Skip to content

Commit

Permalink
Merge pull request #141 from Beee4life/feature/1.16.0
Browse files Browse the repository at this point in the history 
Feature/1.16.0
  • Loading branch information
@Beee4life
Beee4life authored Oct 26, 2024
2 parents 72b9884 + d3cf77f commit 7eb541d
Show file tree
Hide file tree
Showing 14 changed files with 238 additions and 163 deletions.
4 changes: 2 additions & 2 deletions ACF_City_Selector.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
Plugin Name: ACF City Selector
Plugin URI: https://acf-city-selector.com
Description: An extension for ACF which allows you to select a city based on country and province/state.
Version: 1.15.1
Version: 1.16.0
Tested up to: 6.6.1
Requires PHP: 7.0
Author: Beee
Expand Down Expand Up @@ -38,7 +38,7 @@ public function __construct() {
$this->settings = [
'db_version' => '1.0',
'url' => plugin_dir_url( __FILE__ ),
'version' => '1.15.1',
'version' => '1.16.0',
];

if ( ! class_exists( 'ACFCS_WEBSITE_URL' ) ) {
Expand Down
3 changes: 3 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,9 @@ I got the idea for this plugin through [Fabrizio Sabato](https://github.com/fab0
<a name="changelog"></a>
### Changelog

1.16.0
* add nonces for forms

1.15.1
* use wp_filesystem for csv files
* sanitize/escape more
Expand Down
2 changes: 1 addition & 1 deletion admin/acf-city-selector-v4.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -234,7 +234,7 @@ function input_admin_enqueue_scripts() {
$all_info = acfcs_get_field_settings();
$js_vars[ 'ajaxurl' ] = admin_url( 'admin-ajax.php' );
$js_vars[ 'default_country' ] = ( isset( $all_info[ 'default_country' ] ) && false != $all_info[ 'default_country' ] ) ? $all_info[ 'default_country' ] : false;
$js_vars[ 'post_id' ] = ( isset( $_GET[ 'post' ] ) ) ? (int) $_GET[ 'post' ] : false;
$js_vars[ 'post_id' ] = 0 < get_the_ID() ? (int) get_the_ID() : false;
$js_vars[ 'show_labels' ] = ( isset( $all_info[ 'show_labels' ] ) ) ? $all_info[ 'show_labels' ] : apply_filters( 'acfcs_show_labels', true );
$js_vars[ 'use_select2' ] = ( isset( $all_info[ 'use_select2' ] ) ) ? $all_info[ 'use_select2' ] : false;
$js_vars[ 'which_fields' ] = ( isset( $all_info[ 'which_fields' ] ) ) ? $all_info[ 'which_fields' ] : 'all';
Expand Down
20 changes: 11 additions & 9 deletions admin/acf-city-selector-v5.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,15 +201,17 @@ function input_admin_enqueue_scripts() {

wp_register_script( 'acfcs-process', "{$plugin_url}assets/js/city-selector.js", array( 'jquery', 'acf-input' ), $plugin_version, false );
wp_enqueue_script( 'acfcs-process' );

$all_info = acfcs_get_field_settings();
$js_vars[ 'ajaxurl' ] = admin_url( 'admin-ajax.php' );
$js_vars[ 'default_country' ] = ( isset( $all_info[ 'default_country' ] ) && false != $all_info[ 'default_country' ] ) ? $all_info[ 'default_country' ] : false;
$js_vars[ 'post_id' ] = ( isset( $_GET[ 'post' ] ) ) ? (int) $_GET[ 'post' ] : false;
$js_vars[ 'show_labels' ] = ( isset( $all_info[ 'show_labels' ] ) ) ? $all_info[ 'show_labels' ] : apply_filters( 'acfcs_show_labels', true );
$js_vars[ 'store_meta' ] = ( isset( $all_info[ 'store_meta' ] ) ) ? $all_info[ 'store_meta' ] : false;
$js_vars[ 'use_select2' ] = ( isset( $all_info[ 'use_select2' ] ) ) ? $all_info[ 'use_select2' ] : false;
$js_vars[ 'which_fields' ] = ( isset( $all_info[ 'which_fields' ] ) ) ? $all_info[ 'which_fields' ] : 'all';

