starapple

Adding replacement link to reach the page I need help with as it has restricted access. New link. You will be redirected to the page.

Hello @dilip2615, I spent the day going around in circles and ended up with the same result. You can look at the JavaScript in the console and see if I was on the right track.

Hi @dilip2615, thanks for your suggestions. I’ll give them a try in a moment and report.

I have moved on to creating a form block and will create a new post with questions about the work so far.

@iu34 thanks for your reply. I seem to be missing something. The original snippet I posted has this"const MyFormFileUpload” that wraps around the FormFileUpload tag. What is the constant’s role in the script? Is it needed in the example you gave?

Do I insert your code in the opening FormFieldUpload tag?

This is what I have tried but get a WordPress error:

import { registerBlockType } from '@wordpress/blocks';
import { FormFileUpload } from '@wordpress/components';
registerBlockType('custom/file-upload', {
<FormFileUpload accept="image/*"
title: 'file Upload',
icon: 'upload',
category: 'common',
edit: () => (
console.log(event.currentTarget.files)} > Upload
),
save: () => null, // Save function returns null for dynamic blocks
</FormFileUpload>
});

Thanks.

You want others to do your job? You tell your developers. I am a WordPress user of the plugin and a security scanning plugin reported a security flaw. I am not interested in the inner functions or code. There is an enduser problem and when an enduser reports an issue, support connects with the developers.

@acfsupport, thanks for your response. I got it figured out with the help of one of your colleagues with the following snippet based on my previous post:

if(is_array( $field['value'])):
      // Convert array to comma-separated values
      $csvString = implode(',', $field['value']);
      // Output the result
      ?>
          <p><?php echo $field['label']; ?> <?php echo $csvString; ?></p>
      <?php
  elseif(is_string($field['value'])):
      ?>
      <p><?php echo $field['label']; ?> <?php echo $field['value']; ?></p>
      <?php
  endif;

I did not need the conditional checks of fields as suggested in the block of code from your colleague and it was quite acceptable for the $field[‘value’] variable to be used on the right hand side instead of $array.

Thanks @wplakeorg. I installed the extension and activated Advanced Views without incident. Other plugins using curl, such as WooCommerce, had been functioning without trouble so I’d not have thought to enable the php extension.

@wplakeorg I got around to attempting to activate the plugin and checking the error log. Here’s the message:

Fatal error: Uncaught Error: Call to undefined function org\wplake\acf_views\curl_init() in /path/to/wp-content/plugins/acf-views/src/ActiveInstallations.php:51

Hope this helps.

There is such a function, get_field_objects(), and if you search long and hard enough, you will find it here: https://www.advancedcustomfields.com/resources/get_field_objects/

Apologies to ACF. I found it on the ACF site while reading a post by someone who, like me, felt this feature didn’t exist so he wrote a function to accomplish the end.

Much of the problem with using a lot of opensource software is the haphazard documentation. That, an often end-users aren’t considered sufficiently in writing these docs or features added on request don’t get into the document flow.

Thanks for your response @wplakeorg. I don’t have a debug log. I’ll just use a grid in the block editor.

• This reply was modified 11 months, 1 week ago by starapple.

Thanks @sterndata. I refer to what’s happening as an attack because either the same ip or another is “rattling [my] doorknob” hundreds of times an hour. I moved from shared to VPS hosting so I will do what you suggested, ie, make sure that extension isn’t enabled by default.

The visitors from Russia seem to try executing various files or searching for their presence. The China visitors target specific image files and I am amazed they know of their presence (some more than 10 years-old) since the /uploads/ directory isn’t supposed to be scanable.

• This reply was modified 11 months, 1 week ago by starapple.

I’ve read all those canned responses a dozen times. It seems those with malicious intent know WordPress so well, they get around all the posted infirmation. I had WordFence and other apps running when they wandered in last September.

There has to be some way to block all non-Wordpress php and javascript files.

Then there are all these plugins cluttering the admin screen with commercial messages and sending data back to the devs.

• This reply was modified 11 months, 1 week ago by starapple.

Oh, I see it’s all in the very long shortcode. ??

@kushnamdev, thanks for your reply that horrifies me that WordPress allows the installation of plugins without express approval. This opens the door for all sorts of malicious activities.

I have already disabled Optimole and will now completely remove it from my site. I will also remove whatever else might have installed it–if I can identify the culprit plugin. I hope it wasn’t Jetpack.