@@ -465,7 +465,7 @@ public function review_notice() {
display_name ) ? __( 'there', '404-to-301' ) : ucwords( $current_user->display_name ),
+ empty( $current_user->display_name ) ? esc_html__( 'there', '404-to-301' ) : esc_html( ucwords( $current_user->display_name ) ),
'
',
''
);
@@ -475,10 +475,10 @@ public function review_notice() {
-
+
-
+
group_by = apply_filters( 'jj4t3_log_list_groupby', $group_by );
+ $group_by = apply_filters( 'jj4t3_log_list_groupby', $group_by );
+
+ // Verify if the group by value is allowed.
+ if ( ! in_array( $group_by, $allowed_values, true ) ) {
+ return;
+ }
+
+ $this->group_by = $group_by;
}
/**
@@ -720,7 +722,7 @@ public function extra_tablenav( $which ) {
echo '
';
submit_button( __( 'Apply', '404-to-301' ), 'button', 'filter_action', false, array( 'id' => 'post-query' ) );
diff --git a/includes/admin/views/settings.php b/includes/admin/views/settings.php
index 71e68d4..f870aad 100755
--- a/includes/admin/views/settings.php
+++ b/includes/admin/views/settings.php
@@ -52,7 +52,7 @@
|
-
+
|
diff --git a/includes/index.php b/includes/index.php
old mode 100755
new mode 100644
diff --git a/includes/public/class-jj4t3-404-data.php b/includes/public/class-jj4t3-404-data.php
index cf7b64a..069e65e 100755
--- a/includes/public/class-jj4t3-404-data.php
+++ b/includes/public/class-jj4t3-404-data.php
@@ -10,12 +10,12 @@
* 404 page. This class can be extended to access the 404
* page details such as URL, Time, User Agent etc.
*
+ * @link https://duckdev.com/products/404-to-301/
+ * @author Joel James
+ * @license http://www.gnu.org/licenses/ GNU General Public License
* @category Core
* @package JJ4T3
* @subpackage 404Data
- * @author Joel James
- * @license http://www.gnu.org/licenses/ GNU General Public License
- * @link https://duckdev.com/products/404-to-301/
*/
class JJ4T3_404_Data {
@@ -66,7 +66,6 @@ class JJ4T3_404_Data {
* @access private
*/
public function init() {
-
$this->set_ip();
$this->set_ref();
$this->set_ua();
@@ -80,20 +79,19 @@ public function init() {
* Get real IP address of the user.
* http://stackoverflow.com/a/55790/3845839
*
- * @param string $ip Default value for IP Address.
- *
* @since 2.2.6
* @access private
*
+ * @param string $ip Default value for IP Address.
+ *
* @return void
*/
private function set_ip( $ip = '' ) {
-
- // IP varibals in priority oder.
- $ips = array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'REMOTE_ADDR' );
- foreach ( $ips as $ip ) {
- if ( isset( $_SERVER[ $ip ] ) ) {
- $ip = $_SERVER[ $ip ];
+ // IP variables in priority oder.
+ $headers = array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'REMOTE_ADDR' );
+ foreach ( $headers as $header ) {
+ if ( isset( $_SERVER[ $header ] ) ) {
+ $ip = $_SERVER[ $header ]; // phpcs:ignore
}
}
@@ -102,23 +100,24 @@ private function set_ip( $ip = '' ) {
*
* @since 3.0.0
*/
- $this->ip = apply_filters( 'jj4t3_404_ip', $ip );
+ $ip = apply_filters( 'jj4t3_404_ip', $ip );
+
+ $this->ip = sanitize_text_field( $ip );
}
/**
* Set visitors user agent/browser.
*
- * @param string $ua Default value for User Agent.
- *
* @since 3.0.0
* @access private
*
+ * @param string $ua Default value for User Agent.
+ *
* @return void
*/
private function set_ua( $ua = '' ) {
-
if ( isset( $_SERVER['HTTP_USER_AGENT'] ) ) {
- $ua = $_SERVER['HTTP_USER_AGENT'];
+ $ua = $_SERVER['HTTP_USER_AGENT']; // phpcs:ignore
}
/**
@@ -126,23 +125,24 @@ private function set_ua( $ua = '' ) {
*
* @since 3.0.0
*/
- $this->ua = apply_filters( 'jj4t3_404_ua', $ua );
+ $ua = apply_filters( 'jj4t3_404_ua', $ua );
+
+ $this->ua = sanitize_text_field( $ua );
}
/**
* Set visitors referring link.
*
- * @param string $ref Default value for Ref.
- *
* @since 3.0.0
* @access private
*
+ * @param string $ref Default value for Ref.
+ *
* @return void
*/
private function set_ref( $ref = '' ) {
-
if ( isset( $_SERVER['HTTP_REFERER'] ) ) {
- $ref = esc_url( $_SERVER['HTTP_REFERER'] );
+ $ref = $_SERVER['HTTP_REFERER']; // phpcs:ignore
}
/**
@@ -152,23 +152,24 @@ private function set_ref( $ref = '' ) {
*
* @since 3.0.0
*/
- $this->ref = apply_filters( 'jj4t3_404_ref', $ref );
+ $ref = apply_filters( 'jj4t3_404_ref', $ref );
+
+ $this->ref = esc_url_raw( $ref );
}
/**
* Set visitors referring link.
*
- * @param string $url Default value for 404 URL.
- *
* @since 3.0.0
* @access private
*
+ * @param string $url Default value for 404 URL.
+ *
* @return void
*/
private function set_url( $url = '' ) {
-
if ( isset( $_SERVER['REQUEST_URI'] ) ) {
- $url = untrailingslashit( esc_url( $_SERVER['REQUEST_URI'] ) );
+ $url = $_SERVER['REQUEST_URI']; // phpcs:ignore
}
/**
@@ -178,7 +179,9 @@ private function set_url( $url = '' ) {
*
* @since 3.0.0
*/
- $this->url = apply_filters( 'jj4t3_404_url', $url );
+ $url = apply_filters( 'jj4t3_404_url', $url );
+
+ $this->url = untrailingslashit( esc_url_raw( $url ) );
}
/**
@@ -190,11 +193,10 @@ private function set_url( $url = '' ) {
* @return void
*/
private function set_time() {
-
/**
* Filter to alter current time.
*
- * @note If you using this filter, remember to
+ * @note If you using this filter, remember to
* return proper MySQL time format.
*
* @since 3.0.0
@@ -215,7 +217,6 @@ private function set_time() {
* @return boolean
*/
public function is_excluded() {
-
$excluded = jj4t3_get_option( 'exclude_paths', '' );
$paths = array();
@@ -229,7 +230,7 @@ public function is_excluded() {
/**
* Filter to alter exclude path values.
*
- * @note You should return array if strings .
+ * @note You should return array if strings .
*
* @since 3.0.0
*/
@@ -249,5 +250,4 @@ public function is_excluded() {
return false;
}
-
}