Get WordPress

Plugin Directory

Changeset 3095922

Timestamp:
06/01/2024 12:23:09 AM (2 months ago)
Author:
dglingren
Message:

Fix Media/Assistant security risk and orderby=rml pagination controls.

Location:
media-library-assistant/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • media-library-assistant/trunk/includes/class-mla-core.php

    r3095389 r3095922  
    3131     * @var string
    3232     */
    33     const MLA_DEVELOPMENT_VERSION = '20240530';
     33    const MLA_DEVELOPMENT_VERSION = '2024053';
    3434
    3535    /**

  • media-library-assistant/trunk/includes/class-mla-list-table.php

    r2990225 r3095922  
    415415        // Sort arguments (from column header)
    416416        if ( isset( $_REQUEST['order'] ) ) {
    417             $field = strtolower( sanitize_text_field( wp_unslash( $_REQUEST['order'] ) ) );
     417            $field = strtolower( ) );
    418418            $submenu_arguments['order'] = ( 'desc' === $field ) ? 'desc' : 'asc';
    419419        }
    420420
    421421        if ( isset( $_REQUEST['orderby'] ) ) {
    422             foreach ( MLAQuery::$default_sortable_columns as $sortable_column ) {
    423                 if ( $sortable_column[0] === $_REQUEST['orderby'] ) {
    424                     $submenu_arguments['orderby'] = urlencode( $sortable_column[0] );
     422            if ( 'rml' === $_REQUEST['orderby'] ) {
     423                $submenu_arguments['orderby'] = 'rml';
     424            } else {
     425                foreach ( MLAQuery::$default_sortable_columns as $sortable_column ) {
     426                    if ( $sortable_column[0] === $_REQUEST['orderby'] ) {
     427                        $submenu_arguments['orderby'] = urlencode( $sortable_column[0] );
     428                    }
    425429                }
    426430            }

  • media-library-assistant/trunk/includes/class-mla-main.php

    r2998194 r3095922  
    15711571
    15721572        if ( isset( $_REQUEST['order'] ) ) {
    1573             $_GET['order'] = sanitize_text_field( wp_unslash( $_REQUEST['order'] ) );
     1573            $_GET['order'] = ;
    15741574        }
    15751575
    15761576        if ( isset( $_REQUEST['orderby'] ) ) {
    1577             $_GET['orderby'] = sanitize_text_field( wp_unslash( $_REQUEST['orderby'] ) );
     1577            $_GET['orderby'] = ( wp_unslash( $_REQUEST['orderby'] ) );
    15781578        }
    15791579

  • media-library-assistant/trunk/index.php

    r3095389 r3095922  
    1616Plugin Name: Media Library Assistant
    1717Plugin URI: http://davidlingren.com/#two
    18 Description: 20240530 Enhances the Media Library; powerful [mla_gallery] [mla_tag_cloud] [mla_term_list], taxonomy support, IPTC/EXIF/XMP/PDF processing, bulk/quick edit.
     18Description: 2024053 Enhances the Media Library; powerful [mla_gallery] [mla_tag_cloud] [mla_term_list], taxonomy support, IPTC/EXIF/XMP/PDF processing, bulk/quick edit.
    1919Version: 3.16
    2020Requires at least: 4.1

  • media-library-assistant/trunk/readme.txt

    r3095389 r3095922  
    189189
    190190= 3.17 =
     191
     192
    191193* Fix: For the `[mla_gallery]` shortcode, handling of brace-delimited array values in the `,str_replace(s,r)` format code has been corrected.
    192194* Fix: For the Media Manager Modal (popup) Window, the Enter key now triggers the MLA Enhanced Search Media function.
Note: See TracChangeset for help on using the changeset viewer.