Aaron Kittredge
Forum Replies Created
-
I had the same problem today and rolling back to the previous version got things up and running again for me.
Forum: Plugins
In reply to: [Add Custom Body Class] Will there be a Security Patch?In case this helps, I tried making the following changes to the code:
In the save_custom_body_class_post_meta_boxes function, I added the $post_id parameter and sanitized the input using sanitize_text_field to prevent XSS.
In the add_custom_body_class_box function, I used esc_attr to escape the value when displaying it in the input field.
In the add_custom_field_body_class function, I used esc_attr to escape the custom body class before adding it to the classes array.
I think these changes should help prevent the stored XSS vulnerability in the plugin, but I’m not 100% sure:<?php /** * Plugin Name: Add Custom Body Class * Author: Anil Ankola * Version: 1.4.1 * Description: Use this plugin to add a custom class in the HTML body tag. * Text Domain: add-custom-body-class */ if (!defined('ABSPATH')) exit; // Prevent Direct Browsing // Add Custom meta box function add_custom_body_class_post_meta_boxes() { $screens = get_post_types(); foreach ($screens as $screen) { add_meta_box('add_custom_body_class_box', 'Add Custom Body Class', 'add_custom_body_class_box', $screen, 'side', 'default'); } } add_action("admin_init", "add_custom_body_class_post_meta_boxes"); function save_custom_body_class_post_meta_boxes($post_id) { if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return; } if (get_post_status($post_id) === 'auto-draft') { return; } // Sanitize the input $custom_body_class = sanitize_text_field($_POST["add_custom_body_class"]); update_post_meta($post_id, "add_custom_body_class", $custom_body_class); } add_action('save_post', 'save_custom_body_class_post_meta_boxes'); function add_custom_body_class_box($post) { $get_class_value = get_post_custom($post->ID); // Initialize the value with an empty string $add_custom_body_class = ''; if (isset($get_class_value['add_custom_body_class'][0])) { $add_custom_body_class = $get_class_value['add_custom_body_class'][0]; } ?> <input type="text" id="add_custom_body_class" name="add_custom_body_class" value="<?php echo esc_attr($add_custom_body_class); ?>"> <?php } // Display body class function add_filter('body_class', 'add_custom_field_body_class'); function add_custom_field_body_class($classes) { if (function_exists('is_shop') && is_shop()) { $post_id = get_option('woocommerce_shop_page_id'); } elseif (is_home()) { $post_id = get_option('page_for_posts'); } else { $post_id = get_the_ID(); } // Get the custom body class and escape it $show_body_class = get_post_meta($post_id, 'add_custom_body_class', true); if ($show_body_class) { $classes[] = esc_attr($show_body_class); } // Return the $classes array return $classes; }Forum: Plugins
In reply to: [Translate Wordpress with GTranslate] Popup (beta) width on mobileThis bit of css got the module window to fit better on portrait mobile screen:
@media (max-width: 980px) { #gt_lightbox.gt_white_content .gt_languages {column-count:3;} #gt_lightbox.gt_white_content {left: 0;width: 100%;margin: -187.5px 0 0 0;} }I uninstalled and reinstalled and I’m up and working again. Thanks!
Forum: Reviews
In reply to: [Gutenberg] Not perfect, but constantly getting betterIt seems to me that most commenters on here understand the long term benefits, but that is the problem, it’s not going to fulfill that grand vision until a long time from now when its tried and true, finished and polished.
That’s like forcing everyone to get autonomous electric vehicles right now when they’re not really going to be ready and polished for wide-spread use for another 10 years (long term).
Don’t implement the short term disjointed prototype based on what it will be in the long term.
Exact same issue here with no option available to correct the issue.
Apparently something I’ve done or not done has resolved itself and orders now seem to be processing correctly. I’m, again, at a total loss as to why this is now working. Problem resolved for now, I guess.
Forum: Plugins
In reply to: Prayer signup and post to calendar, email reminders to userI ended buying and using plugin called Bookly (https://codecanyon.net/item/bookly-book-appointments-book-services-book-anything-easy-and-fast-booking-for-your-clients/7226091). I had to tweak and adapt and edit it, but I got it to do and function to meet the needs of this client. You can see it in action on the dev site I’m working on here:
Forum: Plugins
In reply to: [Intuitive Custom Post Order] 3.0.3 has broken somethingver.3.0.4 is working for me now, thanks!
Forum: Plugins
In reply to: [Intuitive Custom Post Order] 3.0.3 has broken somethingDitto, when can we expect an update with fix?
Forum: Hacks
In reply to: Custom featured image size on first post onlyThanks for reworking this snippet. I still wasn’t able to get it working, which probably had something to do with the StudioPress theme I was using. I posted over at StudioPress support forum and got a different function to put in my functions.php file that did the trick, but it only works for Genesis themes. For anyone else looking for the solution, you can find it over at https://wpsites.net/web-design/customize-the-first-featured-image-in-the-home-page-loop/