diff --git a/ACF_City_Selector.php b/ACF_City_Selector.php index 136de20..f2187bb 100755 --- a/ACF_City_Selector.php +++ b/ACF_City_Selector.php @@ -3,7 +3,7 @@ Plugin Name: ACF City Selector Plugin URI: https://acf-city-selector.com Description: An extension for ACF which allows you to select a city based on country and province/state. - Version: 1.15.0 + Version: 1.15.1 Tested up to: 6.6.1 Requires PHP: 7.0 Author: Beee @@ -38,7 +38,7 @@ public function __construct() { $this->settings = [ 'db_version' => '1.0', 'url' => plugin_dir_url( __FILE__ ), - 'version' => '1.15.0', + 'version' => '1.15.1', ]; if ( ! class_exists( 'ACFCS_WEBSITE_URL' ) ) { @@ -155,7 +155,9 @@ public function acfcs_check_table() { public static function acfcs_check_uploads_folder() { $target_folder = acfcs_upload_folder( '/' ); if ( ! file_exists( $target_folder ) ) { - mkdir( $target_folder, 0755 ); + WP_Filesystem(); + global $wp_filesystem; + $wp_filesystem->mkdir( $target_folder, 0755 ); } } @@ -334,6 +336,7 @@ public function acfcs_change_plugin_order() { $active_plugins = get_option( 'active_plugins' ); $acfcs_key = array_search( 'acf-city-selector/ACF_City_Selector.php', $active_plugins ); $acf_key = array_search( 'advanced-custom-fields-pro/acf.php', $active_plugins ); + if ( false !== $acf_key && false !== $acfcs_key ) { if ( $acfcs_key < $acf_key ) { $this->acfcs_move_array_element( $active_plugins, $acfcs_key, $acf_key ); diff --git a/README.md b/README.md index fd250d5..41828a4 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Welcome to the City Selector plugin, which is an extension for [Advanced Custom ### Version -1.15.0 - 25.10.24 +1.15.1 - 26.10.24 ### Description @@ -228,6 +228,10 @@ I got the idea for this plugin through [Fabrizio Sabato](https://github.com/fab0 ### Changelog +1.15.1 +* use wp_filesystem for csv files +* sanitize/escape more + 1.15.0 * set menu slug for (hidden) admin pages to prevent empty admin page title * fix vulnerability in file upload diff --git a/admin/acf-city-selector-v4.php b/admin/acf-city-selector-v4.php index d7fa6ac..69fb659 100755 --- a/admin/acf-city-selector-v4.php +++ b/admin/acf-city-selector-v4.php @@ -307,7 +307,7 @@ function load_value( $value, $post_id, $field ) { if ( strlen( $country_code ) == 2 && false != $state_code ) { global $wpdb; $table = $wpdb->prefix . 'cities'; - $row = $wpdb->get_row( $wpdb->prepare( "SELECT country, state_name FROM $table WHERE country_code= %s AND state_code= %s", $country_code, $state_code ) ); + $row = $wpdb->get_row( $wpdb->prepare( "SELECT country, state_name FROM %i WHERE country_code= %s AND state_code= %s", $table, $country_code, $state_code ) ); $value[ 'stateCode' ] = $state_code; $value[ 'stateName' ] = ( isset( $row->state_name ) ) ? $row->state_name : false; $value[ 'countryName' ] = ( isset( $row->country ) ) ? $row->country : false; diff --git a/admin/acf-city-selector-v5.php b/admin/acf-city-selector-v5.php index 64313c9..808e7e9 100755 --- a/admin/acf-city-selector-v5.php +++ b/admin/acf-city-selector-v5.php @@ -246,7 +246,7 @@ function load_value( $value, $post_id, $field ) { if ( strlen( $country_code ) == 2 && false != $state_code ) { global $wpdb; $table = $wpdb->prefix . 'cities'; - $row = $wpdb->get_row( $wpdb->prepare( "SELECT country, state_name FROM $table WHERE country_code = '%s' AND state_code = '%s'", $country_code, $state_code ) ); + $row = $wpdb->get_row( $wpdb->prepare( "SELECT country, state_name FROM %i WHERE country_code = %s AND state_code = %s", $table, $country_code, $state_code ) ); $value[ 'stateCode' ] = $state_code; $value[ 'stateName' ] = ( isset( $row->state_name ) ) ? $row->state_name : false; $value[ 'countryName' ] = ( isset( $row->country ) ) ? $row->country : false; diff --git a/admin/acfcs-countries.php b/admin/acfcs-countries.php index 66fc20f..c647ab5 100755 --- a/admin/acfcs-countries.php +++ b/admin/acfcs-countries.php @@ -21,9 +21,10 @@ function acfcs_country_page() { if ( is_array( $country_files ) ) { foreach( $country_files as $single_file ) { $single_file = (array) $single_file; - $single_file[ 'country_name' ] = esc_attr__( $single_file[ 'country_name' ], 'acf-city-selector' ); + $single_file[ 'country_name' ] = acfcs_get_country_name( strtolower( $single_file[ 'country_code' ] ) ); $single_files[] = $single_file; } + if ( ! empty( $single_files ) ) { $country_name = array_column( $single_files, 'country_name' ); array_multisort( $country_name, SORT_ASC, $single_files ); @@ -32,7 +33,7 @@ function acfcs_country_page() { if ( is_array( $country_packs ) ) { foreach( $country_packs as $country_package ) { $country_package = (array) $country_package; - $country_package[ 'country_name' ] = esc_attr__( $country_package[ 'country_name' ], 'acf-city-selector' ); + $country_package[ 'country_name' ] = acfcs_get_country_name( strtolower( $country_package[ 'package_code' ] ) ); $country_packages[] = $country_package; } } @@ -80,9 +81,9 @@ function acfcs_country_page() { ?> ', esc_url_raw( $flag_folder . $package[ 'country_code' ] . '.png' ) ); ?> - %s', esc_html($package[ 'country_name' ] ) ); ?> + %s', esc_html( acfcs_get_country_name( strtolower( $package[ 'country_code' ] ) ) ) ); ?> %s', esc_html(( ! empty( $package[ 'number_states' ] ) ) ? $package[ 'number_states' ] : 'n/a' ) ); ?> - %s', esc_html($package[ 'number_cities' ] ) ); ?> + %s', esc_html( $package[ 'number_cities' ] ) ); ?> %s', esc_html(( ! empty( $package[ 'price' ] ) ) ? '€ ' . $package[ 'price' ] . ',00' : esc_html__( 'FREE', 'acf-city-selector' ) ) ); ?> @@ -105,7 +106,7 @@ function acfcs_country_page() { - %s', esc_html__( $package[ 'country_name' ], 'acf-city-selector' ) ); ?> + %s', esc_html( $package[ 'country_name' ] ) ); ?> - %s

', sprintf( esc_attr( "More countries will be added soon. Feel free to %s a country, if it's not available (yet).", 'acf-city-selector' ), sprintf( '%s', esc_url( 'https://github.com/Beee4life/acf-city-selector/issues' ), esc_attr__( 'request', 'acf-city-selector' ) ) ) ); ?> + %s

', sprintf( esc_html__( "More countries will be added soon. Feel free to %s a country, if it's not available (yet).", 'acf-city-selector' ), sprintf( '%s', esc_url( 'https://github.com/Beee4life/acf-city-selector/issues' ), esc_attr__( 'request', 'acf-city-selector' ) ) ) ); ?> %s

', esc_url( ACFCS_WEBSITE_URL . '/get-countries/' ), esc_html__( 'Get your country now', 'acf-city-selector' ) ); ?> diff --git a/admin/acfcs-info.php b/admin/acfcs-info.php index 392356f..0eb170b 100755 --- a/admin/acfcs-info.php +++ b/admin/acfcs-info.php @@ -9,7 +9,9 @@ function acfcs_info_page() { } ACF_City_Selector::acfcs_show_admin_notices(); - + + WP_Filesystem(); + global $wp_filesystem; $countries = acfcs_get_countries_info(); $prepare_json = array(); ?> @@ -67,7 +69,7 @@ function acfcs_info_page() { - + @@ -77,22 +79,22 @@ function acfcs_info_page() { - + - + - + - + @@ -218,7 +220,7 @@ function acfcs_info_page() { - + put_contents( $file_name, '' ); // create empty file ?>
%s', esc_html__( 'Download JSON', 'acf-city-selector' ) ); ?> @@ -231,9 +233,9 @@ function acfcs_info_page() {

- + put_contents( $file_name, $serialized_json ); // write to file ?>

- + ()

diff --git a/admin/acfcs-preview.php b/admin/acfcs-preview.php index 7d2555e..3976bad 100755 --- a/admin/acfcs-preview.php +++ b/admin/acfcs-preview.php @@ -18,10 +18,10 @@ function acfcs_preview_page() { do_action( 'acfcs_admin_menu' ); $file_index = acfcs_check_if_files(); - $file_name = ( isset( $_POST[ 'acfcs_file_name' ] ) ) ? wp_unslash( $_POST[ 'acfcs_file_name' ] ) : false; + $file_name = ( isset( $_POST[ 'acfcs_file_name' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_file_name' ] ) ) : false; $max_lines = ( isset( $_POST[ 'acfcs_max_lines' ] ) ) ? (int) $_POST[ 'acfcs_max_lines' ] : false; $max_lines_value = ( false != $max_lines ) ? $max_lines : 100; - $delimiter = ( isset( $_POST[ 'acfcs_delimiter' ] ) ) ? wp_unslash( $_POST[ 'acfcs_delimiter' ] ) : apply_filters( 'acfcs_delimiter', ';' ); + $delimiter = ( isset( $_POST[ 'acfcs_delimiter' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_delimiter' ] ) ) : apply_filters( 'acfcs_delimiter', ';' ); // Get imported data if ( $file_name ) { diff --git a/admin/acfcs-search.php b/admin/acfcs-search.php index 4fbce32..e2e793c 100755 --- a/admin/acfcs-search.php +++ b/admin/acfcs-search.php @@ -14,19 +14,19 @@ function acfcs_search() { $cities = array(); $city_array = array(); $countries = array(); - $search_criteria_state = ( isset( $_POST[ 'acfcs_state' ] ) ) ? wp_unslash( $_POST[ 'acfcs_state' ] ) : false; - $search_criteria_country = ( isset( $_POST[ 'acfcs_country' ] ) ) ? wp_unslash( $_POST[ 'acfcs_country' ] ) : false; - $searched_orderby = ( ! empty( $_POST[ 'acfcs_orderby' ] ) ) ? wp_unslash( $_POST[ 'acfcs_orderby' ] ) : false; - $searched_term = ( ! empty( $_POST[ 'acfcs_search' ] ) ) ? wp_unslash( $_POST[ 'acfcs_search' ] ) : false; + $search_criteria_state = ( isset( $_POST[ 'acfcs_state' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_state' ] ) ) : false; + $search_criteria_country = ( isset( $_POST[ 'acfcs_country' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_country' ] ) ) : false; + $searched_orderby = ( ! empty( $_POST[ 'acfcs_orderby' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_orderby' ] ) ) : false; + $searched_term = ( ! empty( $_POST[ 'acfcs_search' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_search' ] ) ) : false; $selected_limit = ( ! empty( $_POST[ 'acfcs_limit' ] ) ) ? (int) $_POST[ 'acfcs_limit' ] : 100; $states = acfcs_get_states_optgroup(); // if there is at least 1 country if ( ! empty( $all_countries ) ) { - foreach ( $all_countries as $country_code => $label ) { + foreach ( $all_countries as $country_code => $country_name ) { $countries[] = [ 'code' => $country_code, - 'name' => esc_attr__( $label, 'acf-city-selector' ), + 'name' => esc_attr( $country_name ), ]; } } @@ -35,7 +35,8 @@ function acfcs_search() { if ( isset( $_POST[ 'acfcs_search_form' ] ) ) { $cities = acfcs_get_searched_cities(); - foreach( $cities as $city_object ) { + foreach( $cities as $key => $city_object ) { + $city_object->country = acfcs_get_country_name( strtolower( $city_object->country_code ) ); $city_array[] = (array) $city_object; } @@ -73,8 +74,8 @@ function acfcs_search() { - @@ -100,7 +101,7 @@ function acfcs_search() { } if ( strpos( $state[ 'state' ], 'optgroup' ) === false ) { $selected = ( $state[ 'state' ] == $search_criteria_state ) ? ' selected="selected"' : false; - echo ''; + echo ''; } if ( 'close_optgroup' == $state[ 'state' ] ) { echo ''; @@ -188,7 +189,7 @@ function acfcs_search() { %s', sprintf( '', sprintf( '', esc_attr( $city[ 'id' ] ), esc_attr( $city[ 'city_name' ] ) ) ) ); ?> %s', esc_attr( $city[ 'city_name' ] ) ); ?> %s', esc_attr( $city[ 'state_name' ] ) ); ?> - %s', esc_attr__( $city[ 'country' ], 'acf-city-selector' ) ); ?> + %s', esc_attr( $city[ 'country' ], 'acf-city-selector' ) ); ?> diff --git a/admin/acfcs-settings.php b/admin/acfcs-settings.php index 84b9373..6f73dba 100755 --- a/admin/acfcs-settings.php +++ b/admin/acfcs-settings.php @@ -47,11 +47,11 @@ function acfcs_settings() { %s

', esc_html__( "Here you can remove a country and all its states and cities from the database.", 'acf-city-selector' ) ); ?> diff --git a/inc/acfcs-actions.php b/inc/acfcs-actions.php index a2690df..212cc02 100755 --- a/inc/acfcs-actions.php +++ b/inc/acfcs-actions.php @@ -96,3 +96,28 @@ function acfcs_admin_menu() { echo '

'; } add_action( 'acfcs_admin_menu', 'acfcs_admin_menu' ); + + + function acfcs_delete_file( $file_name = false ) { + if ( $file_name ) { + if ( file_exists( acfcs_upload_folder( '/' ) . $file_name ) ) { + $wp_upload_dir = wp_upload_dir(); + $local_path = acfcs_upload_folder( '/' ) . $file_name; + $file_url = str_replace( $wp_upload_dir[ 'basedir' ], $wp_upload_dir[ 'baseurl' ], $local_path ); + $attachment_id = attachment_url_to_postid( $file_url ); + + if ( is_int( $attachment_id ) && 0 < $attachment_id ) { + $deleted = wp_delete_attachment( $attachment_id, true ); + if ( $deleted instanceof WP_POST ) { + /* translators: %s file name */ + ACF_City_Selector::acfcs_errors()->add( 'success_file_deleted', sprintf( esc_html__( 'File "%s" successfully deleted.', 'acf-city-selector' ), $file_name ) ); + do_action( 'acfcs_after_success_file_delete' ); + } else { + /* translators: %s file name */ + ACF_City_Selector::acfcs_errors()->add( 'error_file_deleted', sprintf( esc_html__( 'File "%s" is not deleted. Please try again.', 'acf-city-selector' ), $file_name ) ); + } + } + } + } + } + add_action( 'acfcs_delete_file', 'acfcs_delete_file' ); diff --git a/inc/acfcs-ajax.php b/inc/acfcs-ajax.php index f2bf178..6bfe477 100644 --- a/inc/acfcs-ajax.php +++ b/inc/acfcs-ajax.php @@ -16,7 +16,7 @@ function acfcs_get_states_call() { $post_id = ( isset( $_POST[ 'post_id' ] ) ) ? (int) $_POST[ 'post_id' ] : false; if ( is_string( $_POST[ 'country_code' ] ) ) { - $country_code = wp_unslash( $_POST[ 'country_code' ] ); + $country_code = sanitize_text_field( wp_unslash( $_POST[ 'country_code' ] ) ); } if ( false != $post_id ) { @@ -27,7 +27,7 @@ function acfcs_get_states_call() { } if ( ! isset( $field[ 'show_labels' ] ) && isset( $_POST[ 'show_labels' ] ) ) { - $field[ 'show_labels' ] = ( '1' == wp_unslash( $_POST[ 'show_labels' ] ) ) ? true : false; + $field[ 'show_labels' ] = ( '1' == sanitize_text_field( wp_unslash( $_POST[ 'show_labels' ] ) ) ) ? true : false; } if ( isset( $country_code ) ) { @@ -69,7 +69,7 @@ function acfcs_get_cities_call() { $field = false; $items = array(); $post_id = ( isset( $_POST[ 'post_id' ] ) ) ? (int) $_POST[ 'post_id' ] : false; - $posted_state_code = wp_unslash( $_POST[ 'state_code' ] ); + $posted_state_code = sanitize_text_field( wp_unslash( $_POST[ 'state_code' ] ) ); $state_code = false; if ( false != $post_id ) { @@ -80,7 +80,7 @@ function acfcs_get_cities_call() { } if ( ! isset( $field[ 'show_labels' ] ) && isset( $_POST[ 'show_labels' ] ) ) { - $show_labels = wp_unslash( $_POST[ 'show_labels' ] ); + $show_labels = sanitize_text_field( wp_unslash( $_POST[ 'show_labels' ] ) ); if ( '1' == $show_labels ) { $field[ 'show_labels' ] = true; } elseif ( '0' == $show_labels ) { diff --git a/inc/acfcs-functions.php b/inc/acfcs-functions.php index 3d4df8f..ec95baf 100755 --- a/inc/acfcs-functions.php +++ b/inc/acfcs-functions.php @@ -29,14 +29,14 @@ function acfcs_get_countries( $show_first = true, $field = false, $force = false } global $wpdb; - $table = $wpdb->prefix . 