Skip to content

Commit

Permalink
2.6.96
Browse files Browse the repository at this point in the history 
Potential vulnerability issue was resolved.
Error of detecting bots and crawlers was resolved.
  • Loading branch information
@minimus
minimus committed Mar 26, 2015
1 parent c8c52aa commit a7dbeea
Show file tree
Hide file tree
Showing 8 changed files with 44 additions and 101 deletions.
1 change: 0 additions & 1 deletion admin.class.php
View file
Expand Up @@ -37,7 +37,6 @@ public function __construct() {

define('SAM_ACCESS', $access);

//add_action('wp_ajax_upload_ad_image', array(&$this, 'uploadHandler'));
add_action('wp_ajax_close_sam_pointer', array(&$this, 'closePointerHandler'));
add_action('admin_menu', array(&$this, 'regAdminPage'));
add_filter('tiny_mce_version', array(&$this, 'tinyMCEVersion'));
Expand Down
4 changes: 2 additions & 2 deletions editor.admin.class.php
View file
Expand Up @@ -333,13 +333,13 @@ public function page() {
$aSize = array();

if($action !== 'new') {
$row = $wpdb->get_row("SELECT id, name, description, code_before, code_after, place_size, place_custom_width, place_custom_height, patch_img, patch_link, patch_code, patch_adserver, patch_dfp, patch_source, trash FROM ".$pTable." WHERE id = ".$item, ARRAY_A);
$row = $wpdb->get_row("SELECT id, name, description, code_before, code_after, place_size, place_custom_width, place_custom_height, patch_img, patch_link, patch_code, patch_adserver, patch_dfp, patch_source, trash FROM {$pTable} WHERE id = ".$item, ARRAY_A);
if($row['place_size'] === 'custom') $aSize = $this->getAdSize($row['place_size'], $row['place_custom_width'], $row['place_custom_height']);
else $aSize = $this->getAdSize ($row['place_size']);
}
else {
if($updated) {
$row = $wpdb->get_row("SELECT id, name, description, code_before, code_after, place_size, place_custom_width, place_custom_height, patch_img, patch_link, patch_code, patch_adserver, patch_dfp, patch_source, trash FROM ".$pTable." WHERE id = ".$item, ARRAY_A);
$row = $wpdb->get_row("SELECT id, name, description, code_before, code_after, place_size, place_custom_width, place_custom_height, patch_img, patch_link, patch_code, patch_adserver, patch_dfp, patch_source, trash FROM {$pTable} WHERE id = ".$item, ARRAY_A);
if($row['place_size'] === 'custom') $aSize = $this->getAdSize($row['place_size'], $row['place_custom_width'], $row['place_custom_height']);
else $aSize = $this->getAdSize($row['place_size']);
}
Expand Down
56 changes: 0 additions & 56 deletions js/sam-admin-edit-item.js
View file
Expand Up @@ -298,62 +298,6 @@ var sam = sam || {};
plot = $.jqplot('graph', plotData, plotOptions);
});

/*var
uConsole = $('#upload-console'),
progress = $('#upload-progress'),
uploadOptions = samEditorOptions.uploader;
var uploader = new plupload.Uploader({
browse_button: 'upload-file-button',
url: uploadOptions.url + '?path=' + uploadOptions.path,
multi_selection: false,
filters: {
max_file_size : '500kb',
mime_types: [
{ title: "Image file", extensions: "jpg,jpeg,gif,png" },
{ title: "Flash file", extensions: "swf" }
]
},
init: {
PostInit: function() {
uConsole.text('');
progress.text('');
},
FilesAdded: function(up, files) {
plupload.each(files, function(file) {
uConsole.text(file.name);
});
this.start();
},
UploadProgress: function(up, file) {
progress.text(file.percent + '%');
},
UploadComplete: function(up, files) {
uConsole.text('');
progress.text('');
$('<div id="files"></div>').appendTo(srcHelp);
$("#ad_img").val(uploadOptions.adUrl + files[0].name);
$("#files").html('<p>' + options.file + ' ' + files[0].name + ' ' + options.uploaded + '</p>')
.addClass('updated')
.delay(3000)
.fadeOut(1000, function () {
$(this).remove();
});
},
Error: function(up, err) {
$('<div id="files"></div>').appendTo(srcHelp);
$('#files').html( '<p>Error(' +err.code + "): " + err.message + '</p>')
.addClass('error')
.delay(3000)
.fadeOut(1000, function () {
$(this).remove();
});
}
}
});
uploader.init();*/

