Commit ef2abcc8 authored by Erick Hitter's avatar Erick Hitter
Browse files

v0.7.1 synched from WP.org plugins SVN

See https://plugins.trac.wordpress.org/changeset/921303
parent 9b940efc
=== WP-Cron Control ===
Contributors: tott, ethitter, automattic
Contributors: tott, ethitter, automattic, batmoo
Tags: wp-cron, cron, cron jobs, post missed schedule, scheduled posts
Donate link: http://hitchhackerguide.com
Tested up to: 3.6
Stable tag: 0.7
Requires at least: 3.4
Tested up to: 4.1
Stable tag: 0.7.1
This plugin allows you to take control over the execution of cron jobs.
......@@ -30,6 +30,11 @@ This plugin performs a `remove_action( 'sanitize_comment_cookies', 'wp_cron' );`
== ChangeLog ==
= Version 0.7.1 =
* Security hardening (better escaping, sanitization of saved values)
* Update plugin to use core's updated cron hook
= Version 0.7 =
* Remove unneeded use of `$wpdb->prepare()` that triggered PHP warnings because a second argument wasn't provided.
......
......@@ -4,8 +4,7 @@
Plugin URI: http://wordpress.org/extend/plugins/wp-cron-control/
Description: Take control of wp-cron execution.
Author: Thorsten Ott, Erick Hitter, Automattic
Version: 0.7
Author URI: http://hitchhackerguide.com
Version: 0.7.1
Text Domain: wp-cron-control
*/
......@@ -127,7 +126,7 @@ class WP_Cron_Control {
* and http://core.trac.wordpress.org/browser/trunk/wp-includes/cron.php#L258
*/
if ( 1 == $this->settings['enable'] ) {
remove_action( 'sanitize_comment_cookies', 'wp_cron' );
remove_action( 'init', 'wp_cron' );
add_action( 'init', array( &$this, 'validate_cron_request' ) );
}
......@@ -142,15 +141,38 @@ class WP_Cron_Control {
}
public function validate_settings( $settings ) {
// reset to defaults
$validated_settings = array();
if ( !empty( $_POST[ $this->dashed_name . '-defaults'] ) ) {
$settings = $this->default_settings;
// Reset to defaults
$validated_settings = $this->default_settings;
$_REQUEST['_wp_http_referer'] = add_query_arg( 'defaults', 'true', $_REQUEST['_wp_http_referer'] );
// or do some custom validations
} else {
foreach ( $this->settings_texts as $setting => $setting_info ) {
switch( $setting ) {
case 'enable':
case 'enable_scheduled_post_validation':
$validated_settings[ $setting ] = intval( $settings[ $setting ] );
if ( $validated_settings[ $setting ] > 1 || $validated_settings[ $setting ] < 0 ) {
$validated_settings[ $setting ] = $this->default_settings[ $setting ];
}
break;
case 'secret_string':
$validated_settings[ $setting ] = sanitize_text_field( $settings[ $setting ] );
if ( empty( $validated_settings[ $setting ] ) ) {
$validated_settings[ $setting ] = $this->default_settings[ $setting ];
}
break;
default:
$validated_settings[ $setting ] = sanitize_text_field( $settings[ $setting ] );
break;
}
}
}
return $settings;
return $validated_settings;
}
public function settings_page() {
......@@ -191,13 +213,13 @@ class WP_Cron_Control {
<div><input type="text" name="<?php echo $this->plugin_prefix; ?>settings[<?php echo $setting; ?>]" id="<?php echo $this->dashed_name . '-' . $setting; ?>" class="postform" value="<?php echo esc_attr( $value ); ?>" /></div>
<?php break;
case 'echo': ?>
<div><span id="<?php echo $this->dashed_name . '-' . $setting; ?>" class="postform"><?php echo esc_attr( $value ); ?></span></div>
<div><span id="<?php echo $this->dashed_name . '-' . $setting; ?>" class="postform"><?php echo esc_html( $value ); ?></span></div>
<?php break;
default: ?>
<?php echo $this->settings_texts[$setting]['type']; ?>
<?php echo esc_html( $this->settings_texts[$setting]['type'] ); ?>
<?php break;
endswitch; ?>
<?php if ( !empty( $this->settings_texts[$setting]['desc'] ) ) { echo $this->settings_texts[$setting]['desc']; } ?>
<?php if ( !empty( $this->settings_texts[$setting]['desc'] ) ) { echo wp_kses_post( $this->settings_texts[$setting]['desc'] ); } ?>
</td>
</tr>
<?php endforeach; ?>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment