'));
exit;
}
@ -294,7 +294,7 @@ class Hosting_Integration_Wizard_Admin_Page extends Wizard_Admin_Page {
$this->integration->enable();
wp_redirect($this->get_next_section_link());
wp_safe_redirect($this->get_next_section_link());
exit;
}
@ -316,7 +316,7 @@ class Hosting_Integration_Wizard_Admin_Page extends Wizard_Admin_Page {
]
);
wp_redirect($redirect_url);
wp_safe_redirect($redirect_url);
exit;
}
@ -332,7 +332,7 @@ class Hosting_Integration_Wizard_Admin_Page extends Wizard_Admin_Page {
$redirect_url = remove_query_arg('manual', $redirect_url);
wp_redirect($redirect_url);
wp_safe_redirect($redirect_url);
exit;
}

4
inc/admin-pages/class-invoice-template-customize-admin-page.php
View File

@ -286,7 +286,7 @@ class Invoice_Template_Customize_Admin_Page extends Customizer_Admin_Page {
'style' => 'margin-top: -6px;',
'data-wu-app' => 'invoice_customizer',
'data-wu-customizer-panel' => true,
'data-state' => json_encode($state),
'data-state' => wp_json_encode($state),
],
]
);
@ -357,7 +357,7 @@ class Invoice_Template_Customize_Admin_Page extends Customizer_Admin_Page {
$url = add_query_arg('updated', '1');
wp_redirect($url);
wp_safe_redirect($url);
exit;
}

16
inc/admin-pages/class-membership-edit-admin-page.php
View File

@ -259,7 +259,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'true',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'confirmed' => false,
]
@ -519,7 +519,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'display_name',
'data-search-field' => 'display_name',
'data-max-items' => 1,
'data-selected' => $this->get_object()->get_customer() ? json_encode($this->get_object()->get_customer()->to_search_results()) : '',
'data-selected' => $this->get_object()->get_customer() ? wp_json_encode($this->get_object()->get_customer()->to_search_results()) : '',
],
'wrapper_html_attr' => [
'v-cloak' => '1',
@ -583,7 +583,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
[
'html_attr' => [
'data-wu-app' => 'membership_save',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'status' => $this->get_object()->get_status(),
'original_customer_id' => $this->get_object()->get_customer_id(),
@ -602,7 +602,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
'title' => __('Billing Amount', 'wp-multisite-waas'),
'html_attr' => [
'data-wu-app' => 'true',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'is_recurring' => $this->get_object()->is_recurring(),
'is_auto_renew' => $this->get_object()->should_auto_renew(),
@ -1082,7 +1082,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
$item = wu_get_membership($item_id);
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-memberships'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-memberships'));
exit;
}
@ -1162,7 +1162,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
$url = add_query_arg($array_params);
wp_redirect($url);
wp_safe_redirect($url);
return true;
}
@ -1227,7 +1227,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
$url = remove_query_arg('preview-swap', $url);
wp_redirect($url);
wp_safe_redirect($url);
return true;
}
@ -1583,7 +1583,7 @@ class Membership_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'name',
'data-search-field' => 'name',
'data-max-items' => 1,
'data-selected' => json_encode($product->to_search_results()),
'data-selected' => wp_json_encode($product->to_search_results()),
],
],
'update_price' => [

2
inc/admin-pages/class-migration-alert-admin-page.php
View File

@ -163,7 +163,7 @@ class Migration_Alert_Admin_Page extends Wizard_Admin_Page {
delete_network_option(null, 'wu_setup_finished');
delete_network_option(null, 'wu_is_migration_done');
wp_redirect(wu_network_admin_url('wp-ultimo-setup'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-setup'));
exit;
}

