diff --git a/inc/admin/add-word.php b/inc/admin/add-word.php
index 8816086..05d3eec 100644
--- a/inc/admin/add-word.php
+++ b/inc/admin/add-word.php
@@ -50,7 +50,11 @@ function mdict_add() {
<div class="mdict-lower">
<div class="mdict-alert mdict-critical mdict-text-center">
- <h3 class="mdict-key-status failed"><?php echo __('Moein Dictionary', 'mdict') . __(' » ', 'mdict') . $title ?></h3>
+ <h3 class="mdict-key-status failed"><?php
+ _e('Moein Dictionary', 'mdict');
+ _e(' » ', 'mdict');
+ echo esc_html($title)
+ ?></h3>
<p class="mdict-description">
</p>
@@ -59,18 +63,17 @@ function mdict_add() {
<div class="mdict-boxes">
<div class="mdict-box">
<form method="post">
- <input type="hidden" name="item_id" value="<?php echo $item_id ?>">
+ <input type="hidden" name="item_id" value="<?php echo esc_attr($item_id) ?>">
<div class="wrap">
<table class="form-table" role="presentation">
<tr>
<th scope="row"><label for="word"><?php _e('Word', 'mdict'); ?></label></th>
- <td><input name="word" type="text" id="word" value="<?php echo $word ?>" class="regular-text"></td>
+ <td><input name="word" type="text" id="word" value="<?php echo sanitize_text_field($word)?>" class="regular-text"></td>
</tr>
<tr>
<th scope="row"><label for="description"><?php _e('Description', 'mdict'); ?></label></th>
<td>
- <textarea class="regular-text" id="description" name="description" rows="5" cols="10"><?php echo $des ?></textarea>
-
+ <textarea class="regular-text" id="description" name="description" rows="5" cols="10"><?php echo esc_textarea($des) ?></textarea>
</td>
</tr>
</table>
@@ -145,7 +148,7 @@ function save_func() {
$data_id = $wpdb->insert_id;
do_action('mdict_word_add', $data_id, $data_array);
- $url = admin_url('admin.php?page=mdict-add&item_id=' . $data_id);
+ $url = esc_url(admin_url('admin.php?page=mdict-add&item_id=' . $data_id));
wp_redirect($url);
exit();
}
diff --git a/inc/admin/dashboard-template.php b/inc/admin/dashboard-template.php
index a9e54c7..4dc529a 100644
--- a/inc/admin/dashboard-template.php
+++ b/inc/admin/dashboard-template.php
@@ -20,14 +20,14 @@
<ul>
<li>✔ <?php printf(__('Name: %s', 'mdict'), __('Moein Dictionary(free)', 'mdict')); ?></li>
<li>✔ <?php
- echo sprintf(__('Number of available words: %s', 'mdict'), number_format($w_count));
+ printf(__('Number of available words: %s', 'mdict'), number_format($w_count));
if ($w_count < MDict_SearchTools::get_check_count())
{
- echo ' 🔔 <a href="'. admin_url('admin.php?page=mdict-data-intall').'">'.__('Install the data', 'mdict') .'</a>';
+ ?>🔔 <a href="<?php echo esc_url(admin_url('admin.php?page=mdict-data-intall')) ?>"><?php _e('Install the data', 'mdict') ?></a><?php
}
?>
</li>
- <li>✔ <?php printf(__('Version: %s', 'mdict'), MDC_PLUGIN_VERSION).' - ' .__('free version', 'mdict'); ?></li>
+ <li>✔ <?php printf(__('Version: %s', 'mdict'), MDC_PLUGIN_VERSION) . ' - ' . __('free version', 'mdict'); ?></li>
</ul>
diff --git a/inc/admin/data-template.php b/inc/admin/data-template.php
index b9d06d1..32984d6 100644
--- a/inc/admin/data-template.php
+++ b/inc/admin/data-template.php
@@ -1,8 +1,7 @@
<div id="mdict-plugin-container" class="mdict">
<div class="mdict-lower">
-
<div class="mdict-alert mdict-critical mdict-text-center">
- <h3 class="mdict-key-status failed"><?php echo __('Moein Dictionary', 'mdict') . __(' » ', 'mdict') . __('Data installation', 'mdict') ?></h3>
+ <h3 class="mdict-key-status failed"><?php _e('Moein Dictionary', 'mdict'); _e(' » ', 'mdict') ; _e('Data installation', 'mdict') ?></h3>
<p class="mdict-description">
</p>
@@ -12,7 +11,6 @@
<div class="mdict-box">
<div class="wrap">
<table class="form-table" role="presentation">
-
<?php
for ($index = 1; $index <= 8; $index++)
{
@@ -20,13 +18,13 @@
$is_installed = MDict_Import_Data::is_installed($file_name);
?>
<tr>
- <th scope="row"><label for="data_<?php echo $index ?>"><?php printf(__('Step %d', 'mdict'), $index); ?></label></th>
+ <th scope="row"><label for="data_<?php echo esc_attr($index) ?>"><?php printf(__('Part %d', 'mdict'), $index); ?></label></th>
<td>
<?php
if ($index <= 4)
{
?>
- <button <?php echo ($is_installed ? 'disabled="disabled"' : '') ?> name="data_<?php echo $index ?>" type="button" id="data_<?php echo $index ?>" data-file_name="<?php echo 'data_' . $index ?>" class="button button-primary mdict-install"><?php ($is_installed ? _e('Installed', 'mdict') : _e('Install', 'mdict')) ?></button>
+ <button <?php echo ($is_installed ? 'disabled="disabled"' : '') ?> name="data_<?php echo esc_attr($index) ?>" type="button" id="data_<?php echo esc_attr($index) ?>" data-file_name="<?php echo 'data_' . esc_attr($index) ?>" class="button button-primary mdict-install"><?php ($is_installed ? _e('Installed', 'mdict') : _e('Install', 'mdict')) ?></button>
<progress class="progress_loading" style="display: none"
indeterminate
@@ -42,7 +40,7 @@
<p>
<?php
$pro_link = '<br><a href="https://www.zhaket.com/web/moien-farhang-plugin">'.__('Go to commercial version', 'mdict').'</a>';
- printf(__('This step is only available on the commercial version. %s', 'mdict'), $pro_link);
+ printf(__('This part is only available on the commercial version. %s', 'mdict'), $pro_link);
?>
</p>
<?php
diff --git a/inc/admin/import-data.php b/inc/admin/import-data.php
index 88188d1..58759d8 100644
--- a/inc/admin/import-data.php
+++ b/inc/admin/import-data.php
@@ -22,7 +22,7 @@ function check_data_installed() {
if ($w_count < MDict_SearchTools::get_check_count())
{
$class = 'notice notice-error';
- $message = __('Moein Dictionary data is not fully installed.', 'mdict') . ' 🔔 <a href="' . admin_url('admin.php?page=mdict-data-intall') . '">' . __('Install the data', 'mdict') . '</a>';
+ $message = __('Moein Dictionary data is not fully installed.', 'mdict') . ' 🔔 <a href="' . esc_url(admin_url('admin.php?page=mdict-data-intall')) . '">' . __('Install the data', 'mdict') . '</a>';
printf('<div class="%1$s"><p>%2$s</p></div>', esc_attr($class), $message);
}
}
@@ -106,8 +106,7 @@ public static function import($file_name) {
if (mysqli_connect_errno())
{
- echo "Failed to connect to MySQL: " . mysqli_connect_error();
- exit();
+ die( "Failed to connect to MySQL: " . mysqli_connect_error());
}
$utf8 = mysqli_set_charset($con, "utf8");
diff --git a/inc/admin/settings-template.php b/inc/admin/settings-template.php
index fd74465..f0b648f 100644
--- a/inc/admin/settings-template.php
+++ b/inc/admin/settings-template.php
@@ -2,7 +2,7 @@
<div class="mdict-lower">
<div class="mdict-alert mdict-critical mdict-text-center">
- <h3 class="mdict-key-status failed"><?php echo __('Moein Dictionary', 'mdict') . __(' » ', 'mdict') . __('Settings', 'mdict') ?></h3>
+ <h3 class="mdict-key-status failed"><?php _e('Moein Dictionary', 'mdict'); _e(' » ', 'mdict'); _e('Settings', 'mdict') ?></h3>
<p class="mdict-description">
</p>
@@ -59,7 +59,7 @@
foreach ($font_options as $key => $value)
{
?>
- <option <?php selected($font_saved, $key) ?> value="<?php echo $key ?>" ><?php echo $value ?></option>
+ <option <?php selected($font_saved, $key) ?> value="<?php echo esc_attr($key) ?>" ><?php echo esc_html($value) ?></option>
<?php
}
?>
@@ -70,7 +70,7 @@
<tr>
<th scope="row"><label for="font_size"><?php _e('Font size', 'mdict'); ?></label></th>
- <td><input name="font_size" type="number" id="font_size" value="<?php echo $font_size ?>" class="small-text"> px</td>
+ <td><input name="font_size" type="number" id="font_size" value="<?php echo sanitize_text_field($font_size) ?>" class="small-text"> px</td>
</tr>
</table>
diff --git a/inc/admin/settings.php b/inc/admin/settings.php
index 3535a18..4aeecde 100644
--- a/inc/admin/settings.php
+++ b/inc/admin/settings.php
@@ -52,7 +52,7 @@ public static function custom_css() {
.mdict a.mdict-word-link,
.mdict h1.card-header
{
- font-size: <?php echo $font_size ?>px;
+ font-size: <?php echo sanitize_text_field($font_size) ?>px;
}
<?php
return ob_get_clean();
@@ -97,7 +97,7 @@ function wcpl_admin_notice__success() {
function save_func() {
$page = filter_input(INPUT_GET, 'page');
- if ('POST' != $_SERVER['REQUEST_METHOD'] || $page != 'mdict-settings')
+ if ('POST' != sanitize_text_field($_SERVER['REQUEST_METHOD']) || $page != 'mdict-settings')
{
return;
}
diff --git a/inc/admin/words-list.php b/inc/admin/words-list.php
index 58ddbdb..d64c4b0 100644
--- a/inc/admin/words-list.php
+++ b/inc/admin/words-list.php
@@ -48,7 +48,7 @@ function words_list() {
?>
<div class="wrap mdict">
<h1 class="wp-heading-inline"><?php _e('List of words', 'mdict'); ?></h1>
- <a href="<?php echo admin_url('admin.php?page=mdict-add') ?>" class="page-title-action"><?php _e('Add Word', 'mdict') ?></a>
+ <a href="<?php echo esc_url(admin_url('admin.php?page=mdict-add')) ?>" class="page-title-action"><?php _e('Add Word', 'mdict') ?></a>
<hr class="wp-header-end">
<form method="post" action="">
<?php
diff --git a/inc/admin/words-table.php b/inc/admin/words-table.php
index 96d991f..ebf1c08 100644
--- a/inc/admin/words-table.php
+++ b/inc/admin/words-table.php
@@ -19,14 +19,15 @@ function __construct() {
if (($action == 'delete') || ( $action2 == 'delete'))
{
-
-
+
+
$posted_data = filter_input_array(INPUT_POST);
if (isset($posted_data['id']))
{
$ids = implode(',', $posted_data['id']);
- $wpdb->query("DELETE FROM $table WHERE `id` IN($ids)");
+
+ $wpdb->query($wpdb->prepare("DELETE FROM `$table` WHERE `id` IN(%s)", $ids));
$count = count($posted_data['id']);
add_action('admin_notices', function () use ($count) {
@@ -85,14 +86,11 @@ function prepare_items() {
$per_page = $this->get_items_per_page('mdict_wl_per_page', 20);
$current_page = $this->get_pagenum();
+ $offset = ($current_page - 1) * $per_page;
+
$table_name = $wpdb->prefix . "pn_mdict";
- $query = "SELECT * FROM $table_name";
- $s = $_REQUEST["s"] ?? '';
- if (!empty($s))
- {
- $query = "SELECT * FROM `$table_name` Where `Word` LIKE '$s'";
- }
+ $s = isset($_REQUEST["s"]) ? sanitize_text_field($_REQUEST["s"]) : '';
$orderby = filter_input(INPUT_GET, 'orderby');
$orderby = !empty($orderby) ? esc_sql($orderby) : 'id';
@@ -100,33 +98,51 @@ function prepare_items() {
$order = filter_input(INPUT_GET, 'order');
$order = !empty($order) ? esc_sql($order) : 'ASC';
- if (!empty($orderby) & !empty($order))
+ if (!empty($s))
+ {
+ $s = esc_sql($s);
+
+ $totalitems = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `$table_name` Where `Word` LIKE '%s'", $s));
+ $totalpages = ceil($totalitems / $per_page);
+
+ if (!empty($orderby) & !empty($order))
+ {
+ $this->items = $wpdb->get_results($wpdb->prepare("SELECT * FROM `$table_name` Where `Word` LIKE '%s' ORDER BY $orderby $order LIMIT $offset, $per_page", $s));
+ }
+ else
+ {
+ $this->items = $wpdb->get_results($wpdb->prepare("SELECT * FROM `$table_name` Where `Word` LIKE '%s' LIMIT $offset, $per_page", $s));
+ }
+ }
+ else
{
- $query .= " ORDER BY $orderby $order";
+ $totalitems = $wpdb->get_var("SELECT COUNT(*) FROM `$table_name`");
+ $totalpages = ceil($totalitems / $per_page);
+
+ if (!empty($orderby) & !empty($order))
+ {
+ $this->items = $wpdb->get_results("SELECT * FROM `$table_name` ORDER BY $orderby $order LIMIT $offset, $per_page");
+ }
+ else
+ {
+ $this->items = $wpdb->get_results("SELECT * FROM `$table_name` LIMIT $offset, $per_page");
+ }
}
- $totalitems = $wpdb->query($query);
- $offset = ($current_page - 1) * $per_page;
- $totalpages = ceil($totalitems / $per_page);
- $query .= " LIMIT $offset, $per_page";
$this->set_pagination_args(array(
"total_items" => $totalitems,
"total_pages" => $totalpages,
"per_page" => $per_page,
));
- $this->items = $wpdb->get_results($query);
}
function column_Word($item) {
-
$actions = array(
- 'edit' => '<a href="' . admin_url('admin.php?page=mdict-add&item_id=' . $item->id) . '">' . __('Edit', 'mdict') . '</a>',
+ 'edit' => '<a href="' . esc_url(admin_url('admin.php?page=mdict-add&item_id=' . $item->id)) . '">' . __('Edit', 'mdict') . '</a>',
);
-
- $link = '<a href="' . admin_url('admin.php?page=mdict-add&item_id=' . $item->id) . '">' . $item->Word . '</a>';
-
+ $link = '<a href="' . esc_url(admin_url('admin.php?page=mdict-add&item_id=' . $item->id)) . '">' . esc_html($item->Word) . '</a>';
return sprintf('%1$s %2$s', '<strong>' . $link . '</strong>', $this->row_actions($actions));
}
@@ -135,8 +151,6 @@ protected function get_primary_column_name() {
}
function column_Description($item) {
-
-
return mdict_get_excerot($item->Description, 10);
}
diff --git a/inc/ajax.php b/inc/ajax.php
index 2ffb89b..a000446 100644
--- a/inc/ajax.php
+++ b/inc/ajax.php
@@ -31,27 +31,25 @@ public static function check_register()
}
public static function import_data() {
- $data_file = $_POST['data_file'] ?? null;
+
+ $data_file = filter_input(INPUT_POST, 'data_file');
if (!$data_file)
{
return false;
}
-
$res = MDict_Import_Data::import($data_file);
- echo wp_send_json($res);
- wp_die();
+ wp_send_json($res);
}
public static function search_word() {
- $word = $_POST['word'] ?? null;
+ $word = filter_input(INPUT_POST, 'word');
if (!$word)
{
return false;
}
$result = MDict_SearchTools::search_ajax($word);
- echo wp_send_json(array('res' => 1, 'data' => $result));
- wp_die();
+ wp_send_json(array('res' => 1, 'data' => $result));
}
}
diff --git a/inc/pagination/Pagination.class.php b/inc/pagination/Pagination.class.php
index f54bb10..dc04761 100644
--- a/inc/pagination/Pagination.class.php
+++ b/inc/pagination/Pagination.class.php
@@ -2,45 +2,6 @@
/**
* Pagination
- *
- * Supplies an API for setting pagination details, and renders the resulting
- * pagination markup (html) through the included render.inc.php file.
- *
- * @note The SEO methods (canonical/rel) were written following Google's
- * suggested patterns. Namely, the canoical url excludes any
- * peripheral parameters that don't relate to the pagination
- * series. Whereas the prev/next rel link tags include any params
- * found in the request.
- * @author Oliver Nassar <onassar@gmail.com>
- * @todo add setter parameter type and range checks w/ exceptions
- * @example
- * <code>
- * // source inclusion
- * require_once APP . '/vendors/PHP-Pagination/Pagination.class.php';
- *
- * // determine page (based on <_GET>)
- * $page = isset($_GET['page']) ? ((int) $_GET['page']) : 1;
- *
- * // instantiate with page and records as constructor parameters
- * $pagination = (new Pagination($page, 200));
- * $markup = $pagination->parse();
- * </code>
- * @example
- * <code>
- * // source inclusion
- * require_once APP . '/vendors/PHP-Pagination/Pagination.class.php';
- *
- * // determine page (based on <_GET>)
- * $page = isset($_GET['page']) ? ((int) $_GET['page']) : 1;
- *
- * // instantiate; set current page; set number of records
- * $pagination = (new Pagination());
- * $pagination->setCurrent($page);
- * $pagination->setTotal(200);
- *
- * // grab rendered/parsed pagination markup
- * $markup = $pagination->parse();
- * </code>
*/
class Pagination
{
diff --git a/inc/pagination/render.inc.php b/inc/pagination/render.inc.php
index ba485a6..9d740a7 100644
--- a/inc/pagination/render.inc.php
+++ b/inc/pagination/render.inc.php
@@ -16,7 +16,7 @@
if ($pages > 1 || $alwaysShowPagination === true)
{
?>
- <ul class="<?php echo implode(' ', $classes) ?>">
+ <ul class="<?php echo esc_attr(implode(' ', $classes)) ?>">
<?php
/**
* Previous Link
@@ -39,7 +39,7 @@
array_push($classes, 'disabled');
}
?>
- <li class="page-item <?php echo implode(' ', $classes) ?>"><a class="page-link" href="<?php echo esc_url($href_first) ?>"><?php echo ($first) ?></a></li>
+ <li class="page-item <?php echo esc_attr(implode(' ', $classes)) ?>"><a class="page-link" href="<?php echo esc_url($href_first) ?>"><?php echo esc_html($first) ?></a></li>
<?php
$classes = array('copy', 'previous');
@@ -58,7 +58,7 @@
}
?>
- <li class="page-item <?php echo implode(' ', $classes) ?>"><a class="page-link" href="<?php echo esc_url($href) ?>"><?php echo ($previous) ?></a></li>
+ <li class="page-item <?php echo esc_attr( implode(' ', $classes)) ?>"><a class="page-link" href="<?php echo esc_url($href) ?>"><?php echo esc_html($previous) ?></a></li>
<?php
/**
* if this isn't a clean output for pagination (eg. show numerical
@@ -108,13 +108,13 @@
$href
);
?>
- <li class="page-item"><a class="page-link" data-pagenumber="<?php echo ($current + $x - $leading) ?>" href="<?php echo esc_url($href) ?>"><?php echo ($current + $x - $leading) ?></a></li>
+ <li class="page-item"><a class="page-link" data-pagenumber="<?php echo esc_attr($current + $x - $leading) ?>" href="<?php echo esc_url($href) ?>"><?php echo esc_html($current + $x - $leading) ?></a></li>
<?php
}
// print current page
?>
- <li class="page-item active"><a class="page-link" data-pagenumber="<?php echo ($current) ?>" href="#"><?php echo ($current) ?></a></li>
+ <li class="page-item active"><a class="page-link" data-pagenumber="<?php echo esc_attr($current) ?>" href="#"><?php echo esc_html($current) ?></a></li>
<?php
// generate/render trailing crumbs
for ($x = 0; $x < $trailing; ++$x)
@@ -130,7 +130,7 @@
$href
);
?>
- <li class="page-item"><a class="page-link" data-pagenumber="<?php echo ($current + $x + 1) ?>" href="<?php echo esc_url($href) ?>"><?php echo ($current + $x + 1) ?></a></li>
+ <li class="page-item"><a class="page-link" data-pagenumber="<?php echo esc_attr($current + $x + 1) ?>" href="<?php echo esc_url($href) ?>"><?php echo esc_html($current + $x + 1) ?></a></li>
<?php
}
}
@@ -163,9 +163,9 @@
$href_last
);
?>
- <li class="page-item <?php echo implode(' ', $classes) ?>"><a class="page-link" href="<?php echo esc_url($href) ?>"><?php echo ($next) ?></a></li>
+ <li class="page-item <?php echo esc_attr(implode(' ', $classes)) ?>"><a class="page-link" href="<?php echo esc_url($href) ?>"><?php echo esc_html($next) ?></a></li>
- <li class="page-item <?php echo implode(' ', $classes) ?>"><a class="page-link" href="<?php echo esc_url($href_last) ?>"><?php echo ($last) ?></a></li>
+ <li class="page-item <?php echo esc_attr(implode(' ', $classes)) ?>"><a class="page-link" href="<?php echo esc_url($href_last) ?>"><?php echo esc_html($last) ?></a></li>
</ul>
<?php
diff --git a/inc/search-tool.php b/inc/search-tool.php
index 7e17c09..aedcc4a 100644
--- a/inc/search-tool.php
+++ b/inc/search-tool.php
@@ -45,33 +45,36 @@ public static function search($word, $sb = 1) {
$offset = ($current_page - 1) * $per_page;
$where = "";
$order_by = "`Word` ASC";
-
+ $query_total = 0;
+ $query_res = null;
+
if (!empty($word))
{
if ($sb == 1)
{
- $where .= "Where `Word` LIKE '%$word%'";
- $order_by = "LOCATE('$word', Word), `Word` ASC";
+ $where .= "Where `Word` LIKE '%s'";
+ $order_by = "LOCATE('%s', Word), `Word` ASC";
+
+ $query_total = $wpdb->prepare("SELECT COUNT(*) FROM `$table` $where", "%$word%");
+ $query_res = $wpdb->prepare("SELECT * FROM `$table` $where ORDER BY $order_by LIMIT $offset , $per_page", "%$word%", $word);
}
else
{
- if (!empty($where))
- {
- $where .= " AND";
- }
- else
- {
- $where .= "Where";
- }
- $where .= " `Description` LIKE '%$word%'";
+
+ $where .= "Where `Description` LIKE '%s'";
$order_by = "`Word` ASC";
+
+ $query_total = $wpdb->prepare("SELECT COUNT(*) FROM `$table` $where", "%$word%");
+ $query_res = $wpdb->prepare("SELECT * FROM `$table` $where ORDER BY $order_by LIMIT $offset , $per_page", "%$word%");
}
}
+ else
+ {
+ $query_total = "SELECT COUNT(*) FROM `$table`";
+ $query_res = "SELECT * FROM `$table` ORDER BY $order_by LIMIT $offset , $per_page";
+ }
- $query_total = "SELECT COUNT(*) FROM `$table` $where";
- $query_res = "SELECT * FROM `$table` $where ORDER BY $order_by LIMIT $offset , $per_page";
-
$total_items = $wpdb->get_var($query_total);
$data = $wpdb->get_results($query_res);
@@ -82,7 +85,7 @@ public static function search_ajax($word) {
global $wpdb;
$word = esc_sql($word);
$table = $wpdb->prefix . "pn_mdict";
- $query_res = "SELECT `id`, `Word` FROM `$table` WHERE `Word` LIKE '%$word%' ORDER BY LOCATE('$word', Word), `Word` ASC LIMIT 20";
+ $query_res = $wpdb->prepare("SELECT `id`, `Word` FROM `$table` WHERE `Word` LIKE '%s' ORDER BY LOCATE('%s', Word), `Word` ASC LIMIT 20", "%$word%", $word);
$data = $wpdb->get_results($query_res, ARRAY_A);
return $data;
}
diff --git a/inc/templates/description.php b/inc/templates/description.php
index 9fcc1f2..1861b8e 100644
--- a/inc/templates/description.php
+++ b/inc/templates/description.php
@@ -2,7 +2,7 @@
<div class="col-12 mdic-description">
<div class="row">
<div class="col-sm-11">
- <h1 class="text-justify"><?php echo $word_item->Word ?></h1>
+ <h1 class="text-justify"><?php echo esc_html($word_item->Word) ?></h1>
</div>
<div class="col-sm-1 m-t-2 pull-left">
<a class="btn print-btn btn-lg bg-purple mdict-print no-print" title="<?php _e('Print', 'mdict') ?>"></a>
@@ -11,8 +11,8 @@
<div class="content text-justify">
<?php
- $des = ($word_item->Description);
- echo wpautop($des);
+ $des = $word_item->Description;
+ echo wp_kses( wpautop($des), 'post');
?>
</div>
diff --git a/inc/templates/searchbox.php b/inc/templates/searchbox.php
index 250ce89..86db4d5 100644
--- a/inc/templates/searchbox.php
+++ b/inc/templates/searchbox.php
@@ -1,12 +1,9 @@
<div class="bootstrap-iso rtl mdict">
<div class="col-12">
<div class="grid-view">
-
<div class="card mb-2">
-
<div class="card-body pb-0">
<div class="card-title text-center border-bottom"><?php _e('Word search', 'mdict'); ?></div>
-
<form method="get" class="pt-1 pb-1 mb-1">
<div class="form-row centered">
<div class="form-group col-md-6">
@@ -31,7 +28,7 @@
<div class="card mb-2">
<h1 class="card-header h6">
- <?php echo $word_w ? sprintf(__('Searching for the meaning of %s', 'mdict'), '<b>' . $word_w . '</b>') : __('List of words', 'mdict'); ?> <span class="float-left">(<?php _e('Total:', 'mdict'); ?> <?php echo number_format($total) ?>)</span>
+ <?php $word_w ? printf(__('Searching for the meaning of %s', 'mdict'), '<b>' . $word_w . '</b>') : _e('List of words', 'mdict'); ?> <span class="float-left">(<?php _e('Total:', 'mdict'); ?> <?php echo number_format_i18n($total) ?>)</span>
</h1>
<div class="card-body p-4 words-items">
<?php
@@ -46,23 +43,27 @@
$word_url = add_query_arg(array('wid' => $word_item->id), $current_page_url);
?>
<div class="border-bottom p-2">
- <h2 class="font-weight-bold h6"><a class="mdict-word-link" href="<?php echo $word_url ?>"><?php echo $word_item->Word ?></a></h2>
+ <h2 class="font-weight-bold h6"><a class="mdict-word-link" href="<?php echo esc_url($word_url) ?>"><?php echo esc_html($word_item->Word) ?></a></h2>
<div class="detail">
<?php
$des = mdict_get_excerot($word_item->Description);
- echo wpautop($des);
+ echo wp_kses( wpautop($des), 'post');
?>
</div>
</div>
<?php
}
-
- echo '<br>';
- echo mdict_pagination($total, MDict_SearchTools::get_pagenum(), MDict_SearchTools::get_perpage());
+ ?>
+ <br>
+ <?php
+ $pg = mdict_pagination($total, MDict_SearchTools::get_pagenum(), MDict_SearchTools::get_perpage());
+ echo wp_kses($pg, 'post');
}
else
{
- echo '<p>' . __('Nothing found!', 'mdict') . '</p>';
+ ?>
+ <p><?php _e('Nothing found!', 'mdict'); ?></p>
+ <?php
}
?>
</div>
diff --git a/lang/mdict-fa_IR.mo b/lang/mdict-fa_IR.mo
index 865cdc9..1564920 100644
Binary files a/lang/mdict-fa_IR.mo and b/lang/mdict-fa_IR.mo differ
diff --git a/lang/mdict-fa_IR.po b/lang/mdict-fa_IR.po
index 3877806..0fee4b7 100644
--- a/lang/mdict-fa_IR.po
+++ b/lang/mdict-fa_IR.po
@@ -1,8 +1,8 @@
msgid ""
msgstr ""
"Project-Id-Version: Moein Dictionary\n"
-"POT-Creation-Date: 2022-12-12 15:19+0330\n"
-"PO-Revision-Date: 2022-12-12 15:19+0330\n"
+"POT-Creation-Date: 2022-12-16 15:04+0330\n"
+"PO-Revision-Date: 2022-12-16 15:04+0330\n"
"Last-Translator: \n"
"Language-Team: \n"
"Language: fa_IR\n"
@@ -25,48 +25,48 @@ msgstr ""
msgid "Add/Edit Word"
msgstr "افزودن/ویرایش واژه"
-#: inc/admin/add-word.php:20 inc/admin/add-word.php:42
+#: inc/admin/add-word.php:20 inc/admin/add-word.php:45
#: inc/admin/words-list.php:51
msgid "Add Word"
msgstr "افزودن واژه"
-#: inc/admin/add-word.php:35
+#: inc/admin/add-word.php:38
msgid "Edit Word"
msgstr "ویرایش واژه"
-#: inc/admin/add-word.php:50 inc/admin/dashboard.php:18
-#: inc/admin/dashboard.php:19 inc/admin/data-template.php:5
+#: inc/admin/add-word.php:54 inc/admin/dashboard.php:18
+#: inc/admin/dashboard.php:19 inc/admin/data-template.php:4
#: inc/admin/settings-template.php:5
msgid "Moein Dictionary"
msgstr "فرهنگ معین"
-#: inc/admin/add-word.php:50 inc/admin/data-template.php:5
+#: inc/admin/add-word.php:55 inc/admin/data-template.php:4
#: inc/admin/settings-template.php:5
msgid " » "
msgstr ""
-#: inc/admin/add-word.php:63 inc/admin/words-table.php:9
-#: inc/admin/words-table.php:57
+#: inc/admin/add-word.php:70 inc/admin/words-table.php:9
+#: inc/admin/words-table.php:62
msgid "Word"
msgstr "واژه"
-#: inc/admin/add-word.php:67 inc/admin/words-table.php:60
+#: inc/admin/add-word.php:74 inc/admin/words-table.php:63
msgid "Description"
msgstr "شرح"
-#: inc/admin/add-word.php:75 inc/admin/settings-template.php:83
+#: inc/admin/add-word.php:81 inc/admin/settings-template.php:78
msgid "Save"
msgstr "ذخیره"
-#: inc/admin/add-word.php:90
+#: inc/admin/add-word.php:96
msgid "The word must not be empty!"
msgstr "واژه نباید خالی باشد!"
-#: inc/admin/add-word.php:108 inc/admin/settings.php:107
+#: inc/admin/add-word.php:114 inc/admin/settings.php:106
msgid "You do not have permission to access this section!"
msgstr "شما مجوز دسترسی به این بخش را ندارید!"
-#: inc/admin/add-word.php:108 inc/admin/settings.php:107
+#: inc/admin/add-word.php:114 inc/admin/settings.php:106
msgid "Error!"
msgstr "خطا!"
@@ -93,7 +93,7 @@ msgstr "فرهنگ معین(رایگان)"
msgid "Number of available words: %s"
msgstr "تعداد واژههای موجود: %s"
-#: inc/admin/dashboard-template.php:26 inc/admin/import-data.php:24
+#: inc/admin/dashboard-template.php:26 inc/admin/import-data.php:25
msgid "Install the data"
msgstr "دادهها را نصب کنید"
@@ -129,46 +129,46 @@ msgstr "از کد کوتاه زیر داخل محتوای برگهها است
msgid "You can also use shortcode inside php codes:"
msgstr "همچنین میتوانید از کد کوتاه زیر درون کدهای php استفاده کنید:"
-#: inc/admin/data-template.php:5 inc/admin/import-data.php:34
-#: inc/admin/import-data.php:35
+#: inc/admin/data-template.php:4 inc/admin/import-data.php:35
+#: inc/admin/import-data.php:36
msgid "Data installation"
msgstr "نصب دادهها"
-#: inc/admin/data-template.php:23
+#: inc/admin/data-template.php:21
#, php-format
-msgid "Step %d"
-msgstr "مرحله %d"
+msgid "Part %d"
+msgstr "قسمت %d"
-#: inc/admin/data-template.php:29 inc/functions.php:62
+#: inc/admin/data-template.php:27 inc/functions.php:82
msgid "Installed"
msgstr "نصب شده"
-#: inc/admin/data-template.php:29 inc/functions.php:64
+#: inc/admin/data-template.php:27 inc/functions.php:84
msgid "Install"
msgstr "نصب"
-#: inc/admin/data-template.php:36
+#: inc/admin/data-template.php:34
msgid "Please be patient. This may take a minute or more."
msgstr "لطفاً صبور باشید. ممکن است یک یا چند دقیقه طول بکشد."
-#: inc/admin/data-template.php:44
+#: inc/admin/data-template.php:42
msgid "Go to commercial version"
msgstr "برو به نسخه تجاری"
-#: inc/admin/data-template.php:45
+#: inc/admin/data-template.php:43
#, php-format
-msgid "This step is only available on the commercial version. %s"
-msgstr "این مرحله فقط بر روی نسخه تجاری در دسترس است. %s"
+msgid "This part is only available on the commercial version. %s"
+msgstr "این قسمت فقط بر روی نسخه تجاری در دسترس است. %s"
-#: inc/admin/import-data.php:24
+#: inc/admin/import-data.php:25
msgid "Moein Dictionary data is not fully installed."
-msgstr "داده های فرهنگ لغت معین به طور کامل نصب نشده است."
+msgstr "دادههای فرهنگ لغت معین به طور کامل نصب نشده است."
-#: inc/admin/import-data.php:43
+#: inc/admin/import-data.php:44
msgid "Dashboard"
msgstr "پیشخوان"
-#: inc/admin/import-data.php:90
+#: inc/admin/import-data.php:91
msgid "It is already installed."
msgstr "قبلاً نصب شده است."
@@ -176,8 +176,8 @@ msgstr "قبلاً نصب شده است."
msgid "Data not found!"
msgstr "دادهها یافت نشد!"
-#: inc/admin/settings-template.php:5 inc/admin/settings.php:77
-#: inc/admin/settings.php:78
+#: inc/admin/settings-template.php:5 inc/admin/settings.php:76
+#: inc/admin/settings.php:77
msgid "Settings"
msgstr "تنظیمات"
@@ -193,19 +193,19 @@ msgstr "وزیر"
msgid "Vazir(Persian number)"
msgstr "وزیر(شماره فارسی)"
-#: inc/admin/settings-template.php:34
+#: inc/admin/settings-template.php:31
msgid "Dictionary page"
msgstr "برگه فرهنگ لغت"
-#: inc/admin/settings-template.php:50
+#: inc/admin/settings-template.php:45
msgid "Word meaning tooltip"
msgstr "ابزار معنی واژه"
-#: inc/admin/settings-template.php:52
+#: inc/admin/settings-template.php:47
msgid "Active"
msgstr "فعالسازی"
-#: inc/admin/settings-template.php:55
+#: inc/admin/settings-template.php:50
msgid ""
"By activating this option, the meaning tooltip will be displayed after "
"selecting the word on the site."
@@ -213,15 +213,15 @@ msgstr ""
"با فعال کردن این گزینه پس از انتخاب واژه، ابزار نمایش معنی در سایت نمایش "
"داده خواهد شد."
-#: inc/admin/settings-template.php:59
+#: inc/admin/settings-template.php:54
msgid "Font"
msgstr "قلم"
-#: inc/admin/settings-template.php:76
+#: inc/admin/settings-template.php:71
msgid "Font size"
msgstr "اندازه فونت"
-#: inc/admin/settings.php:93
+#: inc/admin/settings.php:92
msgid "Settings saved successfully."
msgstr "تنظیمات با موفقیت ذخیره شد."
@@ -233,36 +233,36 @@ msgstr "لیست واژهها"
msgid "Words"
msgstr "واژهها"
-#: inc/admin/words-list.php:50 inc/templates/searchbox.php:55
+#: inc/admin/words-list.php:50 inc/templates/searchbox.php:31
msgid "List of words"
msgstr "لیست واژهها"
-#: inc/admin/words-list.php:56
+#: inc/admin/words-list.php:55
msgid "Search word"
msgstr "جستجوی لغت"
-#: inc/admin/words-table.php:31
+#: inc/admin/words-table.php:36
#, php-format
msgid "%d item(s) were removed."
msgstr "%d مورد حذف شد."
