diff --git a/Waymark.php b/Waymark.php index 4d55d91d..bb1fb497 100644 --- a/Waymark.php +++ b/Waymark.php @@ -4,7 +4,7 @@ Plugin Name: Waymark Plugin URI: https://www.waymark.dev/ Description: Mapping with WordPress made easy. With Waymark enabled, click on the "Maps" link in the sidebar to create and edit Maps. Once you are happy with your Map, copy the Waymark shortcode and add it to your content. -Version: 1.5.0 +Version: 1.5.1 Text Domain: waymark Author: Joe Hawes Author URI: https://www.morehawes.ca/ diff --git a/inc/Front/Waymark_HTTP.php b/inc/Front/Waymark_HTTP.php index 349ec872..dfa38470 100644 --- a/inc/Front/Waymark_HTTP.php +++ b/inc/Front/Waymark_HTTP.php @@ -137,29 +137,7 @@ public function template_redirect() { header('Content-Type: application/gpx+xml'); //Clean (allow GPX elements) - echo wp_kses($map_data, [ - 'gpx' => [ - 'creator' => true, - 'version' => true, - 'xmlns' => true, - 'xmlns:xsi' => true, - 'xsi:schemaLocation' => true, - ], - 'metadata' => [], - 'name' => [], - 'wpt' => [ - 'lat' => true, - 'lon' => true, - ], - 'desc' => [], - 'trk' => [], - 'trkseg' => [], - 'trkpt' => [ - 'lat' => true, - 'lon' => true, - ], - 'ele' => [], - ]); + echo wp_kses($map_data, Waymark_Helper::allowable_tags('gpx')); break; case 'kml': @@ -167,28 +145,7 @@ public function template_redirect() { // Clean (allow KML elements) echo ''; - echo wp_kses($map_data, [ - 'kml' => [ - 'xmlns' => true, - ], - 'document' => [], - 'placemark' => [], - 'name' => [], - 'extendeddata' => [], - 'data' => [ - 'name' => true, - ], - 'value' => [], - 'point' => [], - 'coordinates' => [], - 'description' => [], - 'linestring' => [], - 'linearring' => [], - 'polygon' => [], - 'outerboundaryis' => [], - 'innerboundaryis' => [], - 'multigeometry' => [], - ]); + echo wp_kses($map_data, Waymark_Helper::allowable_tags('kml')); break; case 'geojson': diff --git a/inc/Front/Waymark_Shortcode.php b/inc/Front/Waymark_Shortcode.php index 758c3847..9cce5f9b 100644 --- a/inc/Front/Waymark_Shortcode.php +++ b/inc/Front/Waymark_Shortcode.php @@ -6,12 +6,6 @@ function __construct() { } function handle_shortcode($shortcode_data, $content = null) { - // Sanitize - foreach ($shortcode_data as $key => $value) { - // Escape - $shortcode_data[$key] = esc_attr($value); - } - $out = ''; $map_class = 'waymark-map'; $shortcode_hash = substr(md5(wp_json_encode($shortcode_data)), 0, 6); @@ -83,7 +77,7 @@ function handle_shortcode($shortcode_data, $content = null) { $shortcode_meta = Waymark_Helper::get_collection_meta($Collection, 'shortcode'); //Map Class - $map_class .= ' waymark-collection-id-' . $collection_id; + $map_class .= ' waymark-collection-id-' . esc_attr($collection_id); // Collection Maps as GeoJSON @@ -172,14 +166,14 @@ function handle_shortcode($shortcode_data, $content = null) { } //Output HTML container - $out = "\n\n" . '' . "\n"; + $out = "\n\n" . '' . "\n"; $shortcode_style = ''; if ($map_width) { $shortcode_style .= 'width:' . $map_width . 'px'; } - $out .= '
' . "\n"; + $out .= '
' . "\n"; //Header ? $do_header = 0; @@ -256,7 +250,7 @@ function handle_shortcode($shortcode_data, $content = null) { $map_style = 'display:none;'; $map_style .= 'height:' . $map_height . 'px;min-height:' . $map_height . 'px;'; - $out .= '
' . "\n"; + $out .= '
' . "\n"; //Elevation? @@ -269,7 +263,7 @@ function handle_shortcode($shortcode_data, $content = null) { } if ($show_elevation) { - $out .= '
' . "\n"; + $out .= '
' . "\n"; } // Waymark_Helper::debug($show_elevation); @@ -290,10 +284,10 @@ function handle_shortcode($shortcode_data, $content = null) { $out .= ' if(typeof waymark_user_config === "undefined") { waymark_viewer.message("Configuration not found! Check for \"var waymark_user_config\" in your page HTML.", "error"); }' . "\n"; $out .= ' var waymark_config = jQuery.extend(true, {}, waymark_user_config);' . "\n"; - $out .= ' waymark_config.map_options.map_div_id = "waymark-map-' . $shortcode_hash . '";' . "\n"; - $out .= ' waymark_config.map_options.map_height = ' . $map_height . ";\n"; + $out .= ' waymark_config.map_options.map_div_id = "waymark-map-' . esc_js($shortcode_hash) . '";' . "\n"; + $out .= ' waymark_config.map_options.map_height = ' . esc_js($map_height) . ";\n"; if ($map_width) { - $out .= ' waymark_config.map_options.map_width = ' . $map_width . ";\n"; + $out .= ' waymark_config.map_options.map_width = ' . esc_js($map_width) . ";\n"; } // ===== Shortcode options (2/2) ===== @@ -304,7 +298,7 @@ function handle_shortcode($shortcode_data, $content = null) { $map_latlng_array = Waymark_Helper::latlng_string_to_array($latlng_string); if (is_array($map_latlng_array)) { - $out .= ' waymark_config.map_options.map_init_latlng = [' . $map_latlng_array[0] . ',' . $map_latlng_array[1] . '];' . "\n"; + $out .= ' waymark_config.map_options.map_init_latlng = [' . esc_js($map_latlng_array[0]) . ',' . esc_js($map_latlng_array[1]) . '];' . "\n"; } // } else if ($default_latlng = Waymark_Config::get_setting('misc', 'map_options', 'map_default_latlng')) { // // We have a valid LatLng @@ -318,7 +312,7 @@ function handle_shortcode($shortcode_data, $content = null) { $map_init_zoom = $shortcode_data['map_zoom']; if (is_numeric($map_init_zoom)) { - $out .= ' waymark_config.map_options.map_init_zoom = ' . $map_init_zoom . ";\n"; + $out .= ' waymark_config.map_options.map_init_zoom = ' . esc_js($map_init_zoom) . ";\n"; } // Default Zoom // } elseif ($default_zoom = Waymark_Config::get_setting('misc', 'map_options', 'map_default_zoom')) { @@ -327,33 +321,33 @@ function handle_shortcode($shortcode_data, $content = null) { //Max Zoom if (array_key_exists('max_zoom', $shortcode_data) && is_numeric($shortcode_data['max_zoom'])) { - $out .= ' waymark_config.map_options.map_max_zoom = ' . $shortcode_data['max_zoom'] . ";\n"; + $out .= ' waymark_config.map_options.map_max_zoom = ' . esc_js($shortcode_data['max_zoom']) . ";\n"; } //Basemap? if (array_key_exists('basemap', $shortcode_data)) { - $out .= ' waymark_config.map_options.map_init_basemap = "' . $shortcode_data['basemap'] . '";' . "\n"; + $out .= ' waymark_config.map_options.map_init_basemap = "' . esc_js($shortcode_data['basemap']) . '";' . "\n"; } //Gallery? if (array_key_exists('show_gallery', $shortcode_data) && in_array($shortcode_data['show_gallery'], ['1', '0'])) { - $out .= ' waymark_config.viewer_options.show_gallery = ' . $shortcode_data['show_gallery'] . ';' . "\n"; + $out .= ' waymark_config.viewer_options.show_gallery = ' . esc_js($shortcode_data['show_gallery']) . ';' . "\n"; } //Overlay filter? if (array_key_exists('show_filter', $shortcode_data) && in_array($shortcode_data['show_filter'], ['1', '0'])) { - $out .= ' waymark_config.viewer_options.show_filter = ' . $shortcode_data['show_filter'] . ';' . "\n"; + $out .= ' waymark_config.viewer_options.show_filter = ' . esc_js($shortcode_data['show_filter']) . ';' . "\n"; } //Elevation? if ($show_elevation) { $out .= ' waymark_config.viewer_options.show_elevation = "1";' . "\n"; - $out .= ' waymark_config.viewer_options.elevation_div_id = "waymark-elevation-' . $shortcode_hash . '";' . "\n"; + $out .= ' waymark_config.viewer_options.elevation_div_id = "waymark-elevation-' . esc_js($shortcode_hash) . '";' . "\n"; //Units //Shortcode if (array_key_exists('elevation_units', $shortcode_data) && in_array($shortcode_data['elevation_units'], ['metric', 'imperial'])) { - $out .= ' waymark_config.viewer_options.elevation_units = "' . $elevation_units . '";' . "\n"; + $out .= ' waymark_config.viewer_options.elevation_units = "' . esc_js($shortcode_data['elevation_units']) . '";' . "\n"; } } @@ -361,7 +355,7 @@ function handle_shortcode($shortcode_data, $content = null) { // Shortcode option set? if (array_key_exists('show_cluster', $shortcode_data) && in_array($shortcode_data['show_cluster'], ['1', '0'])) { - $out .= ' waymark_config.viewer_options.show_cluster = ' . $shortcode_data['show_cluster'] . ';' . "\n"; + $out .= ' waymark_config.viewer_options.show_cluster = ' . esc_js($shortcode_data['show_cluster']) . ';' . "\n"; } // === Initially Show / Hide === @@ -385,17 +379,17 @@ function handle_shortcode($shortcode_data, $content = null) { $overlay_type_explode = explode(',', $shortcode_data[$show_hide_type]); foreach ($overlay_type_explode as $overlay_type) { - $out .= ' for(i in waymark_config.map_options.' . $overlay_kind . '_types) {' . "\n"; + $out .= ' for(i in waymark_config.map_options.' . esc_js($overlay_kind) . '_types) {' . "\n"; - $out .= ' var this_key = waymark_viewer.make_key(waymark_config.map_options.' . $overlay_kind . '_types[i]["' . $overlay_kind . '_title"]);' . "\n"; + $out .= ' var this_key = waymark_viewer.make_key(waymark_config.map_options.' . esc_js($overlay_kind) . '_types[i]["' . esc_js($overlay_kind) . '_title"]);' . "\n"; - $out .= ' if("' . $overlay_type . '" == "*" || this_key == "' . $overlay_type . '") {' . "\n"; + $out .= ' if("' . esc_js($overlay_type) . '" == "*" || this_key == "' . esc_js($overlay_type) . '") {' . "\n"; if (Waymark_Helper::is_debug()) { $debug_output .= ucwords($overlay_kind) . ' ' . ucwords($show_hide_explode[0]) . ' (' . $overlay_type . ') '; } - $out .= ' waymark_config.map_options.' . $overlay_kind . '_types[i]["' . $overlay_kind . '_display"] = ' . $overlay_display . ';' . "\n"; + $out .= ' waymark_config.map_options.' . esc_js($overlay_kind) . '_types[i]["' . esc_js($overlay_kind) . '_display"] = ' . esc_js($overlay_display) . ';' . "\n"; $out .= ' }' . "\n"; $out .= ' }' . "\n"; } @@ -409,11 +403,11 @@ function handle_shortcode($shortcode_data, $content = null) { $out .= ' waymark_viewer.init(waymark_config);' . "\n"; if (Waymark_Helper::is_debug()) { - $out .= ' waymark_viewer.debug("Shortcode #' . $shortcode_hash . ' Initialised");' . "\n"; + $out .= ' waymark_viewer.debug("Shortcode #' . esc_js($shortcode_hash) . ' Initialised");' . "\n"; $out .= ' waymark_viewer.debug(waymark_config);' . "\n"; if ($debug_output) { - $out .= ' waymark_viewer.debug("' . $debug_output . '");' . "\n"; + $out .= ' waymark_viewer.debug("' . esc_js($debug_output) . '");' . "\n"; } } @@ -432,7 +426,7 @@ function handle_shortcode($shortcode_data, $content = null) { $out .= ' waymark_viewer.load_json(' . $map_output['map_data'] . ');' . "\n"; if (Waymark_Helper::is_debug()) { - $out .= ' waymark_viewer.debug("Shortcode #' . $shortcode_hash . ' Map Loaded");' . "\n"; + $out .= ' waymark_viewer.debug("Shortcode #' . esc_js($shortcode_hash) . ' Map Loaded");' . "\n"; $out .= ' waymark_viewer.debug(' . $map_output['map_data'] . ');' . "\n"; } @@ -451,7 +445,7 @@ function handle_shortcode($shortcode_data, $content = null) { $out .= ' waymark_load_map_data(waymark_viewer, ' . $map_id . ', ' . $reset_view . ');' . "\n"; if (Waymark_Helper::is_debug()) { - $out .= ' waymark_viewer.debug("Shortcode #' . $shortcode_hash . ' Map Loaded via HTTP (' . $i . '/' . sizeof($maps_output) . ')");' . "\n"; + $out .= ' waymark_viewer.debug("Shortcode #' . esc_js($shortcode_hash) . ' Map Loaded via HTTP (' . $i . '/' . sizeof($maps_output) . ')");' . "\n"; $out .= ' waymark_viewer.debug(' . $map_id . ');' . "\n"; } @@ -542,7 +536,7 @@ function handle_shortcode($shortcode_data, $content = null) { $out .= ' waymark_viewer.load_json(marker_geojson);' . "\n"; if (Waymark_Helper::is_debug()) { - $out .= ' waymark_viewer.debug("Shortcode #' . $shortcode_hash . ' Marker Loaded");' . "\n"; + $out .= ' waymark_viewer.debug("Shortcode #' . esc_js($shortcode_hash) . ' Marker Loaded");' . "\n"; $out .= ' waymark_viewer.debug(marker_geojson);' . "\n"; } } @@ -582,7 +576,7 @@ function handle_shortcode($shortcode_data, $content = null) { switch ($file_ext) { case 'gpx': - $out .= ' var file_data = \'' . $file_string . '\';' . "\n"; + $out .= ' var file_data = \'' . wp_kses($file_string, Waymark_Helper::allowable_tags('gpx')) . '\';' . "\n"; $out .= ' var file_data = (new DOMParser()).parseFromString(file_data, "text/xml");' . "\n"; $out .= ' let file_geo_json = toGeoJSON.gpx(file_data) || {};' . "\n"; @@ -607,7 +601,7 @@ function handle_shortcode($shortcode_data, $content = null) { libxml_clear_errors(); - $out .= ' var file_data = \'' . $file_string . '\';' . "\n"; + $out .= ' var file_data = \'' . wp_kses($file_string, Waymark_Helper::allowable_tags('kml')) . '\';' . "\n"; $out .= ' var file_data = (new DOMParser()).parseFromString(file_data, "text/xml");' . "\n"; $out .= ' var file_geo_json = toGeoJSON.kml(file_data);' . "\n"; @@ -615,6 +609,8 @@ function handle_shortcode($shortcode_data, $content = null) { break; default: + // Encode & Decode to ensure valid JSON + $file_string = wp_json_encode(json_decode($file_string)); $out .= ' var file_data = \'' . $file_string . '\';' . "\n"; $out .= ' var file_geo_json = JSON.parse(file_data);' . "\n"; @@ -655,8 +651,8 @@ function handle_shortcode($shortcode_data, $content = null) { break (2); } - $out .= ' // Casting File ' . ucwords($overlay_type) . 's to "' . $castType . '"' . "\n"; - $out .= ' file_geo_json.features.filter(feature => feature.geometry.type == "' . $geomType . '").forEach(feature => { feature.properties.type = "' . $castType . '"; });' . "\n"; + $out .= ' // Casting File ' . ucwords($overlay_type) . 's to "' . esc_js($castType) . '"' . "\n"; + $out .= ' file_geo_json.features.filter(feature => feature.geometry.type == "' . $geomType . '").forEach(feature => { feature.properties.type = "' . esc_js($castType) . '"; });' . "\n"; } // By Feature Type @@ -693,12 +689,12 @@ function handle_shortcode($shortcode_data, $content = null) { // Add Start Marker if ($marker_start) { - $out .= ' fileAddFeatures.features.push({"geometry":{"type":"Point","coordinates":[start[0],start[1]]},"type":"Feature","properties":{"type":"' . $marker_start . '"}});' . "\n"; + $out .= ' fileAddFeatures.features.push({"geometry":{"type":"Point","coordinates":[start[0],start[1]]},"type":"Feature","properties":{"type":"' . esc_js($marker_start) . '"}});' . "\n"; } // Add End Marker if ($marker_end) { - $out .= ' fileAddFeatures.features.push({"geometry":{"type":"Point","coordinates":[end[0],end[1]]},"type":"Feature","properties":{"type":"' . $marker_end . '"}});' . "\n"; + $out .= ' fileAddFeatures.features.push({"geometry":{"type":"Point","coordinates":[end[0],end[1]]},"type":"Feature","properties":{"type":"' . esc_js($marker_end) . '"}});' . "\n"; } $out .= ' });' . "\n"; @@ -707,7 +703,7 @@ function handle_shortcode($shortcode_data, $content = null) { $out .= ' waymark_viewer.load_json(fileAddFeatures);' . "\n"; if (Waymark_Helper::is_debug()) { - $out .= ' waymark_viewer.debug("Shortcode #' . $shortcode_hash . ' File ' . ucwords($overlay_type) . 's Loaded");' . "\n"; + $out .= ' waymark_viewer.debug("Shortcode #' . esc_js($shortcode_hash) . ' File ' . ucwords($overlay_type) . 's Loaded");' . "\n"; $out .= ' waymark_viewer.debug(fileAddFeatures);' . "\n"; } } @@ -720,7 +716,7 @@ function handle_shortcode($shortcode_data, $content = null) { $out .= ' waymark_viewer.load_json(file_geo_json);' . "\n"; if (Waymark_Helper::is_debug()) { - $out .= ' waymark_viewer.debug("Shortcode #' . $shortcode_hash . ' File Loaded");' . "\n"; + $out .= ' waymark_viewer.debug("Shortcode #' . esc_js($shortcode_hash) . ' File Loaded");' . "\n"; $out .= ' waymark_viewer.debug(file_geo_json);' . "\n"; } } @@ -733,12 +729,12 @@ function handle_shortcode($shortcode_data, $content = null) { // ========== START CALLBACK =========== if (array_key_exists('loaded_callback', $shortcode_data)) { - $out .= ' if(typeof ' . $shortcode_data['loaded_callback'] . ' === "function") {' . "\n"; + $out .= ' if(typeof ' . esc_js($shortcode_data['loaded_callback']) . ' === "function") {' . "\n"; if (Waymark_Helper::is_debug()) { - $out .= ' waymark_viewer.debug("Shortcode Callback detected ' . $shortcode_data['loaded_callback'] . '(waymark_instance)");' . "\n"; + $out .= ' waymark_viewer.debug("Shortcode Callback detected ' . esc_js($shortcode_data['loaded_callback']) . '(waymark_instance)");' . "\n"; } - $out .= ' ' . $shortcode_data['loaded_callback'] . '(waymark_viewer);' . "\n"; + $out .= ' ' . esc_js($shortcode_data['loaded_callback']) . '(waymark_viewer);' . "\n"; $out .= ' } else {' . "\n"; $out .= ' waymark_viewer.message("Callback function not found!", "error");' . "\n"; $out .= ' }' . "\n"; @@ -747,7 +743,7 @@ function handle_shortcode($shortcode_data, $content = null) { // =========== END CALLBACK ============ $out .= '});' . "\n"; $out .= '' . "\n"; - $out .= '' . "\n"; + $out .= '' . "\n"; // ============= END JAVASCRIPT ================= diff --git a/inc/Helpers/Waymark_Helper.php b/inc/Helpers/Waymark_Helper.php index a5af0453..928a246b 100644 --- a/inc/Helpers/Waymark_Helper.php +++ b/inc/Helpers/Waymark_Helper.php @@ -1674,4 +1674,59 @@ public static function parameter_allowed_html() { ]; } + public static function allowable_tags($kind = '') { + switch ($kind) { + case 'kml': + return [ + 'kml' => [ + 'xmlns' => true, + ], + 'document' => [], + 'placemark' => [], + 'name' => [], + 'extendeddata' => [], + 'data' => [ + 'name' => true, + ], + 'value' => [], + 'point' => [], + 'coordinates' => [], + 'description' => [], + 'linestring' => [], + 'linearring' => [], + 'polygon' => [], + 'outerboundaryis' => [], + 'innerboundaryis' => [], + 'multigeometry' => [], + ]; + + break; + case 'gpx': + return [ + 'gpx' => [ + 'creator' => true, + 'version' => true, + 'xmlns' => true, + 'xmlns:xsi' => true, + 'xsi:schemaLocation' => true, + ], + 'metadata' => [], + 'name' => [], + 'wpt' => [ + 'lat' => true, + 'lon' => true, + ], + 'desc' => [], + 'trk' => [], + 'trkseg' => [], + 'trkpt' => [ + 'lat' => true, + 'lon' => true, + ], + 'ele' => [], + ]; + + break; + } + } } diff --git a/inc/Waymark_Config.php b/inc/Waymark_Config.php index 6424492b..f23c29fd 100644 --- a/inc/Waymark_Config.php +++ b/inc/Waymark_Config.php @@ -11,7 +11,7 @@ public static function init() { 'plugin_name' => 'Waymark', 'plugin_name_short' => 'Waymark', 'custom_types' => [], - 'plugin_version' => '1.5.0', + 'plugin_version' => '1.5.1', 'nonce_string' => 'Waymark_Nonce', 'site_url' => 'https://www.waymark.dev/', 'directory_url' => 'https://wordpress.org/support/plugin/waymark/', diff --git a/languages/waymark-en_CA.po b/languages/waymark-en_CA.po index 175f0d3b..1a7dd16e 100644 --- a/languages/waymark-en_CA.po +++ b/languages/waymark-en_CA.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-18 00:24:31+00:00\n" "PO-Revision-Date: 2024-01-23 10:12-0800\n" diff --git a/languages/waymark-en_GB.po b/languages/waymark-en_GB.po index de131439..cd376669 100644 --- a/languages/waymark-en_GB.po +++ b/languages/waymark-en_GB.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-18 00:24:31+00:00\n" "PO-Revision-Date: 2024-01-23 08:47-0800\n" diff --git a/languages/waymark-es_ES.po b/languages/waymark-es_ES.po index c5bf0617..50eddeae 100644 --- a/languages/waymark-es_ES.po +++ b/languages/waymark-es_ES.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-18 00:24:31+00:00\n" "PO-Revision-Date: 2024-01-23 10:19-0800\n" diff --git a/languages/waymark-fr_CA.po b/languages/waymark-fr_CA.po index 5747f886..8712b4ab 100644 --- a/languages/waymark-fr_CA.po +++ b/languages/waymark-fr_CA.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-18 00:24:31+00:00\n" "PO-Revision-Date: 2024-01-23 10:17-0800\n" diff --git a/languages/waymark-ja_JP.po b/languages/waymark-ja_JP.po index 509fae89..02cd63b9 100644 --- a/languages/waymark-ja_JP.po +++ b/languages/waymark-ja_JP.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-23 14:32:30+00:00\n" "PO-Revision-Date: 2024-01-23 10:42-0800\n" diff --git a/languages/waymark-sv_SE.po b/languages/waymark-sv_SE.po index ff1c032e..3f1e496d 100644 --- a/languages/waymark-sv_SE.po +++ b/languages/waymark-sv_SE.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-18 00:24:31+00:00\n" "PO-Revision-Date: 2024-01-23 10:18-0800\n" diff --git a/languages/waymark-uk_UA.po b/languages/waymark-uk_UA.po index a10188bc..a45da288 100644 --- a/languages/waymark-uk_UA.po +++ b/languages/waymark-uk_UA.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-18 00:24:31+00:00\n" "PO-Revision-Date: 2024-01-23 10:18-0800\n" diff --git a/languages/waymark-zh_CN.po b/languages/waymark-zh_CN.po index 75ec5202..513be213 100644 --- a/languages/waymark-zh_CN.po +++ b/languages/waymark-zh_CN.po @@ -2,7 +2,7 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" "POT-Creation-Date: 2024-01-23 14:32:30+00:00\n" "PO-Revision-Date: 2024-01-23 10:25-0800\n" diff --git a/languages/waymark.pot b/languages/waymark.pot index 8c661d50..b65a9f43 100644 --- a/languages/waymark.pot +++ b/languages/waymark.pot @@ -2,9 +2,9 @@ # This file is distributed under the GPLv2. msgid "" msgstr "" -"Project-Id-Version: Waymark 1.5.0\n" +"Project-Id-Version: Waymark 1.5.1\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/waymark\n" -"POT-Creation-Date: 2025-01-27 21:06:25+00:00\n" +"POT-Creation-Date: 2025-02-02 23:36:51+00:00\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" @@ -49,20 +49,20 @@ msgstr "" msgid "HTML" msgstr "" -#: inc/Admin/Waymark_Menu.php:20 inc/Admin/Waymark_Menu.php:68 +#: inc/Admin/Waymark_Menu.php:20 inc/Admin/Waymark_Menu.php:69 #: inc/Admin/Waymark_Settings.php:26 inc/Waymark_Admin.php:184 #: inc/Waymark_Install.php:61 inc/Waymark_Types.php:13 inc/Waymark_Types.php:15 #. translators: %s: URL to the Waymark documentation msgid "Maps" msgstr "" -#: inc/Admin/Waymark_Menu.php:21 inc/Admin/Waymark_Menu.php:62 +#: inc/Admin/Waymark_Menu.php:21 inc/Admin/Waymark_Menu.php:63 #: inc/Waymark_Admin.php:210 inc/Waymark_Types.php:23 #. translators: Creating a new map msgid "New Map" msgstr "" -#: inc/Admin/Waymark_Menu.php:24 inc/Admin/Waymark_Menu.php:70 +#: inc/Admin/Waymark_Menu.php:24 inc/Admin/Waymark_Menu.php:71 #: inc/Waymark_Admin.php:176 inc/Waymark_Taxonomies.php:15 #. translators: Collection is a group of maps msgid "Collections" @@ -80,20 +80,20 @@ msgstr "" msgid "Settings" msgstr "" -#: inc/Admin/Waymark_Meta.php:11 +#: inc/Admin/Waymark_Meta.php:9 msgid "Map Editor" msgstr "" -#: inc/Admin/Waymark_Meta.php:14 inc/Waymark_Admin.php:123 +#: inc/Admin/Waymark_Meta.php:12 inc/Waymark_Admin.php:123 msgid "Shortcode" msgstr "" -#: inc/Admin/Waymark_Meta.php:15 inc/Helpers/Waymark_Helper.php:198 +#: inc/Admin/Waymark_Meta.php:13 inc/Helpers/Waymark_Helper.php:198 #: inc/Helpers/Waymark_Helper.php:227 msgid "Export" msgstr "" -#: inc/Admin/Waymark_Meta.php:16 +#: inc/Admin/Waymark_Meta.php:14 msgid "Help" msgstr "" @@ -101,17 +101,17 @@ msgstr "" msgid "Download the Overlays added to this Map in the selected format." msgstr "" -#: inc/Admin/Waymark_Meta.php:115 +#: inc/Admin/Waymark_Meta.php:114 msgid "" "Add this Map to your content with this Shortcode. Click here for more " "details." msgstr "" -#: inc/Admin/Waymark_Meta.php:124 +#: inc/Admin/Waymark_Meta.php:122 msgid "Image Location Detection Not Supported!" msgstr "" -#: inc/Admin/Waymark_Meta.php:127 +#: inc/Admin/Waymark_Meta.php:125 #. translators: %s: Link to PHP EXIF Extension documentation msgid "" "Your hosting environment does not currently have the PHP " @@ -119,24 +119,24 @@ msgid "" "metadata. Try asking your host to enable it." msgstr "" -#: inc/Admin/Waymark_Meta.php:130 inc/Admin/Waymark_Settings.php:881 +#: inc/Admin/Waymark_Meta.php:128 inc/Admin/Waymark_Settings.php:881 #: inc/Admin/Waymark_Settings.php:950 #. translators: The option for reading from a file msgid "Read from File" msgstr "" -#: inc/Admin/Waymark_Meta.php:131 +#: inc/Admin/Waymark_Meta.php:129 msgid "" "You can read Lines and Markers from GPX, KML and GeoJSON files (most " "mapping apps will be able to export to one of these)." msgstr "" -#: inc/Admin/Waymark_Meta.php:133 inc/Admin/Waymark_Settings.php:144 +#: inc/Admin/Waymark_Meta.php:131 inc/Admin/Waymark_Settings.php:144 #: inc/Admin/Waymark_Settings.php:318 inc/Admin/Waymark_Settings.php:436 msgid "Types" msgstr "" -#: inc/Admin/Waymark_Meta.php:136 +#: inc/Admin/Waymark_Meta.php:134 #. translators: %s: Link to Waymark Settings msgid "" "Types allow you to control how Overlays (Markers, Lines and Shapes) are " @@ -144,7 +144,7 @@ msgid "" "target=\"_blank\">Waymark > Settings." msgstr "" -#: inc/Admin/Waymark_Meta.php:138 inc/Admin/Waymark_Settings.php:74 +#: inc/Admin/Waymark_Meta.php:136 inc/Admin/Waymark_Settings.php:74 #: inc/Admin/Waymark_Settings.php:82 inc/Admin/Waymark_Settings.php:89 #: inc/Admin/Waymark_Settings.php:101 inc/Admin/Waymark_Settings.php:116 #. translators: The title of the field for the name of the Basemap @@ -155,7 +155,7 @@ msgstr "" msgid "Basemap" msgstr "" -#: inc/Admin/Waymark_Meta.php:141 +#: inc/Admin/Waymark_Meta.php:139 #. translators: %s: Link to Waymark Settings msgid "" "Add and edit Basemaps in Waymark > " @@ -163,11 +163,11 @@ msgid "" "specified in the shortcode like this: %2$s" msgstr "" -#: inc/Admin/Waymark_Meta.php:143 +#: inc/Admin/Waymark_Meta.php:141 msgid "Read the Docs" msgstr "" -#: inc/Admin/Waymark_Meta.php:168 +#: inc/Admin/Waymark_Meta.php:165 #. translators: %s: Link to Waymark Settings msgid "You can manage Meta fields in Settings." msgstr "" @@ -229,7 +229,7 @@ msgid "Overlays" msgstr "" #: inc/Admin/Waymark_Settings.php:35 inc/Admin/Waymark_Settings.php:138 -#: inc/Helpers/Waymark_Helper.php:1373 inc/Helpers/Waymark_Lang.php:41 +#: inc/Helpers/Waymark_Helper.php:1375 inc/Helpers/Waymark_Lang.php:41 #. translators: The name of the tab for customising Markers msgid "Markers" msgstr "" @@ -633,7 +633,7 @@ msgstr "" #: inc/Admin/Waymark_Settings.php:558 inc/Admin/Waymark_Settings.php:676 #: inc/Admin/Waymark_Settings.php:742 inc/Admin/Waymark_Settings.php:883 #: inc/Admin/Waymark_Settings.php:952 inc/Admin/Waymark_Settings.php:1525 -#: inc/Front/Waymark_Submission.php:224 inc/Helpers/Waymark_Lang.php:31 +#: inc/Front/Waymark_Submission.php:222 inc/Helpers/Waymark_Lang.php:31 #. translators: The option for a title input #. translators: The option to enable the title msgid "Title" @@ -953,9 +953,7 @@ msgstr "" #: inc/Admin/Waymark_Settings.php:922 #. translators: The description of the section for configuring submissions from #. guests -msgid "" -"This will allow Submissions from any visitor, without " -"registration." +msgid "This will allow Submissions from any visitor, without registration." msgstr "" #: inc/Admin/Waymark_Settings.php:932 @@ -1554,48 +1552,44 @@ msgstr "" msgid "Settings Updated" msgstr "" -#: inc/Admin/Waymark_Settings.php:1815 -msgid "Action Complete" -msgstr "" - -#: inc/Front/Waymark_Shortcode.php:229 +#: inc/Front/Waymark_Shortcode.php:223 msgid "Details" msgstr "" -#: inc/Front/Waymark_Shortcode.php:245 +#: inc/Front/Waymark_Shortcode.php:239 msgid "More Details" msgstr "" -#: inc/Front/Waymark_Submission.php:172 +#: inc/Front/Waymark_Submission.php:168 msgid "There was an error with your submission." msgstr "" -#: inc/Front/Waymark_Submission.php:180 +#: inc/Front/Waymark_Submission.php:176 msgid "Your submission has been received and is awaiting moderation." msgstr "" -#: inc/Front/Waymark_Submission.php:190 +#: inc/Front/Waymark_Submission.php:186 #. translators: %s: link to the published map msgid "Your submission has been published." msgstr "" -#: inc/Front/Waymark_Submission.php:192 +#: inc/Front/Waymark_Submission.php:188 msgid "Your submission has been published." msgstr "" -#: inc/Front/Waymark_Submission.php:235 +#: inc/Front/Waymark_Submission.php:233 msgid "Submit" msgstr "" -#: inc/Front/Waymark_Submission.php:255 +#: inc/Front/Waymark_Submission.php:252 msgid "Your Map was empty." msgstr "" -#: inc/Front/Waymark_Submission.php:264 +#: inc/Front/Waymark_Submission.php:261 msgid "Your Map did not contain valid features." msgstr "" -#: inc/Front/Waymark_Submission.php:271 +#: inc/Front/Waymark_Submission.php:268 msgid "Submission" msgstr "" @@ -1647,12 +1641,12 @@ msgid "" "selected format." msgstr "" -#: inc/Helpers/Waymark_Helper.php:493 inc/Waymark_Types.php:10 +#: inc/Helpers/Waymark_Helper.php:495 inc/Waymark_Types.php:10 #: inc/Waymark_Types.php:14 inc/Waymark_Types.php:16 msgid "Map" msgstr "" -#: inc/Helpers/Waymark_Helper.php:669 inc/Helpers/Waymark_Helper.php:694 +#: inc/Helpers/Waymark_Helper.php:671 inc/Helpers/Waymark_Helper.php:696 msgid "Download" msgstr "" diff --git a/package.json b/package.json index e81109c6..22337ecb 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "Waymark", - "version": "1.5.0", + "version": "1.5.1", "description": "Waymark for WordPress", "author": "Joe Hawes", "main": "Gruntfile.js", diff --git a/readme.md b/readme.md index 6fe08aaf..bf2170c4 100644 --- a/readme.md +++ b/readme.md @@ -4,7 +4,7 @@ **Requires at least:** 4.6 **Tested up to:** 6.7 **Requires PHP:** 5.2 -**Stable tag:** 1.5.0 +**Stable tag:** 1.5.1 **License:** GPLv2 or later **License URI:** http://www.gnu.org/licenses/gpl-2.0.html @@ -191,6 +191,10 @@ Built on the shoulders of giants, [thank you](https://www.waymark.dev/docs/thank ## Changelog ## +### 1.5.1 ### + +- Improved escaping of Shortcode attributes. + ### 1.5.0 ### - **Security update** This is a big update which includes a number of security fixes, many highlighted by the [Plugin Check](https://wordpress.org/plugins/plugin-check/) plugin. diff --git a/readme.txt b/readme.txt index ad31cf03..11dc562c 100644 --- a/readme.txt +++ b/readme.txt @@ -4,7 +4,7 @@ Tags: GIS, Map maker, GPX, Track, Elevation Requires at least: 4.6 Tested up to: 6.7 Requires PHP: 5.2 -Stable tag: 1.5.0 +Stable tag: 1.5.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -173,6 +173,10 @@ Built on the shoulders of giants, [thank you](https://www.waymark.dev/docs/thank == Changelog == += 1.5.1 = + +- Improved escaping of Shortcode attributes. + = 1.5.0 = - **Security update** This is a big update which includes a number of security fixes, many highlighted by the [Plugin Check](https://wordpress.org/plugins/plugin-check/) plugin.