// Advertiser ComboGrid
$('#adv_nick').combogrid({
url: samAjaxUrl + '?action=load_combo_data',
Expand Down
7 changes: 6 additions & 1 deletion readme.txt
View file
Expand Up @@ -4,7 +4,7 @@ Donate link: https://load.payoneer.com/LoadToPage.aspx?email=minimus@simplelib.c
Tags: ad, adbrite, adgridwork, adify, admin, adpinion, adroll, ads, adsense, adserver, advertisement, advertising, affiliate, banner, banners, chitika, cj, commercial, commission, crispads, dfp, google, income, junction, link, manager, media, money, plugin, random, referral, revenue, rotator, seo, server, shoppingads, widget, widgetbucks, yahoo, ypn
Requires at least: 3.9
Tested up to: 4.1
Stable tag: 2.5.94
Stable tag: 2.6.96
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html

Expand Down Expand Up @@ -85,6 +85,9 @@ No questions now...

== Changelog ==

= 2.6.96 =
* Potential vulnerability issue was resolved.
* Error of detecting bots and crawlers was resolved.
= 2.5.94 =
* Indexes of plugin database tables were removed
* Custom naming of classes of the plugin tags is added
Expand Down Expand Up @@ -207,6 +210,8 @@ No questions now...

== Upgrade Notice ==

= 2.6.96
Some issues with errors were resolved.
= 2.5.94 =
Some problems are solved.
= 2.4.91 =
Expand Down
14 changes: 0 additions & 14 deletions sam-ajax-admin.php
View file
Expand Up @@ -61,7 +61,6 @@ function random_string($chars = 12) {
'sam_ajax_load_users',
'sam_ajax_load_combo_data',
'sam_ajax_get_error',
'sam_ajax_upload_ad_image',
'sam_ajax_load_stats'
);
$out = array();
Expand Down Expand Up @@ -300,19 +299,6 @@ function random_string($chars = 12) {
else $out = array("status" => "error", "message" => "ID Error");
break;

case 'sam_ajax_upload_ad_image':
if(isset($_POST['path'])) {
$uploadDir = $_POST['path'];
$file = $uploadDir . basename($_FILES['uploadfile']['name']);

if ( move_uploaded_file( $_FILES['uploadfile']['tmp_name'], $file )) {
$out = array('status' => "success");
} else {
$out = array('status' => "error");
}
}
break;

default:
$out = array("status" => "error", "message" => "Error");
break;
Expand Down
13 changes: 7 additions & 6 deletions sam.class.php
View file
Expand Up @@ -74,7 +74,7 @@ class SimpleAdsManager {
);

public function __construct() {
define('SAM_VERSION', '2.5.94');
define('SAM_VERSION', '2.6.96');
define('SAM_DB_VERSION', '2.8');
define('SAM_PATH', dirname( __FILE__ ));
define('SAM_URL', plugins_url( '/', __FILE__ ) );
Expand Down Expand Up @@ -523,11 +523,12 @@ private function isCrawler() {
if($options['detectBots'] == 1) {
switch($options['detectingMode']) {
case 'inexact':
if($_SERVER["HTTP_USER_AGENT"] == '' ||
$_SERVER['HTTP_ACCEPT'] == '' ||
$_SERVER['HTTP_ACCEPT_ENCODING'] == '' ||
$_SERVER['HTTP_ACCEPT_LANGUAGE'] == '' ||
$_SERVER['HTTP_CONNECTION']=='') $crawler = true;
if(((!isset($_SERVER["HTTP_USER_AGENT"])) ? true : ($_SERVER["HTTP_USER_AGENT"] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT'])) ? true : ($_SERVER['HTTP_ACCEPT'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) ? true : ($_SERVER['HTTP_ACCEPT_ENCODING'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) ? true : ($_SERVER['HTTP_ACCEPT_LANGUAGE'] == '')) ||
((!isset($_SERVER['HTTP_CONNECTION'])) ? true : $_SERVER['HTTP_CONNECTION'] == ''))
$crawler = true;
break;

case 'exact':
Expand Down
2 changes: 1 addition & 1 deletion simple-ads-manager.php
View file
Expand Up @@ -3,7 +3,7 @@
Plugin Name: Simple Ads Manager
Plugin URI: http://www.simplelib.com/archives/wordpress-plugin-simple-ads-manager/
Description: "Simple Ads Manager" is easy to use plugin providing a flexible logic of displaying advertisements. Visit <a href="http://www.simplelib.com/">SimpleLib blog</a> for more details.
Version: 2.5.94
Version: 2.6.96
Author: minimus
Author URI: http://blogcoding.ru
*/
Expand Down
48 changes: 28 additions & 20 deletions widget.class.php
View file
Expand Up @@ -29,11 +29,13 @@ protected function isCrawler() {
if($options['detectBots'] == 1) {
switch($options['detectingMode']) {
case 'inexact':
if($_SERVER["HTTP_USER_AGENT"] == '' ||
$_SERVER['HTTP_ACCEPT'] == '' ||
$_SERVER['HTTP_ACCEPT_ENCODING'] == '' ||
$_SERVER['HTTP_ACCEPT_LANGUAGE'] == '' ||
$_SERVER['HTTP_CONNECTION']=='' || is_admin()) $crawler = true;
if(((!isset($_SERVER["HTTP_USER_AGENT"])) ? true : ($_SERVER["HTTP_USER_AGENT"] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT'])) ? true : ($_SERVER['HTTP_ACCEPT'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) ? true : ($_SERVER['HTTP_ACCEPT_ENCODING'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) ? true : ($_SERVER['HTTP_ACCEPT_LANGUAGE'] == '')) ||
((!isset($_SERVER['HTTP_CONNECTION'])) ? true : $_SERVER['HTTP_CONNECTION'] == '') ||
is_admin())
$crawler = true;
break;

case 'exact':
Expand Down Expand Up @@ -169,11 +171,13 @@ private function isCrawler() {
if($options['detectBots'] == 1) {
switch($options['detectingMode']) {
case 'inexact':
if($_SERVER["HTTP_USER_AGENT"] == '' ||
$_SERVER['HTTP_ACCEPT'] == '' ||
$_SERVER['HTTP_ACCEPT_ENCODING'] == '' ||
$_SERVER['HTTP_ACCEPT_LANGUAGE'] == '' ||
$_SERVER['HTTP_CONNECTION']=='' || is_admin()) $crawler = true;
if(((!isset($_SERVER["HTTP_USER_AGENT"])) ? true : ($_SERVER["HTTP_USER_AGENT"] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT'])) ? true : ($_SERVER['HTTP_ACCEPT'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) ? true : ($_SERVER['HTTP_ACCEPT_ENCODING'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) ? true : ($_SERVER['HTTP_ACCEPT_LANGUAGE'] == '')) ||
((!isset($_SERVER['HTTP_CONNECTION'])) ? true : $_SERVER['HTTP_CONNECTION'] == '') ||
is_admin())
$crawler = true;
break;

case 'exact':
Expand Down Expand Up @@ -306,11 +310,13 @@ private function isCrawler() {
if($options['detectBots'] == 1) {
switch($options['detectingMode']) {
case 'inexact':
if($_SERVER["HTTP_USER_AGENT"] == '' ||
$_SERVER['HTTP_ACCEPT'] == '' ||
$_SERVER['HTTP_ACCEPT_ENCODING'] == '' ||
$_SERVER['HTTP_ACCEPT_LANGUAGE'] == '' ||
$_SERVER['HTTP_CONNECTION']=='' || is_admin()) $crawler = true;
if(((!isset($_SERVER["HTTP_USER_AGENT"])) ? true : ($_SERVER["HTTP_USER_AGENT"] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT'])) ? true : ($_SERVER['HTTP_ACCEPT'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) ? true : ($_SERVER['HTTP_ACCEPT_ENCODING'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) ? true : ($_SERVER['HTTP_ACCEPT_LANGUAGE'] == '')) ||
((!isset($_SERVER['HTTP_CONNECTION'])) ? true : $_SERVER['HTTP_CONNECTION'] == '') ||
is_admin())
$crawler = true;
break;

case 'exact':
Expand Down Expand Up @@ -444,11 +450,13 @@ private function isCrawler() {
if($options['detectBots'] == 1) {
switch($options['detectingMode']) {
case 'inexact':
if($_SERVER["HTTP_USER_AGENT"] == '' ||
$_SERVER['HTTP_ACCEPT'] == '' ||
$_SERVER['HTTP_ACCEPT_ENCODING'] == '' ||
$_SERVER['HTTP_ACCEPT_LANGUAGE'] == '' ||
$_SERVER['HTTP_CONNECTION']=='' || is_admin()) $crawler = true;
if(((!isset($_SERVER["HTTP_USER_AGENT"])) ? true : ($_SERVER["HTTP_USER_AGENT"] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT'])) ? true : ($_SERVER['HTTP_ACCEPT'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) ? true : ($_SERVER['HTTP_ACCEPT_ENCODING'] == '')) ||
((!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) ? true : ($_SERVER['HTTP_ACCEPT_LANGUAGE'] == '')) ||
((!isset($_SERVER['HTTP_CONNECTION'])) ? true : $_SERVER['HTTP_CONNECTION'] == '') ||
is_admin())
$crawler = true;
break;

case 'exact':
Expand Down

0 comments on commit a7dbeea

Please sign in to comment.