$all_info = acfcs_get_field_settings();
$js_vars[ 'ajaxurl' ] = admin_url( 'admin-ajax.php' );
$js_vars[ 'default_country' ] = ( isset( $all_info[ 'default_country' ] ) && false != $all_info[ 'default_country' ] ) ? $all_info[ 'default_country' ] : false;
$js_vars[ 'post_id' ] = 0 < get_the_ID() ? (int) get_the_ID() : false;
$js_vars[ 'acfcs_state_nonce' ] = wp_create_nonce( 'acfcs-state-nonce' );
$js_vars[ 'acfcs_city_nonce' ] = wp_create_nonce( 'acfcs-city-nonce' );
$js_vars[ 'show_labels' ] = ( isset( $all_info[ 'show_labels' ] ) ) ? $all_info[ 'show_labels' ] : apply_filters( 'acfcs_show_labels', true );
$js_vars[ 'store_meta' ] = ( isset( $all_info[ 'store_meta' ] ) ) ? $all_info[ 'store_meta' ] : false;
$js_vars[ 'use_select2' ] = ( isset( $all_info[ 'use_select2' ] ) ) ? $all_info[ 'use_select2' ] : false;
$js_vars[ 'which_fields' ] = ( isset( $all_info[ 'which_fields' ] ) ) ? $all_info[ 'which_fields' ] : 'all';

wp_localize_script( 'acfcs-process', 'city_selector_vars', $js_vars );
}
Expand Down
12 changes: 10 additions & 2 deletions admin/acfcs-dashboard.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,16 @@ function acfcs_dashboard() {
if ( ! current_user_can( apply_filters( 'acfcs_user_cap', 'manage_options' ) ) ) {
wp_die( esc_html__( 'You do not have sufficient permissions to access this page.', 'acf-city-selector' ) );
}


$submitted_raw_data = false;
if ( isset( $_POST[ 'acfcs_import_raw_nonce' ] ) ) {
if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_import_raw_nonce' ] ) ), 'acfcs-import-raw-nonce' ) ) {
ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) );
} else {
$submitted_raw_data = ( isset( $_POST[ 'raw_csv_import' ] ) ) ? sanitize_textarea_field( wp_unslash( $_POST[ 'raw_csv_import' ] ) ) : false;
}
}

ACF_City_Selector::acfcs_show_admin_notices();

$show_raw_import = true;
Expand Down Expand Up @@ -38,7 +47,6 @@ function acfcs_dashboard() {

<?php if ( true === $show_raw_import ) { ?>
<?php $placeholder = "Amsterdam;NH;Noord-Holland;NL;Netherlands\nRotterdam;ZH;Zuid-Holland;NL;Netherlands"; ?>
<?php $submitted_raw_data = ( isset( $_POST[ 'raw_csv_import' ] ) ) ? sanitize_textarea_field( wp_unslash( $_POST[ 'raw_csv_import' ] ) ) : false; ?>
<div class="acfcs__section acfcs__section--raw-import">
<?php echo sprintf( '<h2>%s</h2>', esc_html__( 'Import CSV data (from clipboard)', 'acf-city-selector' ) ); ?>
<p>
Expand Down
1 change: 1 addition & 0 deletions admin/acfcs-preview-form.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@

<div class="acfcs__section acfcs__section--preview">
<form name="select-preview-file" id="settings-form" action="" method="post">
<input type="hidden" name="acfcs_preview_nonce" value="<?php echo esc_attr( wp_create_nonce( 'acfcs-preview-nonce' ) ); ?>" />
<div class="acfcs__process-file">
<div class="acfcs__process-file-element">
<?php echo sprintf( '<label for="acfcs_file_name">%s</label>', esc_attr__( 'File', 'acf-city-selector' ) ); ?>
Expand Down
25 changes: 18 additions & 7 deletions admin/acfcs-preview.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,22 @@ function acfcs_preview_page() {
if ( ! current_user_can( apply_filters( 'acfcs_user_cap', 'manage_options' ) ) ) {
wp_die( esc_html__( 'Sorry, you do not have sufficient permissions to access this page.', 'acf-city-selector' ) );
}


$file_name = false;
$limit = 100;
$delimiter = ';';

if ( isset( $_POST[ 'acfcs_preview_nonce' ] ) ) {
if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_preview_nonce' ] ) ), 'acfcs-preview-nonce' ) ) {
ACF_City_Selector::acfcs_errors()->add( 'error_nonce_no_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) );
return;
} else {
$file_name = ( isset( $_POST[ 'acfcs_file_name' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_file_name' ] ) ) : false;
$max_lines = ( isset( $_POST[ 'acfcs_max_lines' ] ) ) ? (int) $_POST[ 'acfcs_max_lines' ] : $limit;
$delimiter = ( isset( $_POST[ 'acfcs_delimiter' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_delimiter' ] ) ) : apply_filters( 'acfcs_delimiter', $delimiter );
}
}

ACF_City_Selector::acfcs_show_admin_notices();
?>

Expand All @@ -16,12 +31,8 @@ function acfcs_preview_page() {

<?php
do_action( 'acfcs_admin_menu' );

$file_index = acfcs_check_if_files();
$file_name = ( isset( $_POST[ 'acfcs_file_name' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_file_name' ] ) ) : false;
$max_lines = ( isset( $_POST[ 'acfcs_max_lines' ] ) ) ? (int) $_POST[ 'acfcs_max_lines' ] : false;
$max_lines_value = ( false != $max_lines ) ? $max_lines : 100;
$delimiter = ( isset( $_POST[ 'acfcs_delimiter' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_delimiter' ] ) ) : apply_filters( 'acfcs_delimiter', ';' );

$file_index = acfcs_check_if_files();

// Get imported data
if ( $file_name ) {
Expand Down
28 changes: 22 additions & 6 deletions admin/acfcs-search.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,28 @@ function acfcs_search() {
$cities = array();
$city_array = array();
$countries = array();
$search_criteria_state = ( isset( $_POST[ 'acfcs_state' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_state' ] ) ) : false;
$search_criteria_country = ( isset( $_POST[ 'acfcs_country' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_country' ] ) ) : false;
$searched_orderby = ( ! empty( $_POST[ 'acfcs_orderby' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_orderby' ] ) ) : false;
$searched_term = ( ! empty( $_POST[ 'acfcs_search' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_search' ] ) ) : false;
$selected_limit = ( ! empty( $_POST[ 'acfcs_limit' ] ) ) ? (int) $_POST[ 'acfcs_limit' ] : 100;

$search_criteria_state = false;
$search_criteria_country = false;
$searched_orderby = false;
$searched_term = false;
$selected_limit = false;
$limit = 100;
$states = acfcs_get_states_optgroup();


if ( isset( $_POST[ 'acfcs_search_form_nonce' ] ) ) {
if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_search_form_nonce' ] ) ), 'acfcs-search-form-nonce' ) ) {
ACF_City_Selector::acfcs_errors()->add( 'error_no_nonce_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) );
return;
} else {
$search_criteria_state = ( ! empty( $_POST[ 'acfcs_state' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_state' ] ) ) : false;
$search_criteria_country = ( ! empty( $_POST[ 'acfcs_country' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_country' ] ) ) : false;
$searched_orderby = ( ! empty( $_POST[ 'acfcs_orderby' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_orderby' ] ) ) : false;
$searched_term = ( ! empty( $_POST[ 'acfcs_search' ] ) ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_search' ] ) ) : false;
$selected_limit = ( ! empty( $_POST[ 'acfcs_limit' ] ) ) ? (int) $_POST[ 'acfcs_limit' ] : $limit;
}
}

// if there is at least 1 country
if ( ! empty( $all_countries ) ) {
foreach ( $all_countries as $country_code => $country_name ) {
Expand Down Expand Up @@ -62,6 +77,7 @@ function acfcs_search() {
<?php } else { ?>
<form action="" method="POST">
<input name="acfcs_search_form" type="hidden" value="1" />
<input name="acfcs_search_form_nonce" type="hidden" value="<?php echo esc_attr( wp_create_nonce( 'acfcs-search-form-nonce' ) ); ?>" />

<div class="acfcs__search-form">
<?php // if there's only 1 country, no need to add country dropdown ?>
Expand Down
12 changes: 11 additions & 1 deletion admin/process-file-form.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,16 @@
if ( ! defined( 'ABSPATH' ) ) {
exit;
}

$selected_file_name = false;
if ( isset( $_POST[ 'acfcs_select_file_nonce' ] ) ) {
if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ 'acfcs_select_file_nonce' ] ) ), 'acfcs-select-file-nonce' ) ) {
ACF_City_Selector::acfcs_errors()->add( 'error_nonce_no_match', esc_html__( 'Something went wrong, please try again.', 'acf-city-selector' ) );
return;
} else {
$selected_file_name = isset( $_POST[ 'acfcs_file_name' ] ) ? sanitize_text_field( wp_unslash( $_POST[ 'acfcs_file_name' ] ) ) : false;
}
}
?>
<form method="post">
<input name="acfcs_select_file_nonce" type="hidden" value="<?php echo esc_attr( wp_create_nonce( 'acfcs-select-file-nonce' ) ); ?>" />
Expand All @@ -14,7 +24,7 @@
<?php echo sprintf( '<option value="">%s</option>', esc_attr__( 'Select a file', 'acf-city-selector' ) ); ?>
<?php } ?>
<?php foreach ( $file_index as $file_name ) { ?>
<?php $selected = ( isset( $_POST[ 'acfcs_file_name' ] ) && $_POST[ 'acfcs_file_name' ] == $file_name ) ? ' selected="selected"' : false; ?>
<?php $selected = $selected_file_name == $file_name ? ' selected="selected"' : false; ?>
<?php echo sprintf( '<option value="%s"%s>%s</option>', esc_attr( $file_name ), esc_attr( $selected ), esc_attr( $file_name ) ); ?>
<?php } ?>
</select>
Expand Down
22 changes: 16 additions & 6 deletions assets/js/city-selector.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@
countries.on('change', function () {
const response_cities = []
const response_states = []

var $this = $(this);
var country_code = $this.val();
var country_field_id = $this.attr('id');
Expand All @@ -61,11 +60,17 @@
$show_labels = $(this).data('show-labels');
$which_fields = $(this).data('which-fields');
}
var state_nonce = city_selector_vars[ 'acfcs_state_nonce' ];
var city_nonce = city_selector_vars[ 'acfcs_city_nonce' ];
var show_labels = $show_labels;
var which_fields = $which_fields;

if ( '' === country_code ) {
changed_city.empty();
}

if ( $.inArray(which_fields, [ 'country_state', 'all' ] ) !== -1 ) {
const d = acfcs_get_states(country_code, show_labels, post_id);
const d = acfcs_get_states(country_code, show_labels, post_id, state_nonce);
response_states.push(d);

Promise.all(response_states).then(function(jsonResults) {
Expand All @@ -85,7 +90,7 @@
});

} else if ( $.inArray(which_fields, [ 'country_city' ] ) !== -1 ) {
const d = acfcs_get_cities(country_code, show_labels, post_id);
const d = acfcs_get_cities(country_code, show_labels, post_id, city_nonce);
response_cities.push(d);

Promise.all(response_cities).then(function(jsonResults) {
Expand Down Expand Up @@ -122,6 +127,7 @@
$show_labels = $(this).data('show-labels');
$which_fields = $(this).data('which-fields');
}
var city_nonce = city_selector_vars[ 'acfcs_city_nonce' ];
var show_labels = $show_labels;
var which_fields = $which_fields;

Expand All @@ -132,7 +138,7 @@
var state_field_id = $this.attr('id');
var city_field_id = state_field_id.replace('stateCode', 'cityName');
var changed_city = $('select[id="' + city_field_id + '"]');
const d = acfcs_get_cities(state_code, show_labels, post_id);
const d = acfcs_get_cities(state_code, show_labels, post_id, city_nonce);
response_cities.push(d);

Promise.all(response_cities).then(function(jsonResults) {
Expand Down Expand Up @@ -166,10 +172,12 @@
* @param showLabels
* @param postID
* @param callback
* @param nonce
* @returns {Promise<unknown>}
*/
function acfcs_get_states(countryCode, showLabels, postID, callback) {
function acfcs_get_states(countryCode, showLabels, postID, nonce, callback) {
const state_data = {
acfcs_state_nonce: nonce,
action: 'get_states_call',
country_code: countryCode,
post_id: postID,
Expand All @@ -189,11 +197,13 @@
* @param stateCode
* @param showLabels
* @param postID
* @param nonce
* @param callback
* @returns {Promise<unknown>}
*/
function acfcs_get_cities(stateCode, showLabels, postID, callback) {
function acfcs_get_cities(stateCode, showLabels, postID, nonce, callback) {
const city_data = {
acfcs_city_nonce: nonce,
action: 'get_cities_call',
post_id: postID,
show_labels: showLabels,
Expand Down
Loading

0 comments on commit 7eb541d

Please sign in to comment.