Below is a differential between the unpatched vulnerable code and the patched update, for reference.
--- a/yet-another-stars-rating/includes/classes/YasrSettingsValues.php
+++ b/yet-another-stars-rating/includes/classes/YasrSettingsValues.php
@@ -81,17 +81,17 @@
$options['show_visitor_votes_in_loop'] = 'disabled';
$options['visitors_stats'] = 'yes';
$options['allowed_user'] = 'allow_anonymous';
- $options['text_before_overall'] = esc_html__('Our Score', 'yet-another-stars-rating');
- $options['text_before_visitor_rating'] = esc_html__('Click to rate this post!', 'yet-another-stars-rating');
+ $options['text_before_overall'] = 'Our Score';
+ $options['text_before_visitor_rating'] = 'Click to rate this post!';
$options['text_after_visitor_rating'] = sprintf(
- esc_html__('[Total: %s Average: %s]', 'yet-another-stars-rating'),
+ '[Total: %s Average: %s]',
'%total_count%', '%average%'
);
- $options['custom_text_rating_saved'] = esc_html__('Rating saved!', 'yet-another-stars-rating');
- $options['custom_text_rating_updated'] = esc_html__('Rating updated!', 'yet-another-stars-rating');
- $options['custom_text_user_voted'] =
- esc_html__('You have already voted for this article with rating ', 'yet-another-stars-rating') . '%rating%';
- $options['custom_text_must_sign_in'] = esc_html__('You must sign in to vote', 'yet-another-stars-rating');
+
+ $options['custom_text_rating_saved'] = 'Rating saved!';
+ $options['custom_text_rating_updated'] = 'Rating updated!';
+ $options['custom_text_user_voted'] = 'You have already voted for this article with rating ';
+ $options['custom_text_must_sign_in'] = 'You must sign in to vote';
$options['snippet_itemtype'] = 'Product';
$options['publisher'] = 'Organization';
$options['publisher_name'] = get_bloginfo('name');
--- a/yet-another-stars-rating/includes/yasr-includes-defines.php
+++ b/yet-another-stars-rating/includes/yasr-includes-defines.php
@@ -36,7 +36,8 @@
//Since version 3.3.0 the defines are inside a file, instead of a class, for better support PHPStorm auto-completion
//https://youtrack.jetbrains.com/issue/WI-11390/Make-define-Constants-from-inside-methods-available-for-completion-everywhere.
-$settings = new YasrSettingsValues();
+
+$settings = new YasrSettingsValues();
$yasr_general_settings = $settings->getGeneralSettings();
$style_options = $settings->getStyleSettings();
$multi_set_options = $settings->getMultiSettings();
@@ -131,5 +132,5 @@
*/
//Text for button in settings pages
-$save_settings_text = esc_html__('Save All Settings', 'yet-another-stars-rating');
+$save_settings_text = 'Save All Settings';
define('YASR_SAVE_All_SETTINGS_TEXT', $save_settings_text);
--- a/yet-another-stars-rating/includes/yasr-includes-init.php
+++ b/yet-another-stars-rating/includes/yasr-includes-init.php
@@ -67,6 +67,7 @@
//AutoLoad Yasr Classes, only when a object is created
spl_autoload_register('yasr_autoload_includes_classes');
+
//do defines
require YASR_ABSOLUTE_PATH_INCLUDES . '/yasr-includes-defines.php';
@@ -87,4 +88,4 @@
$yasr_init_ajax->init();
//Load rest API
-require YASR_ABSOLUTE_PATH_INCLUDES . '/rest/yasr-rest.php';
No newline at end of file
+require YASR_ABSOLUTE_PATH_INCLUDES . '/rest/yasr-rest.php';
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/class-freemius.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/class-freemius.php
@@ -110,6 +110,12 @@
private $_enable_anonymous = true;
/**
+ * @since 2.9.1
+ * @var string|null Hints the SDK whether the plugin supports parallel activation mode, preventing the auto-deactivation of the free version when the premium version is activated, and vice versa.
+ */
+ private $_premium_plugin_basename_from_parallel_activation;
+
+ /**
* @since 1.1.7.5
* @var bool Hints the SDK if plugin should run in anonymous mode (only adds feedback form).