'cities'; - $results = $wpdb->get_results( "SELECT * FROM $table GROUP BY country ORDER BY country ASC" ); + $table = $wpdb->prefix . "cities"; + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i GROUP BY country ORDER BY country ASC", $table ) ); if ( ! empty( $results ) ) { $country_results = []; foreach ( $results as $data ) { if ( isset( $data->country_code ) && isset( $data->country ) ) { - $country_results[ esc_attr( $data->country_code ) ] = esc_attr( $data->country ); + $country_results[ esc_attr( $data->country_code ) ] = esc_attr( acfcs_get_country_name( strtolower( $data->country_code ) ) ); } } $countries = array_merge( $countries, $country_results ); @@ -74,9 +74,9 @@ function acfcs_get_states( $country_code = false, $show_first = true, $field = f $state_results = []; if ( 'FR' == $country_code ) { - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s' GROUP BY state_code ORDER BY LENGTH(state_name), state_name", strtoupper( $country_code ) ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s GROUP BY state_code ORDER BY LENGTH(state_name), state_name", $table, strtoupper( $country_code ) ) ); } else { - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s' GROUP BY state_code ORDER BY state_name ASC", strtoupper( $country_code ) ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s GROUP BY state_code ORDER BY state_name ASC", $table, strtoupper( $country_code ) ) ); } foreach ( $results as $data ) { @@ -119,9 +119,9 @@ function acfcs_get_cities( $country_code = false, $state_code = false, $field = if ( 3 < strlen( $state_code ) ) { $state_code = substr( $state_code, 3 ); } - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s' AND state_code = '%s' ORDER BY state_name, city_name ASC", $country_code, $state_code ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s AND state_code = %s ORDER BY state_name, city_name ASC", $table, $country_code, $state_code ) ); } elseif ( $country_code ) { - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s'", $country_code ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s", $table, $country_code ) ); } $city_results = []; @@ -157,17 +157,18 @@ function acfcs_get_cities( $country_code = false, $state_code = false, $field = */ function acfcs_get_country_name( $country_code = false ) { if ( false != $country_code ) { + $country_name = acfcs_country_i18n( strtolower( $country_code ) ); + + if ( is_string( $country_name ) && 2 < strlen( $country_name ) ) { + return $country_name; + } + global $wpdb; $table = $wpdb->prefix . 'cities'; - $country = $wpdb->get_row( $wpdb->prepare( "SELECT country FROM $table WHERE country_code = '%s'", $country_code ) ); + $country = $wpdb->get_row( $wpdb->prepare( "SELECT country FROM %i WHERE country_code = %s", $table, $country_code ) ); if ( isset( $country->country ) ) { return $country->country; - } else { - $country_name = acfcs_country_i18n( $country_code ); - if ( $country_code != $country_name ) { - return $country_name; - } } } @@ -188,9 +189,9 @@ function acfcs_has_cities( $country_code = false ) { $table = $wpdb->prefix . 'cities'; if ( $country_code ) { - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s' LIMIT 1", $country_code ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s LIMIT 1", $table, $country_code ) ); } else { - $results = $wpdb->get_results( "SELECT * FROM $table LIMIT 1" ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i LIMIT 1", $table ) ); } if ( count( $results ) > 0 ) { @@ -306,7 +307,7 @@ function acfcs_csv_to_array( $file_name, $upload_folder = '', $delimiter = ';', if ( $errors->has_errors() ) { // delete file if ( file_exists( acfcs_upload_folder( '/' ) . $file_name ) ) { - unlink( acfcs_upload_folder( '/' ) . $file_name ); + do_action( 'acfcs_delete_file', $file_name ); $csv_array[ 'error' ] = 'file_deleted'; } } @@ -411,11 +412,11 @@ function acfcs_get_countries_info() { global $wpdb; $acfcs_info = []; $table = $wpdb->prefix . 'cities'; - $results = $wpdb->get_results( "SELECT country_code FROM $table GROUP BY country_code ORDER BY country_code ASC" ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT country_code FROM %i GROUP BY country_code ORDER BY country_code ASC", $table ) ); foreach ( $results as $data ) { $country_code = $data->country_code; - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s' ORDER BY country_code ASC", $country_code ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s ORDER BY country_code ASC", $table, $country_code ) ); $acfcs_info[ $country_code ] = [ 'country_code' => $country_code, @@ -651,27 +652,6 @@ function acfcs_import_data( $file_name, $upload_folder = '', $delimiter = ';', $ } } - /** - * Remove an uploaded file - * - * @param false $file_name - */ - function acfcs_delete_file( $file_name = false ) { - if ( false != $file_name ) { - if ( file_exists( acfcs_upload_folder( '/' ) . $file_name ) ) { - $delete_result = unlink( acfcs_upload_folder( '/' ) . $file_name ); - if ( true === $delete_result ) { - /* translators: %s file name */ - ACF_City_Selector::acfcs_errors()->add( 'success_file_deleted', sprintf( esc_html__( 'File "%s" successfully deleted.', 'acf-city-selector' ), $file_name ) ); - do_action( 'acfcs_after_success_file_delete' ); - } else { - /* translators: %s file name */ - ACF_City_Selector::acfcs_errors()->add( 'error_file_deleted', sprintf( esc_html__( 'File "%s" is not deleted. Please try again.', 'acf-city-selector' ), $file_name ) ); - } - } - } - } - /** * Delete one or more countries @@ -706,7 +686,7 @@ function acfcs_delete_country( $countries ) { global $wpdb; $table = $wpdb->prefix . 'cities'; - $result = $wpdb->query( $wpdb->prepare( "DELETE FROM $tabke WHERE country_code IN (%s)", $country_string ) ); + $result = $wpdb->query( $wpdb->prepare( "DELETE FROM %i WHERE country_code IN (%s)", $table, $country_string ) ); if ( $result > 0 ) { /* translators: %s country name */ @@ -801,9 +781,9 @@ function acfcs_get_states_optgroup() { ]; if ( 'FR' == $country[ 'code' ] ) { - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s' GROUP BY state_code ORDER BY LENGTH(state_name), state_name", $country[ 'code' ] ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s GROUP BY state_code ORDER BY LENGTH(state_name), state_name", $table, $country[ 'code' ] ) ); } else { - $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table WHERE country_code = '%s' GROUP BY state_code ORDER BY state_name ASC", $country[ 'code' ] ) ); + $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i WHERE country_code = %s GROUP BY state_code ORDER BY state_name ASC", $table, $country[ 'code' ] ) ); } @@ -837,6 +817,7 @@ function acfcs_get_states_optgroup() { */ function acfcs_get_searched_cities() { global $wpdb; + $cities = []; $orderby = false; $table = $wpdb->prefix . 'cities'; $search_criteria_state = ( isset( $_POST[ 'acfcs_state' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_state' ] ) ) : false; @@ -844,7 +825,7 @@ function acfcs_get_searched_cities() { $searched_orderby = ( ! empty( $_POST[ 'acfcs_orderby' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_orderby' ] ) ) : false; $searched_term = ( ! empty( $_POST[ 'acfcs_search' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_search' ] ) ) : false; $selected_limit = ( ! empty( $_POST[ 'acfcs_limit' ] ) ) ? (int) $_POST[ 'acfcs_limit' ] : 100; - $parameters = []; + $parameters = [ $table ]; $where = ''; if ( false != $search_criteria_state ) { @@ -852,10 +833,10 @@ function acfcs_get_searched_cities() { $parameters[] = $state_code; $country_code = strtoupper( substr( $search_criteria_state, 0, 2 ) ); $parameters[] = $country_code; - $where .= "WHERE state_code = '%s' AND country_code = '%s'"; + $where .= "WHERE state_code = %s AND country_code = %s"; } elseif ( false != $search_criteria_country ) { - $where .= "WHERE country_code = '%s'"; + $where .= "WHERE country_code = %s"; $parameters[] = $search_criteria_country; } @@ -869,11 +850,10 @@ function acfcs_get_searched_cities() { } else { $where .= ' ORDER BY city_name ASC, state_name ASC'; } - + $where .= ' LIMIT %d'; $parameters[] = $selected_limit; - - $cities = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table $where", $parameters ) ); + $cities = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %i $where", $parameters ) ); return $cities; } diff --git a/inc/acfcs-help-tabs.php b/inc/acfcs-help-tabs.php index 68ee3c8..0b7db91 100755 --- a/inc/acfcs-help-tabs.php +++ b/inc/acfcs-help-tabs.php @@ -98,7 +98,7 @@ function acfcs_help_tabs( $screen ) { 'content' => $more_countries_content ) ); - $server_name = isset( $_SERVER[ 'SERVER_NAME' ] ) ? wp_unslash( $_SERVER[ 'SERVER_NAME' ] ) : 'localhost'; + $server_name = isset( $_SERVER[ 'SERVER_NAME' ] ) ? sanitize_text_field( wp_unslash( $_SERVER[ 'SERVER_NAME' ] ) ) : 'localhost'; get_current_screen()->set_help_sidebar( '

' . esc_html__( 'Official website', 'acf-city-selector' ) . '

acf-city-selector.com

' diff --git a/inc/acfcs-i18n.php b/inc/acfcs-i18n.php index b7462c7..08578e6 100755 --- a/inc/acfcs-i18n.php +++ b/inc/acfcs-i18n.php @@ -14,20 +14,28 @@ function acfcs_country_i18n( $country_code ) { $country_array = array( 'ad' => esc_html__( 'Andorra', 'acf-city-selector' ), + 'ar' => esc_html__( 'Argentina', 'acf-city-selector' ), + 'am' => esc_html__( 'Armenia', 'acf-city-selector' ), 'aw' => esc_html__( 'Aruba', 'acf-city-selector' ), 'at' => esc_html__( 'Austria', 'acf-city-selector' ), 'au' => esc_html__( 'Australia', 'acf-city-selector' ), + 'be' => esc_html__( 'Belgium', 'acf-city-selector' ), 'br' => esc_html__( 'Brazil', 'acf-city-selector' ), 'ca' => esc_html__( 'Canada', 'acf-city-selector' ), 'cn' => esc_html__( 'China', 'acf-city-selector' ), + 'cr' => esc_html__( 'Costa Rica', 'acf-city-selector' ), 'cw' => esc_html__( 'Curaçao', 'acf-city-selector' ), 'europe' => esc_html__( 'Europe', 'acf-city-selector' ), 'fr' => esc_html__( 'France', 'acf-city-selector' ), 'de' => esc_html__( 'Germany', 'acf-city-selector' ), 'gd' => esc_html__( 'Grenada', 'acf-city-selector' ), 'gb' => esc_html__( 'Great Britain', 'acf-city-selector' ), + 'ht' => esc_html__( 'Haiti', 'acf-city-selector' ), + 'it' => esc_html__( 'Italy', 'acf-city-selector' ), + 'jp' => esc_html__( 'Japan', 'acf-city-selector' ), 'lu' => esc_html__( 'Luxembourg', 'acf-city-selector' ), 'mx' => esc_html__( 'Mexico', 'acf-city-selector' ), + 'noram' => esc_html__( 'N-America', 'acf-city-selector' ), 'nl' => esc_html__( 'Netherlands', 'acf-city-selector' ), 'nz' => esc_html__( 'New Zealand', 'acf-city-selector' ), 'pt' => esc_html__( 'Portugal', 'acf-city-selector' ), diff --git a/inc/form-handling.php b/inc/form-handling.php index 926a22a..40ddf80 100755 --- a/inc/form-handling.php +++ b/inc/form-handling.php @@ -4,7 +4,7 @@ */ function acfcs_upload_csv_file() { if ( isset( $_POST[ 'acfcs_upload_csv_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_upload_csv_nonce' ] ), 'acfcs-upload-csv-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_upload_csv_nonce' ] ) ), 'acfcs-upload-csv-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { ACF_City_Selector::acfcs_check_uploads_folder(); @@ -27,7 +27,7 @@ function acfcs_upload_csv_file() { $attachment_id = wp_insert_attachment( $attachment_args, $local_file_path ); if ( ! is_wp_error( $attachment_id ) && 0 < $attachment_id ) { /* translators: %s file name */ - ACF_City_Selector::acfcs_errors()->add( 'success_file_uploaded', sprintf( esc_html__( "File '%s' is successfully uploaded and now shows under 'Select files to import'", 'acf-city-selector' ), wp_unslash( $_FILES[ 'acfcs_csv_upload' ][ 'name' ] ) ) ); + ACF_City_Selector::acfcs_errors()->add( 'success_file_uploaded', sprintf( esc_html__( "File '%s' is successfully uploaded and now shows under 'Select files to import'", 'acf-city-selector' ), sanitize_text_field( wp_unslash( $_FILES[ 'acfcs_csv_upload' ][ 'name' ] ) ) ) ); do_action( 'acfcs_after_success_file_upload' ); } else { ACF_City_Selector::acfcs_errors()->add( 'error_file_uploaded', esc_html__( 'Upload failed. Please try again.', 'acf-city-selector' ) ); @@ -47,17 +47,17 @@ function acfcs_upload_csv_file() { */ function acfcs_do_something_with_file() { if ( isset( $_POST[ 'acfcs_select_file_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_select_file_nonce' ] ), 'acfcs-select-file-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_select_file_nonce' ] ) ), 'acfcs-select-file-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_nonce_no_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { - if ( empty( wp_unslash( $_POST[ 'acfcs_file_name' ] ) ) ) { + if ( empty( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_file_name' ] ) ) ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_file_selected', esc_html__( "You didn't select a file.", 'acf-city-selector' ) ); return; } - $file_name = wp_unslash( $_POST[ 'acfcs_file_name' ] ); - $delimiter = ! empty( $_POST[ 'acfcs_delimiter' ] ) ? wp_unslash( $_POST[ 'acfcs_delimiter' ] ) : apply_filters( 'acfcs_delimiter', ';' ); + $file_name = sanitize_text_field( wp_unslash( $_POST[ 'acfcs_file_name' ] ) ); + $delimiter = ! empty( $_POST[ 'acfcs_delimiter' ] ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_delimiter' ] ) ) : apply_filters( 'acfcs_delimiter', ';' ); $import = isset( $_POST[ 'acfcs_import' ] ) ? true : false; $max_lines = isset( $_POST[ 'acfcs_max_lines' ] ) ? (int) $_POST[ 'acfcs_max_lines' ] : false; $remove = isset( $_POST[ 'acfcs_remove' ] ) ? true : false; @@ -68,7 +68,7 @@ function acfcs_do_something_with_file() { } elseif ( true === $import ) { acfcs_import_data( $file_name, '', $delimiter, $verify, $max_lines ); } elseif ( true === $remove ) { - acfcs_delete_file( $file_name ); + do_action( 'acfcs_delete_file', $file_name ); } } } @@ -81,10 +81,10 @@ function acfcs_do_something_with_file() { */ function acfcs_import_raw_data() { if ( isset( $_POST[ 'acfcs_import_raw_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_import_raw_nonce' ] ), 'acfcs-import-raw-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_import_raw_nonce' ] ) ), 'acfcs-import-raw-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { - $verified_data = isset( $_POST[ 'acfcs_raw_csv_import' ] ) ? acfcs_verify_csv_data( sanitize_textarea_field( $_POST[ 'acfcs_raw_csv_import' ] ) ) : []; + $verified_data = isset( $_POST[ 'acfcs_raw_csv_import' ] ) ? acfcs_verify_csv_data( sanitize_textarea_field( wp_unslash( $_POST[ 'acfcs_raw_csv_import' ] ) ) ) : []; if ( isset( $_POST[ 'acfcs_verify' ] ) ) { if ( false != $verified_data ) { ACF_City_Selector::acfcs_errors()->add( 'success_csv_valid', esc_html__( 'Congratulations, your CSV data seems valid.', 'acf-city-selector' ) ); @@ -105,14 +105,14 @@ function acfcs_import_raw_data() { */ function acfcs_delete_countries() { if ( isset( $_POST[ 'acfcs_remove_countries_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_remove_countries_nonce' ] ), 'acfcs-remove-countries-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_remove_countries_nonce' ] ) ), 'acfcs-remove-countries-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { - if ( empty( wp_unslash( $_POST[ 'acfcs_delete_country' ] ) ) ) { + if ( empty( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_delete_country' ] ) ) ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_country_selected', esc_html__( "You didn't select any countries, please try again.", 'acf-city-selector' ) ); } else { if ( is_array( $_POST[ 'acfcs_delete_country' ] ) ) { - acfcs_delete_country( wp_unslash( $_POST[ 'acfcs_delete_country' ] ) ); + acfcs_delete_country( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_delete_country' ] ) ) ); } } } @@ -126,12 +126,13 @@ function acfcs_delete_countries() { */ function acfcs_delete_rows() { if ( isset( $_POST[ 'acfcs_delete_row_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_delete_row_nonce' ] ), 'acfcs-delete-row-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_delete_row_nonce' ] ) ), 'acfcs-delete-row-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { global $wpdb; if ( isset( $_POST[ 'row_id' ] ) && is_array( $_POST[ 'row_id' ] ) ) { - foreach( wp_unslash( $_POST[ 'row_id' ] ) as $row ) { + // @TODO: test this + foreach( sanitize_text_field( wp_unslash( $_POST[ 'row_id' ] ) ) as $row ) { $sanitized_row = sanitize_text_field( $row ); $split = explode( ' ', $sanitized_row, 2 ); @@ -144,7 +145,7 @@ function acfcs_delete_rows() { $city_string = implode( ', ', $cities ); $row_ids = implode( ',', $ids ); $table = $wpdb->prefix . 'cities'; - $amount = $wpdb->query( $wpdb->prepare( "DELETE FROM $table WHERE id IN (%s)", $row_ids ) ); + $amount = $wpdb->query( $wpdb->prepare( "DELETE FROM %i WHERE id IN (%s)", $table, $row_ids ) ); if ( $amount > 0 ) { /* translators: 1 city name, 2 city names */ @@ -163,12 +164,12 @@ function acfcs_delete_rows() { */ function acfcs_truncate_table() { if ( isset( $_POST[ 'acfcs_truncate_table_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_truncate_table_nonce' ] ), 'acfcs-truncate-table-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_truncate_table_nonce' ] ) ), 'acfcs-truncate-table-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { global $wpdb; $table = $wpdb->prefix . 'cities'; - $wpdb->query( "TRUNCATE TABLE $table" ); + $wpdb->query( $wpdb->prepare( "TRUNCATE TABLE %i", $table ) ); ACF_City_Selector::acfcs_errors()->add( 'success_table_truncated', esc_html__( 'All cities are deleted.', 'acf-city-selector' ) ); do_action( 'acfcs_after_success_nuke' ); } @@ -182,7 +183,7 @@ function acfcs_truncate_table() { */ function acfcs_delete_settings() { if ( isset( $_POST[ 'acfcs_remove_cities_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_remove_cities_nonce' ] ), 'acfcs-remove-cities-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_remove_cities_nonce' ] ) ), 'acfcs-remove-cities-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { if ( isset( $_POST[ 'remove_cities_table' ] ) ) { @@ -202,7 +203,7 @@ function acfcs_delete_settings() { */ function acfcs_import_preset_countries() { if ( isset( $_POST[ 'acfcs_import_actions_nonce' ] ) ) { - if ( ! wp_verify_nonce( wp_unslash( $_POST[ 'acfcs_import_actions_nonce' ] ), 'acfcs-import-actions-nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_import_actions_nonce' ] ) ), 'acfcs-import-actions-nonce' ) ) { ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) ); } else { if ( isset( $_POST[ 'acfcs_import_be' ] ) || isset( $_POST[ 'acfcs_import_nl' ] ) ) { diff --git a/languages/acf-city-selector-nl_NL.mo b/languages/acf-city-selector-nl_NL.mo index ab25b8c..5215538 100644 Binary files a/languages/acf-city-selector-nl_NL.mo and b/languages/acf-city-selector-nl_NL.mo differ diff --git a/languages/acf-city-selector-nl_NL.po b/languages/acf-city-selector-nl_NL.po index 9f0b921..7e9a94d 100644 --- a/languages/acf-city-selector-nl_NL.po +++ b/languages/acf-city-selector-nl_NL.po @@ -1,8 +1,8 @@ msgid "" msgstr "" "Project-Id-Version: ACF City Selector 1.0\n" -"POT-Creation-Date: 2024-10-25 14:10+0200\n" -"PO-Revision-Date: 2024-10-25 14:13+0200\n" +"POT-Creation-Date: 2024-10-26 00:07+0200\n" +"PO-Revision-Date: 2024-10-26 00:08+0200\n" "Last-Translator: Beee\n" "Language-Team: \n" "Language: nl_NL\n" @@ -17,7 +17,7 @@ msgstr "" "X-Poedit-SearchPath-0: .\n" "X-Poedit-SearchPathExcluded-0: languages\n" -#: ACF_City_Selector.php:171 +#: ACF_City_Selector.php:183 #, php-format msgid "" "Several cities in %s had broken ascii characters. You need to re-import " @@ -26,7 +26,7 @@ msgstr "" "Meerdere steden in %s hadden kapotte ascii karakters. Je moet deze landen " "opnieuw importeren om de correcte namen te krijgen." -#: ACF_City_Selector.php:173 +#: ACF_City_Selector.php:185 msgid "" "Several cities in Belgium and Netherlands had broken ascii characters. You " "need to re-import these countries to get the correct city names." @@ -34,11 +34,11 @@ msgstr "" "Meerdere steden in België en Nederland hadden kapotte ascii karakters. Je " "moet deze landen opnieuw importeren om de correcte namen te krijgen." -#: ACF_City_Selector.php:267 ACF_City_Selector.php:355 inc/acfcs-actions.php:68 +#: ACF_City_Selector.php:279 ACF_City_Selector.php:368 inc/acfcs-actions.php:68 msgid "Settings" msgstr "Instellingen" -#: ACF_City_Selector.php:280 +#: ACF_City_Selector.php:292 #, php-format msgid "" "\"Advanced Custom Fields\" is not activated. This plugin musthier." -#: ACF_City_Selector.php:303 +#: ACF_City_Selector.php:315 #, php-format msgid "" "%1$s: The \"%2$s\" plugin will probably not work properly (anymore) with " @@ -58,24 +58,24 @@ msgstr "" "%1$s: De “%2$s\" plugin werkt waarschijnlijk niet goed (meer) met Advanced " "Custos Fields v4.x. AUB upgrade naar PRO." -#: ACF_City_Selector.php:304 +#: ACF_City_Selector.php:316 msgid "Warning" msgstr "Waarschuwing" -#: ACF_City_Selector.php:354 admin/acfcs-preview.php:36 +#: ACF_City_Selector.php:367 admin/acfcs-preview.php:36 msgid "Preview data" msgstr "Data bekijken" -#: ACF_City_Selector.php:356 admin/acfcs-countries.php:50 +#: ACF_City_Selector.php:369 admin/acfcs-countries.php:51 msgid "Get countries" msgstr "Meer landen" -#: ACF_City_Selector.php:357 admin/acfcs-search.php:149 +#: ACF_City_Selector.php:370 admin/acfcs-search.php:150 #: inc/acfcs-actions.php:71 msgid "Search" msgstr "Zoeken" -#: ACF_City_Selector.php:358 admin/acfcs-info.php:26 inc/acfcs-actions.php:77 +#: ACF_City_Selector.php:371 admin/acfcs-info.php:28 inc/acfcs-actions.php:77 msgid "Info" msgstr "Informatie" @@ -104,12 +104,12 @@ msgid "State/province + City" msgstr "Staat/Provincie + Stad" #: admin/acf-city-selector-v4.php:76 admin/acf-city-selector-v5.php:64 -#: admin/acfcs-info.php:170 +#: admin/acfcs-info.php:172 msgid "Yes" msgstr "Ja" #: admin/acf-city-selector-v4.php:77 admin/acf-city-selector-v5.php:65 -#: admin/acfcs-info.php:170 +#: admin/acfcs-info.php:172 msgid "No" msgstr "Nee" @@ -161,23 +161,23 @@ msgstr "Sla lokatie op als individuele meta waardes" msgid "Store meta" msgstr "Sla meta op" -#: admin/acf-city-selector-v5.php:355 +#: admin/acf-city-selector-v5.php:356 msgid "You didn't select anything." msgstr "Je hebt niks geselecteerd." -#: admin/acf-city-selector-v5.php:356 +#: admin/acf-city-selector-v5.php:357 msgid "You didn't select a city." msgstr "Je hebt geen stad gekozen." -#: admin/acf-city-selector-v5.php:357 +#: admin/acf-city-selector-v5.php:358 msgid "You didn't select a country." msgstr "Je hebt geen land gekozen." -#: admin/acf-city-selector-v5.php:358 +#: admin/acf-city-selector-v5.php:359 msgid "You didn't select a state." msgstr "Je hebt geen staat/provincie gekozen." -#: admin/acf-city-selector-v5.php:359 +#: admin/acf-city-selector-v5.php:360 msgid "You didn't select a state and city." msgstr "Je hebt geen staat/provincie en een stad gekozen." @@ -186,7 +186,7 @@ msgstr "Je hebt geen staat/provincie en een stad gekozen." msgid "You do not have sufficient permissions to access this page." msgstr "Je hebt niet voldoende rechten om deze pagina te bekijken." -#: admin/acfcs-countries.php:51 +#: admin/acfcs-countries.php:52 msgid "" "Default the plugin comes with 2 countries included, the Netherlands and " "Belgium but you might want to add more countries to choose from." @@ -194,7 +194,7 @@ msgstr "" "Standaard komt de plugin met 2 landen, namelijk België en Nederland maar " "misschien wil je meer landen om uit te kiezen." -#: admin/acfcs-countries.php:53 +#: admin/acfcs-countries.php:54 msgid "" "And now you can !! We have created several 'country packages' for you to " "import 'as is'." @@ -202,69 +202,78 @@ msgstr "" "En nu kan dat !! We hebben diverse 'landen pakketten' gemaakt die je 1 op 1 " "kan importeren." -#: admin/acfcs-countries.php:55 +#: admin/acfcs-countries.php:56 #, php-format msgid "Download them %s." msgstr "Download ze %s." -#: admin/acfcs-countries.php:55 +#: admin/acfcs-countries.php:56 msgid "here" msgstr "hier" -#: admin/acfcs-countries.php:61 +#: admin/acfcs-countries.php:62 msgid "Country files" msgstr "Landen" -#: admin/acfcs-countries.php:62 +#: admin/acfcs-countries.php:63 msgid "Rotate your phone for a better view or scroll the list horizontally." msgstr "Draai je telefoon voor een betere view of scroll horizontaal." -#: admin/acfcs-countries.php:67 admin/acfcs-search.php:173 -#: inc/acfcs-functions.php:755 inc/acfcs-help-tabs.php:46 +#: admin/acfcs-countries.php:68 admin/acfcs-search.php:174 +#: inc/acfcs-functions.php:730 inc/acfcs-help-tabs.php:46 msgid "Country" msgstr "Land" -#: admin/acfcs-countries.php:68 +#: admin/acfcs-countries.php:69 msgid "States/Provinces" msgstr "Staten/Provincies" -#: admin/acfcs-countries.php:69 +#: admin/acfcs-countries.php:70 msgid "Cities" msgstr "Steden" -#: admin/acfcs-countries.php:70 +#: admin/acfcs-countries.php:71 msgid "Price" msgstr "Prijs" -#: admin/acfcs-countries.php:86 +#: admin/acfcs-countries.php:87 msgid "FREE" msgstr "GRATIS" -#: admin/acfcs-countries.php:94 +#: admin/acfcs-countries.php:95 msgid "Combined country packages" msgstr "Gecombineerde land pakketten" -#: admin/acfcs-countries.php:99 +#: admin/acfcs-countries.php:100 msgid "Package" msgstr "Pakket" -#: admin/acfcs-countries.php:100 +#: admin/acfcs-countries.php:101 msgid "Included countries" msgstr "Inbegrepen landen" -#: admin/acfcs-countries.php:101 +#: admin/acfcs-countries.php:102 msgid "As separate countries" msgstr "Als losse landen" -#: admin/acfcs-countries.php:102 +#: admin/acfcs-countries.php:103 msgid "Package price" msgstr "Pakket prijs" -#: admin/acfcs-countries.php:151 +#: admin/acfcs-countries.php:152 +#, php-format +msgid "" +"More countries will be added soon. Feel free to %s a country, if it's not " +"available (yet)." +msgstr "" +"Meer landen worden z.s.m. toegevoegd. Indien je graag een land wilt hebben " +"die (nog) niet beschikbaar is, dien gerust een %s in." + +#: admin/acfcs-countries.php:152 msgid "request" msgstr "verzoek" -#: admin/acfcs-countries.php:153 +#: admin/acfcs-countries.php:154 msgid "Get your country now" msgstr "Haal nu jouw land" @@ -303,127 +312,127 @@ msgstr "" msgid "This is seen as a new entry and creates an error !!!" msgstr "Dit wordt gezien als een nieuwe regel en zorgt voor een error !!!" -#: admin/acfcs-info.php:28 +#: admin/acfcs-info.php:30 msgid "This page shows real-time info about your site and settings." msgstr "Deze pagina toont actuele informatie over je site en instellingen." -#: admin/acfcs-info.php:34 +#: admin/acfcs-info.php:36 msgid "Countries in database" msgstr "Landen in de database" -#: admin/acfcs-info.php:39 +#: admin/acfcs-info.php:41 msgid "Country name" msgstr "Land naam" -#: admin/acfcs-info.php:40 +#: admin/acfcs-info.php:42 msgid "# cities" msgstr "# steden" -#: admin/acfcs-info.php:57 +#: admin/acfcs-info.php:59 msgid "Server info" msgstr "Server informatie" -#: admin/acfcs-info.php:62 admin/acfcs-info.php:105 admin/acfcs-info.php:164 +#: admin/acfcs-info.php:64 admin/acfcs-info.php:107 admin/acfcs-info.php:166 msgid "What ?" msgstr "Wat ?" -#: admin/acfcs-info.php:63 admin/acfcs-info.php:106 admin/acfcs-info.php:165 +#: admin/acfcs-info.php:65 admin/acfcs-info.php:108 admin/acfcs-info.php:167 msgid "Value" msgstr "Waarde" -#: admin/acfcs-info.php:69 +#: admin/acfcs-info.php:71 msgid "Operating system" msgstr "Besturingssysteem" -#: admin/acfcs-info.php:74 +#: admin/acfcs-info.php:76 msgid "PHP version" msgstr "PHP versie" -#: admin/acfcs-info.php:79 +#: admin/acfcs-info.php:81 msgid "Server IP" msgstr "Server IP" -#: admin/acfcs-info.php:84 +#: admin/acfcs-info.php:86 msgid "Server port" msgstr "Server poort" -#: admin/acfcs-info.php:89 +#: admin/acfcs-info.php:91 msgid "Scheme" msgstr "Schema" -#: admin/acfcs-info.php:94 +#: admin/acfcs-info.php:96 msgid "Home path" msgstr "Home pad" -#: admin/acfcs-info.php:100 +#: admin/acfcs-info.php:102 msgid "Wordpress info" msgstr "WordPress info" -#: admin/acfcs-info.php:112 +#: admin/acfcs-info.php:114 msgid "WordPress version" msgstr "WordPress versie" -#: admin/acfcs-info.php:117 +#: admin/acfcs-info.php:119 msgid "Home URL" msgstr "Home URL" -#: admin/acfcs-info.php:122 +#: admin/acfcs-info.php:124 msgid "Current theme" msgstr "Huidig theme" -#: admin/acfcs-info.php:130 +#: admin/acfcs-info.php:132 msgid "Stylesheet folder" msgstr "" -#: admin/acfcs-info.php:136 +#: admin/acfcs-info.php:138 msgid "Template folder" msgstr "" -#: admin/acfcs-info.php:141 +#: admin/acfcs-info.php:143 msgid "Charset" msgstr "Karakterset" -#: admin/acfcs-info.php:147 +#: admin/acfcs-info.php:149 msgid "Text direction" msgstr "Tekst richting" -#: admin/acfcs-info.php:152 +#: admin/acfcs-info.php:154 msgid "Language" msgstr "Taal" -#: admin/acfcs-info.php:159 +#: admin/acfcs-info.php:161 msgid "Multisite" msgstr "Multisite" -#: admin/acfcs-info.php:172 +#: admin/acfcs-info.php:174 msgid "Main site" msgstr "Hoofd site" -#: admin/acfcs-info.php:178 +#: admin/acfcs-info.php:180 msgid "Main registration" msgstr "Hoofd registratie" -#: admin/acfcs-info.php:185 +#: admin/acfcs-info.php:187 msgid "Subsite registration" msgstr "Subsite registratie" -#: admin/acfcs-info.php:193 +#: admin/acfcs-info.php:195 msgid "Active plugins" msgstr "Actieve plugins" -#: admin/acfcs-info.php:200 +#: admin/acfcs-info.php:202 msgid "Name" msgstr "Naam" -#: admin/acfcs-info.php:201 +#: admin/acfcs-info.php:203 msgid "Version" msgstr "Versie" -#: admin/acfcs-info.php:224 +#: admin/acfcs-info.php:227 msgid "Download JSON" msgstr "Download JSON" -#: admin/acfcs-info.php:226 +#: admin/acfcs-info.php:229 msgid "" "If you're in need of support, the info above might helpful for us to fix a " "problem." @@ -431,7 +440,7 @@ msgstr "" "Als je support nodig hebt, kan bovenstaande info nuttig zijn om het probleem " "op te lossen." -#: admin/acfcs-info.php:229 +#: admin/acfcs-info.php:232 msgid "" "You can download the settings to a JSON file below (and send it to us when " "asked)." @@ -439,11 +448,11 @@ msgstr "" "Je kan de instellingen hieronder downloaden naar een JSON bestand (en naar " "ons sturen indien gevraagd)." -#: admin/acfcs-info.php:237 +#: admin/acfcs-info.php:240 msgid "View JSON file" msgstr "Bekijk JSON data" -#: admin/acfcs-info.php:238 +#: admin/acfcs-info.php:241 msgid "left-click to open, right-click to save" msgstr "linker muisklik om te openen, rechter muisklik om te saven" @@ -492,7 +501,7 @@ msgstr "Je hebt geen bestanden om te bekijken." msgid "Upload a csv file from your %s." msgstr "Upload een csv bestand vanaf je %s." -#: admin/acfcs-preview.php:44 admin/acfcs-search.php:60 +#: admin/acfcs-preview.php:44 admin/acfcs-search.php:61 msgid "dashboard" msgstr "dashboard" @@ -521,81 +530,81 @@ msgstr "" msgid "CSV contents" msgstr "CSV inhoud" -#: admin/acfcs-preview.php:66 admin/acfcs-search.php:165 +#: admin/acfcs-preview.php:66 admin/acfcs-search.php:166 msgid "Table scrolls horizontally." msgstr "Tabel scroll horizontaal." -#: admin/acfcs-search.php:56 +#: admin/acfcs-search.php:57 msgid "Search for cities" msgstr "Zoek naar steden" -#: admin/acfcs-search.php:60 +#: admin/acfcs-search.php:61 #, php-format msgid "You haven't imported any cities yet. Import any files from your %s." msgstr "" "Je hebt nog geen steden geïmporteerd. Importeer een bestand vanaf je %s." -#: admin/acfcs-search.php:69 admin/acfcs-search.php:72 -#: inc/acfcs-functions.php:21 inc/acfcs-functions.php:483 -#: inc/acfcs-functions.php:895 +#: admin/acfcs-search.php:70 admin/acfcs-search.php:73 +#: inc/acfcs-functions.php:21 inc/acfcs-functions.php:480 +#: inc/acfcs-functions.php:874 msgid "Select a country" msgstr "Selecteer een land" -#: admin/acfcs-search.php:84 +#: admin/acfcs-search.php:85 msgid "OR" msgstr "OF" -#: admin/acfcs-search.php:90 admin/acfcs-search.php:94 -#: inc/acfcs-functions.php:59 inc/acfcs-functions.php:490 -#: inc/acfcs-functions.php:897 +#: admin/acfcs-search.php:91 admin/acfcs-search.php:95 +#: inc/acfcs-functions.php:59 inc/acfcs-functions.php:487 +#: inc/acfcs-functions.php:876 msgid "Select a province/state" msgstr "Selecteer een provincie/staat" -#: admin/acfcs-search.php:116 +#: admin/acfcs-search.php:117 msgid "Search term" msgstr "Zoekterm" -#: admin/acfcs-search.php:117 +#: admin/acfcs-search.php:118 msgid "City name" msgstr "Stad" -#: admin/acfcs-search.php:123 admin/acfcs-search.php:124 +#: admin/acfcs-search.php:124 admin/acfcs-search.php:125 msgid "Limit" msgstr "Limiet" -#: admin/acfcs-search.php:130 admin/acfcs-search.php:133 +#: admin/acfcs-search.php:131 admin/acfcs-search.php:134 msgid "Order by" msgstr "Sorteren op" -#: admin/acfcs-search.php:137 admin/acfcs-search.php:171 -#: inc/acfcs-functions.php:751 inc/acfcs-help-tabs.php:26 +#: admin/acfcs-search.php:138 admin/acfcs-search.php:172 +#: inc/acfcs-functions.php:726 inc/acfcs-help-tabs.php:26 msgid "City" msgstr "Stad" -#: admin/acfcs-search.php:138 admin/acfcs-search.php:172 -#: inc/acfcs-functions.php:753 inc/acfcs-help-tabs.php:36 +#: admin/acfcs-search.php:139 admin/acfcs-search.php:173 +#: inc/acfcs-functions.php:728 inc/acfcs-help-tabs.php:36 msgid "State" msgstr "Staat/provincie" -#: admin/acfcs-search.php:159 +#: admin/acfcs-search.php:160 msgid "No results, please try again." msgstr "Geen resultaten, probeer het aub nog een keer." -#: admin/acfcs-search.php:166 +#: admin/acfcs-search.php:167 msgid "result" msgid_plural "results" msgstr[0] "resultaat" msgstr[1] "resultaten" -#: admin/acfcs-search.php:169 +#: admin/acfcs-search.php:170 msgid "ID" msgstr "ID" -#: admin/acfcs-search.php:170 +#: admin/acfcs-search.php:171 msgid "Select" msgstr "Selecteer" -#: admin/acfcs-search.php:196 +#: admin/acfcs-search.php:197 msgid "Delete selected" msgstr "Verwijder geselecteerde" @@ -772,98 +781,98 @@ msgstr "Preview" msgid "Get more countries" msgstr "Meer landen" -#: inc/acfcs-functions.php:104 inc/acfcs-functions.php:481 -#: inc/acfcs-functions.php:894 +#: inc/acfcs-actions.php:113 +#, php-format +msgid "File \"%s\" successfully deleted." +msgstr "File “%s” is succesvol verwijderd." + +#: inc/acfcs-actions.php:117 +#, php-format +msgid "File \"%s\" is not deleted. Please try again." +msgstr "Het bestand \"%s\" is niet verwijderd. Probeer het aub opnieuw." + +#: inc/acfcs-functions.php:104 inc/acfcs-functions.php:478 +#: inc/acfcs-functions.php:873 msgid "Select a city" msgstr "Selecteer een stad" -#: inc/acfcs-functions.php:274 inc/acfcs-functions.php:280 +#: inc/acfcs-functions.php:270 inc/acfcs-functions.php:276 msgid "Since your file is not accurate anymore, the file is deleted." msgstr "Aangezien je bestand fouten bevat, is deze verwijderd." -#: inc/acfcs-functions.php:276 +#: inc/acfcs-functions.php:272 #, php-format msgid "There are too few columns on line %1$d. %2$s" msgstr "Er zijn te weinig kolommen op regel %1$d. %2$s" -#: inc/acfcs-functions.php:285 +#: inc/acfcs-functions.php:281 #, php-format msgid "There are too many columns on line %1$d. %2$s" msgstr "Er zijn te veel kolommen op regel %1$d. %2$s" -#: inc/acfcs-functions.php:357 +#: inc/acfcs-functions.php:353 #, php-format msgid "There are too few columns on line %d." msgstr "Er zijn te weinig kolommen op regel %d." -#: inc/acfcs-functions.php:363 +#: inc/acfcs-functions.php:359 #, php-format msgid "There are too many columns on line %d." msgstr "Er zijn te veel kolommen op regel %d." -#: inc/acfcs-functions.php:375 +#: inc/acfcs-functions.php:371 #, php-format msgid "The length of the country abbreviation on line %d is incorrect." msgstr "De lengte van de land afkorting op regel %d is incorrect." -#: inc/acfcs-functions.php:574 +#: inc/acfcs-functions.php:570 #, php-format msgid "Congratulations, there appear to be no errors in CSV file: \"%s\"." msgstr "Gefeliciteerd, er lijken geen fouten te zitten in CSV bestand: \"%s\"." -#: inc/acfcs-functions.php:616 inc/acfcs-functions.php:619 +#: inc/acfcs-functions.php:612 inc/acfcs-functions.php:615 #, php-format msgid "You have successfully imported %1$d cities from \"%2$s\"." msgstr "Gefeliciteerd, je hebt %1$d steden geïmporteerd uit “%2$s\"." -#: inc/acfcs-functions.php:625 +#: inc/acfcs-functions.php:621 #, php-format msgid "There's an error in \"%s\"." -msgstr "" +msgstr "Er is een fout in \"%s\"." -#: inc/acfcs-functions.php:649 +#: inc/acfcs-functions.php:645 #, php-format msgid "You imported %d city." msgid_plural "You imported %d cities." msgstr[0] "Gefeliciteerd, je hebt %d stad geïmporteerd." msgstr[1] "Gefeliciteerd, je hebt %d steden geïmporteerd." -#: inc/acfcs-functions.php:655 inc/form-handling.php:54 +#: inc/acfcs-functions.php:651 inc/form-handling.php:54 msgid "You didn't select a file." msgstr "Je hebt geen bestand gekozen." -#: inc/acfcs-functions.php:670 -#, php-format -msgid "File \"%s\" successfully deleted." -msgstr "File “%s” is succesvol verwijderd." - -#: inc/acfcs-functions.php:674 -#, php-format -msgid "File \"%s\" is not deleted. Please try again." -msgstr "Het bestand \"%s\" is niet verwijderd. Probeer het aub opnieuw." - -#: inc/acfcs-functions.php:717 +#: inc/acfcs-functions.php:693 #, php-format msgid "You have successfully removed all entries for %s." msgstr "Je hebt alle steden verwijderd voor %s." -#: inc/acfcs-functions.php:752 inc/acfcs-help-tabs.php:31 +#: inc/acfcs-functions.php:727 inc/acfcs-help-tabs.php:31 msgid "State code" msgstr "Staat/provincie code" -#: inc/acfcs-functions.php:754 inc/acfcs-help-tabs.php:41 +#: inc/acfcs-functions.php:729 inc/acfcs-help-tabs.php:41 msgid "Country code" msgstr "Land code" -#: inc/acfcs-functions.php:893 +#: inc/acfcs-functions.php:872 msgid "No countries" msgstr "Geen landen" -#: inc/acfcs-functions.php:896 +#: inc/acfcs-functions.php:875 msgid "No results (yet), first select a country" msgstr "Nog geen resultaten, kies eerst een land" -#: inc/acfcs-functions.php:898 +#: inc/acfcs-functions.php:877 msgid "No results (yet), first select a state" msgstr "Nog geen resultaten, kies eerst een staat/provincie" @@ -994,101 +1003,133 @@ msgid "Andorra" msgstr "Andorra" #: inc/acfcs-i18n.php:17 +msgid "Argentina" +msgstr "Argentinië" + +#: inc/acfcs-i18n.php:18 +msgid "Armenia" +msgstr "Armenië" + +#: inc/acfcs-i18n.php:19 msgid "Aruba" msgstr "Aruba" -#: inc/acfcs-i18n.php:18 +#: inc/acfcs-i18n.php:20 msgid "Austria" msgstr "Oostenrijk" -#: inc/acfcs-i18n.php:19 +#: inc/acfcs-i18n.php:21 msgid "Australia" msgstr "Australië" -#: inc/acfcs-i18n.php:20 +#: inc/acfcs-i18n.php:22 +msgid "Belgium" +msgstr "België" + +#: inc/acfcs-i18n.php:23 msgid "Brazil" msgstr "Brazilië" -#: inc/acfcs-i18n.php:21 +#: inc/acfcs-i18n.php:24 msgid "Canada" msgstr "Canada" -#: inc/acfcs-i18n.php:22 +#: inc/acfcs-i18n.php:25 msgid "China" msgstr "China" -#: inc/acfcs-i18n.php:23 +#: inc/acfcs-i18n.php:26 +msgid "Costa Rica" +msgstr "Costa Rica" + +#: inc/acfcs-i18n.php:27 msgid "Curaçao" msgstr "Curaçao" -#: inc/acfcs-i18n.php:24 +#: inc/acfcs-i18n.php:28 msgid "Europe" msgstr "Europa" -#: inc/acfcs-i18n.php:25 +#: inc/acfcs-i18n.php:29 msgid "France" msgstr "Frankrijk" -#: inc/acfcs-i18n.php:26 +#: inc/acfcs-i18n.php:30 msgid "Germany" msgstr "Duitsland" -#: inc/acfcs-i18n.php:27 +#: inc/acfcs-i18n.php:31 msgid "Grenada" msgstr "Grenada" -#: inc/acfcs-i18n.php:28 +#: inc/acfcs-i18n.php:32 msgid "Great Britain" msgstr "Groot-Britannië" -#: inc/acfcs-i18n.php:29 +#: inc/acfcs-i18n.php:33 +msgid "Haiti" +msgstr "Haïti" + +#: inc/acfcs-i18n.php:34 +msgid "Italy" +msgstr "Italië" + +#: inc/acfcs-i18n.php:35 +msgid "Japan" +msgstr "Japan" + +#: inc/acfcs-i18n.php:36 msgid "Luxembourg" msgstr "Luxemburg" -#: inc/acfcs-i18n.php:30 +#: inc/acfcs-i18n.php:37 msgid "Mexico" msgstr "Mexico" -#: inc/acfcs-i18n.php:31 +#: inc/acfcs-i18n.php:38 +msgid "N-America" +msgstr "N-Amerika" + +#: inc/acfcs-i18n.php:39 msgid "Netherlands" msgstr "Nederland" -#: inc/acfcs-i18n.php:32 +#: inc/acfcs-i18n.php:40 msgid "New Zealand" -msgstr "Nieuw Zeeland" +msgstr "Nieuw-Zeeland" -#: inc/acfcs-i18n.php:33 +#: inc/acfcs-i18n.php:41 msgid "Portugal" msgstr "Portugal" -#: inc/acfcs-i18n.php:34 +#: inc/acfcs-i18n.php:42 msgid "South Korea" msgstr "Zuid-Korea" -#: inc/acfcs-i18n.php:35 +#: inc/acfcs-i18n.php:43 msgid "Spain" msgstr "Spanje" -#: inc/acfcs-i18n.php:36 +#: inc/acfcs-i18n.php:44 msgid "Switzerland" msgstr "Zwitserland" -#: inc/acfcs-i18n.php:37 +#: inc/acfcs-i18n.php:45 msgid "United States" msgstr "Verenigde Staten" -#: inc/acfcs-i18n.php:38 +#: inc/acfcs-i18n.php:46 msgid "Uruguay" msgstr "Uruguay" -#: inc/acfcs-i18n.php:39 +#: inc/acfcs-i18n.php:47 msgid "World" msgstr "Wereld" #: inc/form-handling.php:8 inc/form-handling.php:51 inc/form-handling.php:85 #: inc/form-handling.php:109 inc/form-handling.php:130 -#: inc/form-handling.php:167 inc/form-handling.php:186 -#: inc/form-handling.php:206 +#: inc/form-handling.php:168 inc/form-handling.php:187 +#: inc/form-handling.php:207 msgid "Something went wrong, please try again." msgstr "Er ging iets fout, probeer het aub nog een keer." @@ -1117,18 +1158,18 @@ msgstr "Gefeliciteerd, je CSV data lijkt geen fouten te bevatten." msgid "You didn't select any countries, please try again." msgstr "Je hebt geen land(en) gekozen, probeer aub opnieuw." -#: inc/form-handling.php:150 +#: inc/form-handling.php:152 #, php-format msgid "You have deleted the city %s." msgid_plural "You have deleted the following cities: %s." msgstr[0] "Je hebt stad %s verwijderd." msgstr[1] "Je hebt de volgende steden verwijderd: %s." -#: inc/form-handling.php:172 +#: inc/form-handling.php:173 msgid "All cities are deleted." msgstr "Alle steden zijn verwijderd." -#: inc/form-handling.php:193 +#: inc/form-handling.php:194 msgid "Settings saved" msgstr "Instellingen opgeslagen" @@ -1139,14 +1180,6 @@ msgstr "Instellingen opgeslagen" #~ msgid "cities in Belgium and Netherlands" #~ msgstr "steden in België en Nederland" -#, php-format -#~ msgid "" -#~ "More countries will be added soon. Feel free to %s a country, if it's not " -#~ "available (yet)." -#~ msgstr "" -#~ "Meer landen worden z.s.m. toegevoegd. Indien je graag een land wilt " -#~ "hebben die (nog) niet beschikbaar is, dien gerust een %s in." - #~ msgid "Delete transients" #~ msgstr "Verwijder transients" @@ -1250,9 +1283,6 @@ msgstr "Instellingen opgeslagen" #~ msgid "Antwerp" #~ msgstr "Antwerpen" -#~ msgid "Belgium" -#~ msgstr "België" - #~ msgid "Bruxelles" #~ msgstr "Brussel" diff --git a/readme.txt b/readme.txt index 834e013..c02c6ca 100755 --- a/readme.txt +++ b/readme.txt @@ -4,7 +4,7 @@ Contributors: beee Requires at least: 3.6.0 Requires PHP: 7.0 Tested up to: 6.6.1 -Stable tag: 1.15.0 +Stable tag: 1.15.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -41,6 +41,10 @@ A. Please read the FAQ @ [https://acf-city-selector.com/documentation/](https:// == Changelog == += 1.15.1 = +* use wp_filesystem for csv files +* sanitize/escape more + = 1.15.0 = * set menu slug for (hidden) admin pages to prevent empty admin page title * fix vulnerability in file upload