Alexander Guskov

Dear Dhanush,

thank you very much for your helpful, co-operation and understanding that my advice makes your plugin even better!
I appreciate your team’s wish to find a solution but I’m afraid, that wp_kses is not a one because it calls wp_kses_normalize_entities that convert & to & destroying html special symbols codes (like ← or ← and so on).

On other hand your focus on security is great and fully appreciable but I suppose you don’t need to case about escaping the $context because it DOSN’T come from user input !!!
$context comes from Quiz settings that admin do and there is no way for $context to be injected by unwanted data.

Another point, please don’t forget to add $content = do_shortcode( $content );

Dear Dhanush,

I mean, that I’d be happy if the end of function qsm_quiz_link_shortcode (file shortcodes.php) was:

// Craft the target attribute if one is passed to shortcode
$content = do_shortcode( $content );
if ( ! empty( $target ) ) {

return "<a href='" . esc_url( $permalink ) . "' target='" . esc_attr( $target ) . "' class='" . esc_attr( $class ) . "'>" . $content . '</a>';
} else {

return "<a href='" . esc_url( $permalink ) . "' class='" . esc_attr( $class ) . "'>" . $content . '</a>';

}
}

Dear Dhanush,
many thanks for your wish to help.

For 8 years I’m doing this (in file class-qmn-quiz-manager.php):

public function display_quiz( $options, $quiz_data, $question_amount, $shortcode_args = array() ) {
…..
// The Loop
if ( $the_query->have_posts() ) {

while ( $the_query->have_posts() ) {

    $the_query->the_post();

    //echo get_the_post_thumbnail( get_the_ID(), 'full' );

}/* Restore original Post Data */

wp_reset_postdata();

}

but I believe that you can remove it more efficiently.

I thought about CSS to fix it, but any CSS remove thumbnails from all posts and thumbnailed-links (see https://forcesail.ru/tests/basic-movements/ under the quiz as an example of thumbnailed-links) and doesn’t acceptable.

• This reply was modified 3 days, 2 hours ago by Alexander Guskov.
• This reply was modified 3 days, 2 hours ago by Alexander Guskov.
• This reply was modified 3 days, 2 hours ago by Alexander Guskov.

Hello Jawad Ahmed,
Many thanks you the update. In version 4.3.5 the issue has fixed!

Dear Dhanush,

This is the code that dynamically, using 2 other plugins creates the text for the button.
So, yes, I have to not only to remove esc_html?but add $content = do_shortcode( $content ); before the final if of the function of your great plugin.

[qsm_link id='%%id%%' class='btn-retake-quiz center']<span style="font-size: 28px;"><b>[switch cond='%%num%%' 1='➀' 2='➁' 3='➂' 4='➃']%%num:?%%[/switch]</b>&nbsp;</span>[switch switch='%%textype%%' calm='Пройдите тест еще раз' angry='Пройдите тест еще раз, только очень серьезно, пожалуйста!']%%text:Еще раз%%[/switch]<span style="font-size: 28px;">&nbsp;<b>?</b></span>[/qsm_link]

Dear Dhanush,

thank you very much for your quick answer.
As I keep correcting the php-code of the plugin you won’t find the trouble on quiz post, but you can check it, for example, here: https://forcesail.ru/tests/basic-movements/
Actually there are more than 20 quizes on the site.

The post/page design is traditionally business of post/page template and always managed by there so, it would be logical don’t break this rule.

Hello Jawad,
I have already done it.
And it seems that it was you how I was exchanging emails with.
Could you replay me on the last email with the link do download the latest release with fix, please.

It’s very confusing to read here from Jawad that the issue is fixed and the same time to read in emails from Jawad that he is surprised with this issue.

I’m really confused. Sorry.

Hello Jawad,
Thank you for your focus of the issue.

I visited your supporting page last week.
Your colleges are very surprised with my request.
They have nothing for me.
More then all, this issue is a new for them. They requested me screenshots and other information from the beginning like I never sent it before that I sent them immediately and I haven’t heard from them since that.

So, I’m confused with the situation.

Dear Edmond,
There are a lot of plugins that I never upgrade before to test them as they usually brings more new errors than fix.
But your plugin stands outside of my unreliable list and in my semi-trusted list although I have been reporting a lot of errors in your plugin. So, I don’t check your plugin every update.

I just have noticed that this problem have been appeared since I did something with the pages where I use your plugin, good number of months ago and as fact it exists now: graduating block covers the expand/collapse block.

I can’t demonstrate you the error because my site is in production and must work properly. So I added those CSS to the site and temporary fixed the plugin issue.

The solution above is not the best. The better one is

.yrm-content-gradient {
top: calc(-100px – 1em);

it comes from gradient shadowing block. I believe you need to recalculate it’s height in JS for every block.

@gpenglase it’s very pity that you are not reader but writes instead. Were you reader the first you would read all detailed proofs and explanation why Action Scheduler is the clear malware:
it has ALL properties of malware and all are detailed above.
Please read before to write.

According the classification Action Scheduler is a graymalware.
https://en.wikipedia.org/wiki/Malware

Other point is that it always good to get know how works what you are writing about. And it’s described above too:
Action Scheduler is not an alternative for CRON and a parasitic superstructure over CRON, that in contrast with CRON can NOT be stoped, paused and it’s IMPOSIBLE to get rid of it.
It comes with some plugins. You never install it buy yourself. So you can’t chose.
Another point is that it’s not a plugin as it is but a malware that comes with a number of plugins. And, ever if you manage to hack it out from one – Action Scheduler malware from another one works for all.

The only thing that this superstructure over CRON does that CRON doesn’t – leaks the performance?of the site. All other can be developed using just CRON.

Thanks @t-p for the wise sentence.

It would be much better if someone shared the solution to fix this common pain until wp team fix this error in one of the next updates.

Hello,
I have found a workaround solution for particular this case, but I suppose that unexpectable behavior (that plugin uses settings from disactivated block of settings) is a common issue.

PS: You will see warrnings when on your website enabled developer mode.

Could you explain me what do you mean?
if you mean WP_DEVELOPMENT_MODE – it’s NOT enabled. The site works on wp.6.5.3

Is there something else?
Please!

• This reply was modified 1 month, 4 weeks ago by Alexander Guskov.

Hi Steve,

Don’t worry. I spent 15 minutes and fixed it in your plugin. Now it works in 400 times faster.

Just never relay on DB optimization (it’s very poor until it’s not an enterprise DB) and never-never on WP_Query optimization (it absents at all).