*/
@@ -1651,6 +1657,31 @@
);
}
}
+
+ if (
+ $this->is_user_in_admin() &&
+ $this->is_parallel_activation() &&
+ $this->_premium_plugin_basename !== $this->_premium_plugin_basename_from_parallel_activation
+ ) {
+ $this->_premium_plugin_basename = $this->_premium_plugin_basename_from_parallel_activation;
+
+ register_activation_hook(
+ dirname( $this->_plugin_dir_path ) . '/' . $this->_premium_plugin_basename,
+ array( &$this, '_activate_plugin_event_hook' )
+ );
+ }
+ }
+
+ /**
+ * Determines if a plugin is running in parallel activation mode.
+ *
+ * @author Leo Fajardo (@leorw)
+ * @since 2.9.1
+ *
+ * @return bool
+ */
+ private function is_parallel_activation() {
+ return ! empty( $this->_premium_plugin_basename_from_parallel_activation );
}
/**
@@ -5155,11 +5186,35 @@
$this->_plugin :
new FS_Plugin();
+ $is_premium = $this->get_bool_option( $plugin_info, 'is_premium', true );
$premium_suffix = $this->get_option( $plugin_info, 'premium_suffix', '(Premium)' );
+ $module_type = $this->get_option( $plugin_info, 'type', $this->_module_type );
+
+ $parallel_activation = $this->get_option( $plugin_info, 'parallel_activation' );
+
+ if (
+ ! $is_premium &&
+ is_array( $parallel_activation ) &&
+ ( WP_FS__MODULE_TYPE_PLUGIN === $module_type ) &&
+ $this->get_bool_option( $parallel_activation, 'enabled' )
+ ) {
+ $premium_basename = $this->get_option( $parallel_activation, 'premium_version_basename' );
+
+ if ( empty( $premium_basename ) ) {
+ throw new Exception('You need to specify the premium version basename to enable parallel version activation.');
+ }
+
+ $this->_premium_plugin_basename_from_parallel_activation = $premium_basename;
+
+ if ( is_plugin_active( $premium_basename ) ) {
+ $is_premium = true;
+ }
+ }
+
$plugin->update( array(
'id' => $id,
- 'type' => $this->get_option( $plugin_info, 'type', $this->_module_type ),
+ 'type' => $module_type,
'public_key' => $public_key,
'slug' => $this->_slug,
'premium_slug' => $this->get_option( $plugin_info, 'premium_slug', "{$this->_slug}-premium" ),
@@ -5167,7 +5222,7 @@
'version' => $this->get_plugin_version(),
'title' => $this->get_plugin_name( $premium_suffix ),
'file' => $this->_plugin_basename,
- 'is_premium' => $this->get_bool_option( $plugin_info, 'is_premium', true ),
+ 'is_premium' => $is_premium,
'premium_suffix' => $premium_suffix,
'is_live' => $this->get_bool_option( $plugin_info, 'is_live', true ),
'affiliate_moderation' => $this->get_option( $plugin_info, 'has_affiliation' ),
@@ -5236,7 +5291,14 @@
$this->_anonymous_mode = false;
} else {
$this->_enable_anonymous = $this->get_bool_option( $plugin_info, 'enable_anonymous', true );
- $this->_anonymous_mode = $this->get_bool_option( $plugin_info, 'anonymous_mode', false );
+ $this->_anonymous_mode = (
+ $this->get_bool_option( $plugin_info, 'anonymous_mode', false ) ||
+ (
+ $this->apply_filters( 'playground_anonymous_mode', true ) &&
+ ! empty( $_SERVER['HTTP_HOST'] ) &&
+ FS_Site::is_playground_wp_environment_by_host( $_SERVER['HTTP_HOST'] )
+ )
+ );
}
$this->_permissions = $this->get_option( $plugin_info, 'permissions', array() );
$this->_is_bundle_license_auto_activation_enabled = $this->get_option( $plugin_info, 'bundle_license_auto_activation', false );
@@ -5444,7 +5506,7 @@
if ( $this->is_registered() ) {
// Schedule code type changes event.
- $this->schedule_install_sync();
+ $this->maybe_schedule_install_sync_cron();
}
/**
@@ -6508,6 +6570,33 @@
}
/**
+ * Instead of running blocking install sync event, execute non blocking scheduled cron job.
+ *
+ * @param int $except_blog_id Since 2.0.0 when running in a multisite network environment, the cron execution is consolidated. This param allows excluding specified blog ID from being the cron job executor.
+ *
+ * @author Leo Fajardo (@leorw)
+ * @since 2.9.1
+ */
+ private function maybe_schedule_install_sync_cron( $except_blog_id = 0 ) {
+ if ( ! $this->is_user_in_admin() ) {
+ return;
+ }
+
+ if ( $this->is_clone() ) {
+ return;
+ }
+
+ if (
+ // The event has been properly scheduled, so no need to reschedule it.
+ is_numeric( $this->next_install_sync() )
+ ) {
+ return;
+ }
+
+ $this->schedule_cron( 'install_sync', 'install_sync', 'single', WP_FS__SCRIPT_START_TIME, false, $except_blog_id );
+ }
+
+ /**
* @author Vova Feldman (@svovaf)
* @since 1.1.7.3
*
@@ -6605,22 +6694,6 @@
}
/**
- * Instead of running blocking install sync event, execute non blocking scheduled wp-cron.
- *
- * @author Vova Feldman (@svovaf)
- * @since 1.1.7.3
- *
- * @param int $except_blog_id Since 2.0.0 when running in a multisite network environment, the cron execution is consolidated. This param allows excluding excluded specified blog ID from being the cron executor.
- */
- private function schedule_install_sync( $except_blog_id = 0 ) {
- if ( $this->is_clone() ) {
- return;
- }
-
- $this->schedule_cron( 'install_sync', 'install_sync', 'single', WP_FS__SCRIPT_START_TIME, false, $except_blog_id );
- }
-
- /**
* Unix timestamp for previous install sync cron execution or false if never executed.
*
* @todo There's some very strange bug that $this->_storage->install_sync_timestamp value is not being updated. But for sure the sync event is working.
@@ -7411,7 +7484,7 @@
*/
if (
is_plugin_active( $other_version_basename ) &&
- $this->apply_filters( 'deactivate_on_activation', true )
+ $this->apply_filters( 'deactivate_on_activation', ! $this->is_parallel_activation() )
) {
deactivate_plugins( $other_version_basename );
}
@@ -7425,7 +7498,7 @@
// Schedule re-activation event and sync.
// $this->sync_install( array(), true );
- $this->schedule_install_sync();
+ $this->maybe_schedule_install_sync_cron();
// If activating the premium module version, add an admin notice to congratulate for an upgrade completion.
if ( $is_premium_version_activation ) {
@@ -8616,7 +8689,7 @@
return;
}
- $this->schedule_install_sync();
+ $this->maybe_schedule_install_sync_cron();
// $this->sync_install( array(), true );
}
@@ -15974,7 +16047,7 @@
if ( $this->is_install_sync_scheduled() &&
$context_blog_id == $this->get_install_sync_cron_blog_id()
) {
- $this->schedule_install_sync( $context_blog_id );
+ $this->maybe_schedule_install_sync_cron( $context_blog_id );
}
}
@@ -23927,13 +24000,15 @@
// Start trial button.
$button = ' ' . sprintf(
- '<a style="margin-left: 10px; vertical-align: super;" href="%s"><button class="button button-primary">%s ➜</button></a>',
+ '<div><a class="button button-primary" href="%s">%s ➜</a></div>',
$trial_url,
$this->get_text_x_inline( 'Start free trial', 'call to action', 'start-free-trial' )
);
+ $message_text = $this->apply_filters( 'trial_promotion_message', "{$message} {$cc_string}" );
+
$this->_admin_notices->add_sticky(
- $this->apply_filters( 'trial_promotion_message', "{$message} {$cc_string} {$button}" ),
+ "<div class="fs-trial-message-container"><div>{$message_text}</div> {$button}</div>",
'trial_promotion',
'',
'promotion'
@@ -25403,7 +25478,7 @@
$img_dir = WP_FS__DIR_IMG;
// Locate the main assets folder.
