for security

ilhanaydinli · Jun 1, 2022 · 234d4ea · 234d4ea
1 parent 0d950ee
commit 234d4ea
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 10 deletions.
diff --git a/CargoTrackingForWooCommerce.php b/CargoTrackingForWooCommerce.php
@@ -4,7 +4,7 @@
  * Plugin Name:       Cargo Tracking for WooCommerce
  * Plugin URI:        https://ilhanaydinli.com/projeler/cargo-tracking-for-woocommerce
  * Description:       With WooCommerce cargo tracking add-on, you can add as many cargo companies as you want and follow the cargo from users and order details.
- * Version:           1.0.1
+ * Version:           1.0.2
  * Requires at least: 5.1
  * Requires PHP:      7.0
  * Author:            İlhan Aydınlı

diff --git a/app/Table/Table.php b/app/Table/Table.php
@@ -33,7 +33,7 @@ public function process_bulk_action()
                 $cargoCompanies = get_option('cargo_tracking_for_woocommerce');
                 $keys = isset($_REQUEST['key']) ? wp_parse_slug_list($_REQUEST['key']) : [];
                 foreach ($keys as $key) {
-                    unset($cargoCompanies[$key]);
+                    unset($cargoCompanies[sanitize_key($key)]);
                 }
                 update_option(
                     'cargo_tracking_for_woocommerce',
@@ -44,7 +44,7 @@ public function process_bulk_action()
             case 'edit':
                 $keys = isset($_REQUEST['key']) ? wp_parse_slug_list($_REQUEST['key']) : [];
 
-                wp_safe_redirect('admin.php?page=wc-settings&tab=cargo_tracking_for_woocommerce&section=new&key=' . $keys[0]);
+                wp_safe_redirect('admin.php?page=wc-settings&tab=cargo_tracking_for_woocommerce&section=new&key=' . sanitize_key($keys[0]));
                 break;
             default:
                 // do nothing or something else

diff --git a/app/Woocommerce/SettingsField.php b/app/Woocommerce/SettingsField.php
@@ -13,9 +13,6 @@ public function field_img($value)
     {
         $option_value = (array) \WC_Admin_Settings::get_option($value['id'],  $value['default']);
 
-        $field_description = \WC_Admin_Settings::get_field_description($value);
-        $tooltip_html      = $field_description['tooltip_html'];
-
         $default_image = plugin_dir_url(dirname(__FILE__, 2)) . 'assets/img/no-image.png';
 
         if (!empty($option_value[0])) {
@@ -26,9 +23,10 @@ public function field_img($value)
             $value2 = '';
         }
 
-?><tr valign="top">
+?>
+        <tr valign="top">
             <th scope="row" class="titledesc">
-                <label for="<?php echo esc_attr($value['id']); ?>"><?php echo esc_html($value['title']); ?> <?php echo $tooltip_html; ?></label>
+                <label for="<?php echo esc_attr($value['id']); ?>"><?php echo esc_html($value['title']); ?> <?php echo wc_help_tip($value['desc_tip']); ?></label>
             </th>
             <td class="forminp forminp-text">
 

diff --git a/composer.json b/composer.json
@@ -2,7 +2,7 @@
   "name": "ilhanaydinli/cargo_tracking_for_woocommerce",
   "type": "project",
   "description": "With WooCommerce cargo tracking add-on, you can add as many cargo companies as you want and follow the cargo from users and order details.",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "keywords": [
     "kargo takip",
     "kargo",

diff --git a/readme.txt b/readme.txt
@@ -4,7 +4,7 @@ Donate link: https://ilhanaydinli.com/
 Tags: kargo takip, kargo, woocommerce kargo takip, cargo tracking, cargo, woocommerce cargo tracking, woocommerce shipping tracking, shipping tracking, shipping
 Requires at least: 5.1
 Tested up to: 6.0
-Stable tag: 1.0.1
+Stable tag: 1.0.2
 Requires PHP: 7.0
 License: GPLv3 or later
 License URI: https://www.gnu.org/licenses/gpl-3.0.html