8
inc/admin-pages/class-payment-edit-admin-page.php
View File

@ -689,7 +689,7 @@ class Payment_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'name',
'data-search-field' => 'name',
'data-max-items' => 1,
'data-selected' => $line_item->get_product() ? json_encode($line_item->get_product()->to_search_results()) : '',
'data-selected' => $line_item->get_product() ? wp_json_encode($line_item->get_product()->to_search_results()) : '',
],
],
'title' => [
@ -1073,7 +1073,7 @@ class Payment_Edit_Admin_Page extends Edit_Admin_Page {
'data-value-field' => 'id',
'data-label-field' => 'reference_code',
'data-max-items' => 1,
'data-selected' => $this->get_object()->get_membership() ? json_encode($this->get_object()->get_membership()->to_search_results()) : '',
'data-selected' => $this->get_object()->get_membership() ? wp_json_encode($this->get_object()->get_membership()->to_search_results()) : '',
],
'wrapper_html_attr' => [
'v-cloak' => '1',
@ -1141,7 +1141,7 @@ class Payment_Edit_Admin_Page extends Edit_Admin_Page {
'value' => $this->get_object()->get_saved_invoice_number(),
'wrapper_classes' => 'wu-w-full',
'wrapper_html_attr' => [
'v-show' => json_encode(wu_get_setting('invoice_numbering_scheme', 'reference_code') === 'sequential_number'),
'v-show' => wp_json_encode(wu_get_setting('invoice_numbering_scheme', 'reference_code') === 'sequential_number'),
'v-cloak' => '1',
],
],
@ -1280,7 +1280,7 @@ class Payment_Edit_Admin_Page extends Edit_Admin_Page {
$item = $query->get_item_by('id', $_GET['id']);
if ( ! $item || $item->get_parent_id()) {
wp_redirect(wu_network_admin_url('wp-ultimo-payments'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-payments'));
exit;
}

10
inc/admin-pages/class-product-edit-admin-page.php
View File

@ -162,7 +162,7 @@ class Product_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'name',
'data-search-field' => 'name',
'data-max-items' => 1,
'data-exclude' => json_encode([$product->get_id()]),
'data-exclude' => wp_json_encode([$product->get_id()]),
],
],
];
@ -270,7 +270,7 @@ class Product_Edit_Admin_Page extends Edit_Admin_Page {
[
'html_attr' => [
'data-wu-app' => 'product_pricing',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'is_recurring' => $this->get_object()->is_recurring(),
'pricing_type' => $this->get_object()->get_pricing_type(),
@ -705,7 +705,7 @@ class Product_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'name',
'data-search-field' => 'name',
'data-max-items' => 99,
'data-selected' => json_encode(
'data-selected' => wp_json_encode(
wu_get_products(
[
'id__in' => $this->get_object()->get_available_addons(),
@ -750,7 +750,7 @@ class Product_Edit_Admin_Page extends Edit_Admin_Page {
'fields' => [
'price_variations_remove' => [
'type' => 'note',
'desc' => sprintf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => price_variations.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', __('Remove', 'wp-multisite-waas')),
'desc' => sprintf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => price_variations.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', esc_html__('Remove', 'wp-multisite-waas')),
'wrapper_classes' => 'wu-absolute wu-top-0 wu-right-0',
],
'price_variations_duration' => [
@ -1036,7 +1036,7 @@ class Product_Edit_Admin_Page extends Edit_Admin_Page {
$item = $query->get_item_by('id', $_GET['id']);
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-products'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-products'));
exit;
}

67
inc/admin-pages/class-settings-admin-page.php
View File

@ -197,15 +197,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<div class="wu-p-4">
<span class="wu-text-gray-700 wu-font-bold wu-uppercase wu-tracking-wide wu-text-xs">
<?php _e('Checkout Forms', 'wp-multisite-waas'); ?>
<?php esc_html_e('Checkout Forms', 'wp-multisite-waas'); ?>
</span>
<div class="wu-py-2">
<img class="wu-w-full" alt="<?php esc_attr_e('Checkout Forms', 'wp-multisite-waas'); ?>" src="<?php echo wu_get_asset('sidebar/checkout-forms.webp'); ?>">
<img class="wu-w-full" alt="<?php esc_attr_e('Checkout Forms', 'wp-multisite-waas'); ?>" src="<?php echo esc_attr(wu_get_asset('sidebar/checkout-forms.webp')); ?>">
</div>
<p class="wu-text-gray-600 wu-p-0 wu-m-0">
<?php _e('You can create multiple Checkout Forms for different occasions (seasonal campaigns, launches, etc)!', 'wp-multisite-waas'); ?>
<?php esc_html_e('You can create multiple Checkout Forms for different occasions (seasonal campaigns, launches, etc)!', 'wp-multisite-waas'); ?>
</p>
</div>
@ -213,8 +213,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<?php if (current_user_can('wu_edit_checkout_forms')) : ?>
<div class="wu-p-4 wu-bg-gray-100 wu-border-solid wu-border-0 wu-border-t wu-border-gray-300">
<a class="button wu-w-full wu-text-center" href="<?php echo wu_network_admin_url('wp-ultimo-checkout-forms'); ?>">
<?php _e('Manage Checkout Forms &rarr;', 'wp-multisite-waas'); ?>
<a class="button wu-w-full wu-text-center" href="<?php echo esc_attr(wu_network_admin_url('wp-ultimo-checkout-forms')); ?>">
<?php esc_html_e('Manage Checkout Forms &rarr;', 'wp-multisite-waas'); ?>
</a>
</div>
@ -240,15 +240,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<div class="wu-p-4">
<span class="wu-text-gray-700 wu-font-bold wu-uppercase wu-tracking-wide wu-text-xs">
<?php _e('Customize the Template Previewer', 'wp-multisite-waas'); ?>
<?php esc_html_e('Customize the Template Previewer', 'wp-multisite-waas'); ?>
</span>
<div class="wu-py-2">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize the Template Previewer', 'wp-multisite-waas'); ?>" src="<?php echo wu_get_asset('sidebar/site-template.webp'); ?>">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize the Template Previewer', 'wp-multisite-waas'); ?>" src="<?php echo esc_attr(wu_get_asset('sidebar/site-template.webp')); ?>">
</div>
<p class="wu-text-gray-600 wu-p-0 wu-m-0">
<?php _e('Did you know that you can customize colors, logos, and more options of the Site Template Previewer top-bar?', 'wp-multisite-waas'); ?>
<?php esc_html_e('Did you know that you can customize colors, logos, and more options of the Site Template Previewer top-bar?', 'wp-multisite-waas'); ?>
</p>
</div>
@ -256,8 +256,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<?php if (current_user_can('wu_edit_sites')) : ?>
<div class="wu-p-4 wu-bg-gray-100 wu-border-solid wu-border-0 wu-border-t wu-border-gray-300">
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo wu_network_admin_url('wp-ultimo-customize-template-previewer'); ?>">
<?php _e('Go to Customizer &rarr;', 'wp-multisite-waas'); ?>
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo esc_attr(wu_network_admin_url('wp-ultimo-customize-template-previewer')); ?>">
<?php esc_html_e('Go to Customizer &rarr;', 'wp-multisite-waas'); ?>
</a>
</div>
@ -283,15 +283,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<div class="wu-p-4">
<span class="wu-text-gray-700 wu-font-bold wu-uppercase wu-tracking-wide wu-text-xs">
<?php _e('Customize the Template Placeholders', 'wp-multisite-waas'); ?>
<?php esc_html_e('Customize the Template Placeholders', 'wp-multisite-waas'); ?>
</span>
<div class="wu-py-2">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize the Template Placeholders', 'wp-multisite-waas'); ?>" src="<?php echo wu_get_asset('sidebar/template-placeholders.webp'); ?>">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize the Template Placeholders', 'wp-multisite-waas'); ?>" src="<?php echo esc_attr(wu_get_asset('sidebar/template-placeholders.webp')); ?>">
</div>
<p class="wu-text-gray-600 wu-p-0 wu-m-0">
<?php _e('If you are using placeholder substitutions inside your site templates, use this tool to add, remove, or change the default content of those placeholders.', 'wp-multisite-waas'); ?>
<?php esc_html_e('If you are using placeholder substitutions inside your site templates, use this tool to add, remove, or change the default content of those placeholders.', 'wp-multisite-waas'); ?>
</p>
</div>
@ -299,8 +299,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<?php if (current_user_can('wu_edit_sites')) : ?>
<div class="wu-p-4 wu-bg-gray-100 wu-border-solid wu-border-0 wu-border-t wu-border-gray-300">
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo wu_network_admin_url('wp-ultimo-template-placeholders'); ?>">
<?php _e('Edit Placeholders &rarr;', 'wp-multisite-waas'); ?>
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo esc_attr(wu_network_admin_url('wp-ultimo-template-placeholders')); ?>">
<?php esc_html_e('Edit Placeholders &rarr;', 'wp-multisite-waas'); ?>
</a>
</div>
@ -326,15 +326,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<div class="wu-p-4">
<span class="wu-text-gray-700 wu-font-bold wu-uppercase wu-tracking-wide wu-text-xs">
<?php _e('Customize the Invoice Template', 'wp-multisite-waas'); ?>
<?php esc_html_e('Customize the Invoice Template', 'wp-multisite-waas'); ?>
</span>
<div class="wu-py-2">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize the Invoice Template', 'wp-multisite-waas'); ?>" src="<?php echo wu_get_asset('sidebar/invoice-template.webp'); ?>">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize the Invoice Template', 'wp-multisite-waas'); ?>" src="<?php echo esc_attr(wu_get_asset('sidebar/invoice-template.webp')); ?>">
</div>
<p class="wu-text-gray-600 wu-p-0 wu-m-0">
<?php _e('Did you know that you can customize colors, logos, and more options of the Invoice PDF template?', 'wp-multisite-waas'); ?>
<?php esc_html_e('Did you know that you can customize colors, logos, and more options of the Invoice PDF template?', 'wp-multisite-waas'); ?>
</p>
</div>
@ -342,8 +342,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<?php if (current_user_can('wu_edit_payments')) : ?>
<div class="wu-p-4 wu-bg-gray-100 wu-border-solid wu-border-0 wu-border-t wu-border-gray-300">
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo wu_network_admin_url('wp-ultimo-customize-invoice-template'); ?>">
<?php _e('Go to Customizer &rarr;', 'wp-multisite-waas'); ?>
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo esc_attr(wu_network_admin_url('wp-ultimo-customize-invoice-template')); ?>">
<?php esc_html_e('Go to Customizer &rarr;', 'wp-multisite-waas'); ?>
</a>
</div>
@ -369,15 +369,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<div class="wu-p-4">
<span class="wu-text-gray-700 wu-font-bold wu-uppercase wu-tracking-wide wu-text-xs">
<?php _e('Customize System Emails', 'wp-multisite-waas'); ?>
<?php esc_html_e('Customize System Emails', 'wp-multisite-waas'); ?>
</span>
<div class="wu-py-2">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize System Emails', 'wp-multisite-waas'); ?>" src="<?php echo wu_get_asset('sidebar/system-emails.webp'); ?>">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize System Emails', 'wp-multisite-waas'); ?>" src="<?php echo esc_attr(wu_get_asset('sidebar/system-emails.webp')); ?>">
</div>
<p class="wu-text-gray-600 wu-p-0 wu-m-0">
<?php _e('You can completely customize the contents of the emails sent out by WP Multisite WaaS when particular events occur, such as Account Creation, Payment Failures, etc.', 'wp-multisite-waas'); ?>
<?php esc_html_e('You can completely customize the contents of the emails sent out by WP Multisite WaaS when particular events occur, such as Account Creation, Payment Failures, etc.', 'wp-multisite-waas'); ?>
</p>
</div>
@ -385,8 +385,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<?php if (current_user_can('wu_edit_broadcasts')) : ?>
<div class="wu-p-4 wu-bg-gray-100 wu-border-solid wu-border-0 wu-border-t wu-border-gray-300">
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo wu_network_admin_url('wp-ultimo-emails'); ?>">
<?php _e('Customize System Emails &rarr;', 'wp-multisite-waas'); ?>
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo esc_attr(wu_network_admin_url('wp-ultimo-emails')); ?>">
<?php esc_html_e('Customize System Emails &rarr;', 'wp-multisite-waas'); ?>
</a>
</div>
@ -412,15 +412,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<div class="wu-p-4">
<span class="wu-text-gray-700 wu-font-bold wu-uppercase wu-tracking-wide wu-text-xs">
<?php _e('Customize Email Template', 'wp-multisite-waas'); ?>
<?php esc_html_e('Customize Email Template', 'wp-multisite-waas'); ?>
</span>
<div class="wu-py-2">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize Email Template', 'wp-multisite-waas'); ?>" src="<?php echo wu_get_asset('sidebar/email-template.webp'); ?>">
<img class="wu-w-full" alt="<?php esc_attr_e('Customize Email Template', 'wp-multisite-waas'); ?>" src="<?php echo esc_attr(wu_get_asset('sidebar/email-template.webp')); ?>">
</div>
<p class="wu-text-gray-600 wu-p-0 wu-m-0">
<?php _e('If your network is using the HTML email option, you can customize the look and feel of the email template.', 'wp-multisite-waas'); ?>
<?php esc_html_e('If your network is using the HTML email option, you can customize the look and feel of the email template.', 'wp-multisite-waas'); ?>
</p>
</div>
@ -428,8 +428,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
<?php if (current_user_can('wu_edit_broadcasts')) : ?>
<div class="wu-p-4 wu-bg-gray-100 wu-border-solid wu-border-0 wu-border-t wu-border-gray-300">
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo wu_network_admin_url('wp-ultimo-customize-email-template'); ?>">
<?php _e('Customize Email Template &rarr;', 'wp-multisite-waas'); ?>
<a class="button wu-w-full wu-text-center" target="_blank" href="<?php echo esc_attr(wu_network_admin_url('wp-ultimo-customize-email-template')); ?>">
<?php esc_html_e('Customize Email Template &rarr;', 'wp-multisite-waas'); ?>
</a>
</div>
@ -481,6 +481,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
wp_enqueue_script('media');
wp_enqueue_script('wu-vue');
wp_enqueue_script('wu-selectizer');
wp_enqueue_script('wu-settings-loader', wu_get_asset('settings-loader.js', 'js'), ['wu-functions'], wu_get_version(), true);
do_action('wu_render_settings');
@ -517,7 +518,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
public function default_handler(): void {
if ( ! current_user_can('wu_edit_settings')) {
wp_die(__('You do not have the permissions required to change settings.', 'wp-multisite-waas'));
wp_die(esc_html__('You do not have the permissions required to change settings.', 'wp-multisite-waas'));
}
if ( ! isset($_POST['active_gateways']) && 'payment-gateways' === wu_request('tab')) {
@ -526,7 +527,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
WP_Ultimo()->settings->save_settings($_POST);
wp_redirect(add_query_arg('updated', 1, wu_get_current_url()));
wp_safe_redirect(add_query_arg('updated', 1, wu_get_current_url()));
exit;
}
@ -577,7 +578,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
'style' => '',
'data-on-load' => 'remove_block_ui',
'data-wu-app' => str_replace('-', '_', $section_slug),
'data-state' => json_encode(wu_array_map_keys('wu_replace_dashes', Settings::get_instance()->get_all(true))),
'data-state' => wp_json_encode(wu_array_map_keys('wu_replace_dashes', Settings::get_instance()->get_all(true))),
],
]
);