- if ( 1 < count( $fs_active_plugins->plugins ) ) {
+ if ( ! empty( $fs_active_plugins->plugins ) ) {
$plugin_or_theme_img_dir = ( $this->is_plugin() ? WP_PLUGIN_DIR : get_theme_root( get_stylesheet() ) );
foreach ( $fs_active_plugins->plugins as $sdk_path => &$data ) {
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/class-fs-plugin-updater.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/class-fs-plugin-updater.php
@@ -542,24 +542,8 @@
global $wp_current_filter;
- $current_plugin_version = $this->_fs->get_plugin_version();
-
- if ( ! empty( $wp_current_filter ) && 'upgrader_process_complete' === $wp_current_filter[0] ) {
- if (
- is_null( $this->_update_details ) ||
- ( is_object( $this->_update_details ) && $this->_update_details->new_version !== $current_plugin_version )
- ) {
- /**
- * After an update, clear the stored update details and reparse the plugin's main file in order to get
- * the updated version's information and prevent the previous update information from showing up on the
- * updates page.
- *
- * @author Leo Fajardo (@leorw)
- * @since 2.3.1
- */
- $this->_update_details = null;
- $current_plugin_version = $this->_fs->get_plugin_version( true );
- }
+ if ( ! empty( $wp_current_filter ) && in_array( 'upgrader_process_complete', $wp_current_filter ) ) {
+ return $transient_data;
}
if ( ! isset( $this->_update_details ) ) {
@@ -568,7 +552,7 @@
false,
fs_request_get_bool( 'force-check' ),
FS_Plugin_Updater::UPDATES_CHECK_CACHE_EXPIRATION,
- $current_plugin_version
+ $this->_fs->get_plugin_version()
);
$this->_update_details = false;
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/entities/class-fs-plugin-plan.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/entities/class-fs-plugin-plan.php
@@ -13,7 +13,6 @@
/**
* Class FS_Plugin_Plan
*
- * @property FS_Pricing[] $pricing
*/
class FS_Plugin_Plan extends FS_Entity {
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/entities/class-fs-site.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/entities/class-fs-site.php
@@ -10,16 +10,16 @@
exit;
}
- /**
- * @property int $blog_id
- */
- #[AllowDynamicProperties]
class FS_Site extends FS_Scope_Entity {
/**
* @var number
*/
public $site_id;
/**
+ * @var int
+ */
+ public $blog_id;
+ /**
* @var number
*/
public $plugin_id;
@@ -190,7 +190,7 @@
fs_ends_with( $subdomain, '.cloudwaysapps.com' ) ||
// Kinsta
(
- ( fs_starts_with( $subdomain, 'staging-' ) || fs_starts_with( $subdomain, 'env-' ) ) &&
+ ( fs_starts_with( $subdomain, 'stg-' ) || fs_starts_with( $subdomain, 'staging-' ) || fs_starts_with( $subdomain, 'env-' ) ) &&
( fs_ends_with( $subdomain, '.kinsta.com' ) || fs_ends_with( $subdomain, '.kinsta.cloud' ) )
) ||
// DesktopServer
@@ -208,6 +208,40 @@
);
}
+ /**
+ * @author Leo Fajardo (@leorw)
+ * @since 2.9.1
+ *
+ * @param string $host
+ *
+ * @return bool
+ */
+ static function is_playground_wp_environment_by_host( $host ) {
+ // Services aimed at providing a WordPress sandbox environment.
+ $sandbox_wp_environment_domains = array(
+ // InstaWP
+ 'instawp.xyz',
+
+ // TasteWP
+ 'tastewp.com',
+
+ // WordPress Playground
+ 'playground.wordpress.net',
+ );
+
+ foreach ( $sandbox_wp_environment_domains as $domain) {
+ if (
+ ( $host === $domain ) ||
+ fs_ends_with( $host, '.' . $domain ) ||
+ fs_ends_with( $host, '-' . $domain )
+ ) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
function is_localhost() {
return ( WP_FS__IS_LOCALHOST_FOR_SERVER || self::is_localhost_by_address( $this->url ) );
}
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/entities/class-fs-user.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/entities/class-fs-user.php
@@ -48,6 +48,19 @@
parent::__construct( $user );
}
+ /**
+ * This method removes the deprecated 'is_beta' property from the serialized data.
+ * Should clean up the serialized data to avoid PHP 8.2 warning on next execution.
+ *
+ * @return void
+ */
+ function __wakeup() {
+ if ( property_exists( $this, 'is_beta' ) ) {
+ // If we enter here, and we are running PHP 8.2, we already had the warning. But we sanitize data for next execution.