-#: inc/admin/words-table.php:39
+#: inc/admin/words-table.php:44
msgid "Please select one or more."
msgstr "لطفاً موردی را انتخاب کنید."
-#: inc/admin/words-table.php:51 inc/templates/searchbox.php:85
+#: inc/admin/words-table.php:56 inc/templates/searchbox.php:65
msgid "Nothing found!"
msgstr "موردی یافت نشد!"
-#: inc/admin/words-table.php:61
+#: inc/admin/words-table.php:64
msgid "ID"
msgstr "شناسه"
-#: inc/admin/words-table.php:74
+#: inc/admin/words-table.php:77
msgid "Delete"
msgstr "حذف"
-#: inc/admin/words-table.php:120
+#: inc/admin/words-table.php:143
msgid "Edit"
msgstr "ویرایش"
@@ -282,31 +282,31 @@ msgstr "اولی"
msgid "Last"
msgstr "آخری"
-#: inc/functions.php:35
+#: inc/functions.php:39
msgid "Search for words in the dictionary"
msgstr "جستجوی واژه در فرهنگ لغت"
-#: inc/functions.php:36
+#: inc/functions.php:40
msgid "Meaning"
msgstr "معنی"
-#: inc/functions.php:63
+#: inc/functions.php:83
msgid "Installing"
msgstr "در حال نصب"
-#: inc/functions.php:65
+#: inc/functions.php:85
msgid "Plugin license registration successful."
msgstr "ثبت لایسنس افزونه با موفقیت انجام شد."
-#: inc/functions.php:66
+#: inc/functions.php:86
msgid "Error: The request failed!"
msgstr "خطا: درخواست با شکست مواجه شد!"
-#: inc/functions.php:67
+#: inc/functions.php:87
msgid "Error: "
msgstr "خطا: "
-#: inc/functions.php:68
+#: inc/functions.php:88
msgid "Please enter the activation code!"
msgstr "لطفا کد فعال سازی را وارد کنید!"
@@ -314,36 +314,36 @@ msgstr "لطفا کد فعال سازی را وارد کنید!"
msgid "Moein dictionary"
msgstr "فرهنگ معین"
-#: inc/templates/description.php:15
+#: inc/templates/description.php:8
msgid "Print"
msgstr "چاپ"
-#: inc/templates/searchbox.php:29
+#: inc/templates/searchbox.php:6
msgid "Word search"
msgstr "جستجوی واژه"
-#: inc/templates/searchbox.php:35
+#: inc/templates/searchbox.php:11
msgid "Enter a word"
msgstr "واژه مورد نظر را وارد کنید"
-#: inc/templates/searchbox.php:40
+#: inc/templates/searchbox.php:16
msgid "Search in words"
msgstr "جستجو در واژهها"
-#: inc/templates/searchbox.php:41
+#: inc/templates/searchbox.php:17
msgid "Search in the meaning of words"
msgstr "جستجو در معنای واژهها"
-#: inc/templates/searchbox.php:45
+#: inc/templates/searchbox.php:21
msgid "Search"
msgstr "جستجو"
-#: inc/templates/searchbox.php:55
+#: inc/templates/searchbox.php:31
#, php-format
msgid "Searching for the meaning of %s"
msgstr "جستجوی معنی %s"
-#: inc/templates/searchbox.php:55
+#: inc/templates/searchbox.php:31
msgid "Total:"
msgstr "تعداد کل:"
@@ -363,6 +363,10 @@ msgstr "ham3da"
msgid "https://ham3da.ir"
msgstr ""
+#, php-format
+#~ msgid "Step %d"
+#~ msgstr "مرحله %d"
+
#~ msgid "License"
#~ msgstr "لایسنس"
diff --git a/moein-dictionary-free.php b/moein-dictionary-free.php
index 7ae33c8..4658570 100644
--- a/moein-dictionary-free.php
+++ b/moein-dictionary-free.php
@@ -2,7 +2,7 @@
/*
Plugin Name: Moein Dictionary(free)
Description: Moein Persian dictionary(free version)
- Version: 1.4.0
+ Version: 1.4.1
Author: ham3da
Plugin URI: https://wordpress.org/plugins/moein-dictionary-free
Author URI: https://ham3da.ir
@@ -17,7 +17,7 @@
die("Access denied!");
}
-define('MDC_PLUGIN_VERSION', '1.4.0');
+define('MDC_PLUGIN_VERSION', '1.4.1');
define('MDC_PLUGIN_FILE', __FILE__);
define('MDC_PLUGIN_DIR', plugin_dir_path(__FILE__));
define('MDC_PLUGIN_URL', plugin_dir_url(__FILE__));
diff --git a/readme.txt b/readme.txt
index 0031911..726c9e1 100644
--- a/readme.txt
+++ b/readme.txt
@@ -3,7 +3,7 @@ Contributors: ham3da
Tags: dictionary, moein, moein dictionary, persian dictionary, persian, farsi, persian to persian
Requires at least: 5.0
Tested up to: 6.1.1
-Stable tag: 1.4.0
+Stable tag: 1.4.1
Requires PHP: 7.2
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -35,8 +35,11 @@ Major features in Moein Dictionary include:
3. Use the `[mdict_search]` shortcode to display the dictionary search engine on your desired page or template.
== Changelog ==
-= 1.4.0 =
+= 1.4.1 =
+* Optimization and cleaning
+
+= 1.4.0 =
* Redesign of the dictionary search form
= 1.3.0 =