12
inc/admin-pages/class-setup-wizard-admin-page.php
View File

@ -219,7 +219,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
public function redirect_to_wizard(): void {
if ( ! \WP_Ultimo\Requirements::run_setup() && wu_request('page') !== 'wp-ultimo-setup') {
wp_redirect(wu_network_admin_url('wp-ultimo-setup'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-setup'));
exit;
}
@ -713,12 +713,12 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
public function handle_checks(): void {
if (\WP_Ultimo\Requirements::met() === false) {
wp_redirect(add_query_arg());
wp_safe_redirect(add_query_arg());
exit;
}
wp_redirect($this->get_next_section_link());
wp_safe_redirect($this->get_next_section_link());
exit;
}
@ -747,7 +747,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
\WP_Ultimo\Settings::get_instance()->save_settings($settings_to_save);
wp_redirect($this->get_next_section_link());
wp_safe_redirect($this->get_next_section_link());
exit;
}
@ -772,7 +772,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
$url = add_query_arg('dry-run', 0);
}
wp_redirect($url);
wp_safe_redirect($url);
exit;
}
@ -790,7 +790,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
$redirect_url = $this->get_next_section_link();
wp_redirect($redirect_url);
wp_safe_redirect($redirect_url);
exit;
}

8
inc/admin-pages/class-site-edit-admin-page.php
View File

@ -227,7 +227,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'transfer_site',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'confirmed' => false,
]
@ -414,7 +414,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
[
'html_attr' => [
'data-wu-app' => 'site_type',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'type' => $this->get_object()->get_type(),
'original_membership_id' => $this->get_object()->get_membership_id(),
@ -487,7 +487,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'reference_code',
'data-search-field' => 'reference_code',
'data-max-items' => 1,
'data-selected' => json_encode($membership_selected),
'data-selected' => wp_json_encode($membership_selected),
],
],
'transfer_note' => [
@ -729,7 +729,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
$item = wu_get_site($item_id);
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-sites'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-sites'));
exit;
}

4
inc/admin-pages/class-site-list-admin-page.php
View File

@ -166,7 +166,7 @@ class Site_List_Admin_Page extends List_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'true',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'confirmed' => false,
]
@ -420,7 +420,7 @@ class Site_List_Admin_Page extends List_Admin_Page {
'value' => $template_id,
'html_attr' => [
'data-model' => 'site',
'data-selected' => $site ? json_encode($site->to_search_results()) : '',
'data-selected' => $site ? wp_json_encode($site->to_search_results()) : '',
'data-value-field' => 'blog_id',
'data-label-field' => 'title',
'data-search-field' => 'title',

4
inc/admin-pages/class-template-previewer-customize-admin-page.php
View File

@ -233,7 +233,7 @@ class Template_Previewer_Customize_Admin_Page extends Customizer_Admin_Page {
'style' => 'margin-top: -6px;',
'data-wu-app' => 'site_template_customizer',
'data-wu-customizer-panel' => true,
'data-state' => json_encode($state),
'data-state' => wp_json_encode($state),
],
]
);
@ -308,7 +308,7 @@ class Template_Previewer_Customize_Admin_Page extends Customizer_Admin_Page {
$url = add_query_arg($array_params);
wp_redirect($url);
wp_safe_redirect($url);
exit;
}

14
inc/admin-pages/class-top-admin-nav-menu.php
View File

@ -163,32 +163,32 @@ class Top_Admin_Nav_Menu {
if (current_user_can('wu_read_sites')) {
$wp_admin_bar->add_node($sites);
} //end if;
}
if (current_user_can('wu_read_memberships')) {
$wp_admin_bar->add_node($memberships);
} //end if;
}
if (current_user_can('wu_read_customers')) {
$wp_admin_bar->add_node($customers);
} //end if;
}
if (current_user_can('wu_read_products')) {
$wp_admin_bar->add_node($products);
} //end if;
}
if (current_user_can('wu_read_payments')) {
$wp_admin_bar->add_node($payments);
} //end if;
}
if (current_user_can('wu_read_discount_codes')) {
$wp_admin_bar->add_node($discount_codes);
} //end if;
}
if (current_user_can('wu_read_settings')) {
$wp_admin_bar->add_node($container);
$wp_admin_bar->add_node($settings);
} //end if;
}
/*
* Add the sub-menus.

2
inc/admin-pages/class-view-logs-admin-page.php
View File

@ -358,7 +358,7 @@ class View_Logs_Admin_Page extends Edit_Admin_Page {
$url = remove_query_arg('log_file');
wp_redirect(add_query_arg('deleted', 1, $url));
wp_safe_redirect(add_query_arg('deleted', 1, $url));
exit;
}

6
inc/admin-pages/class-webhook-edit-admin-page.php
View File

@ -259,7 +259,7 @@ class Webhook_Edit_Admin_Page extends Edit_Admin_Page {
$event = wu_get_event_type($object_event_slug);
$payload = isset($event['payload']) ? json_encode(wu_maybe_lazy_load_payload($event['payload']), JSON_PRETTY_PRINT) : '{}';
$payload = isset($event['payload']) ? wp_json_encode(wu_maybe_lazy_load_payload($event['payload']), JSON_PRETTY_PRINT) : '{}';
wu_get_template(
'events/widget-payload',
@ -357,7 +357,7 @@ class Webhook_Edit_Admin_Page extends Edit_Admin_Page {
$item = $query->get_item_by('id', wu_request('id'));
if ( ! $item) {
wp_redirect(wu_network_admin_url('wp-ultimo-webhooks'));
wp_safe_redirect(wu_network_admin_url('wp-ultimo-webhooks'));
exit;
}
@ -407,7 +407,7 @@ class Webhook_Edit_Admin_Page extends Edit_Admin_Page {
$url = add_query_arg($array_params);
wp_redirect($url);
wp_safe_redirect($url);
exit;
}

2
inc/admin-pages/class-webhook-list-admin-page.php
View File

@ -157,7 +157,7 @@ class Webhook_List_Admin_Page extends List_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'edit_line_item',
'data-state' => json_encode(
'data-state' => wp_json_encode(
[
'event' => '',
]

2
inc/admin-pages/class-wizard-admin-page.php
View File

@ -299,7 +299,7 @@ abstract class Wizard_Admin_Page extends Base_Admin_Page {
*/
public function default_handler(): void {
wp_redirect($this->get_next_section_link());
wp_safe_redirect($this->get_next_section_link());
exit;
}