+ unset( $this->is_beta );
+ }
+ }
+
function get_name() {
return trim( ucfirst( trim( is_string( $this->first ) ? $this->first : '' ) ) . ' ' . ucfirst( trim( is_string( $this->last ) ? $this->last : '' ) ) );
}
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/managers/class-fs-admin-menu-manager.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/managers/class-fs-admin-menu-manager.php
@@ -699,16 +699,36 @@
$menu = $this->find_main_submenu();
}
+ $menu_slug = $menu['menu'][2];
$parent_slug = isset( $menu['parent_slug'] ) ?
- $menu['parent_slug'] :
- 'admin.php';
+ $menu['parent_slug'] :
+ 'admin.php';
- return admin_url(
- $parent_slug .
- ( false === strpos( $parent_slug, '?' ) ? '?' : '&' ) .
- 'page=' .
- $menu['menu'][2]
- );
+ if ( fs_apply_filter( $this->_module_unique_affix, 'enable_cpt_advanced_menu_logic', false ) ) {
+ $parent_slug = 'admin.php';
+
+ /**
+ * This line and the `if` block below it are based on the `menu_page_url()` function of WordPress.
+ *
+ * @author Leo Fajardo (@leorw)
+ * @since 2.10.2
+ */
+ global $_parent_pages;
+
+ if ( ! empty( $_parent_pages[ $menu_slug ] ) ) {
+ $_parent_slug = $_parent_pages[ $menu_slug ];
+ $parent_slug = isset( $_parent_pages[ $_parent_slug ] ) ?
+ $parent_slug :
+ $menu['parent_slug'];
+ }
+ }
+
+ return admin_url(
+ $parent_slug .
+ ( false === strpos( $parent_slug, '?' ) ? '?' : '&' ) .
+ 'page=' .
+ $menu_slug
+ );
}
/**
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/managers/class-fs-admin-notice-manager.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/includes/managers/class-fs-admin-notice-manager.php
@@ -194,8 +194,14 @@
* @since 1.0.7
*/
static function _add_sticky_dismiss_javascript() {
+ $sticky_admin_notice_js_template_name = 'sticky-admin-notice-js.php';
+
+ if ( ! file_exists( fs_get_template_path( $sticky_admin_notice_js_template_name ) ) ) {
+ return;
+ }
+
$params = array();
- fs_require_once_template( 'sticky-admin-notice-js.php', $params );
+ fs_require_once_template( $sticky_admin_notice_js_template_name, $params );
}
private static $_added_sticky_javascript = false;
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/start.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/start.php
@@ -15,7 +15,7 @@
*
* @var string
*/
- $this_sdk_version = '2.9.0';
+ $this_sdk_version = '2.11.0';
#region SDK Selection Logic --------------------------------------------------------------------
@@ -36,7 +36,16 @@
require_once dirname( __FILE__ ) . '/includes/fs-essential-functions.php';
}
- /**
+ /**
+ * We updated the logic to support SDK loading from a subfolder of a theme as well as from a parent theme
+ * If the SDK is found in the active theme, it sets the relative path accordingly.
+ * If not, it checks the parent theme and sets the relative path if found there.
+ * This allows the SDK to be loaded from composer dependencies or from a custom `vendor/freemius` folder.
+ *
+ * @author Daniele Alessandra (@DanieleAlessandra)
+ * @since 2.9.0.5
+ *
+ *
* This complex logic fixes symlink issues (e.g. with Vargant). The logic assumes
* that if it's a file from an SDK running in a theme, the location of the SDK
* is in the main theme's folder.
@@ -83,16 +92,50 @@
*/
$themes_directory = get_theme_root( get_stylesheet() );
$themes_directory_name = basename( $themes_directory );
- $theme_candidate_basename = basename( dirname( $fs_root_path ) ) . '/' . basename( $fs_root_path );
- if ( $file_path == fs_normalize_path( realpath( trailingslashit( $themes_directory ) . $theme_candidate_basename . '/' . basename( $file_path ) ) )
- ) {
- $this_sdk_relative_path = '../' . $themes_directory_name . '/' . $theme_candidate_basename;
- $is_theme = true;
- } else {
- $this_sdk_relative_path = plugin_basename( $fs_root_path );
- $is_theme = false;
- }
+ // This change ensures that the condition works even if the SDK is located in a subdirectory (e.g., vendor)
+ $theme_candidate_sdk_basename = str_replace( $themes_directory . '/' . get_stylesheet() . '/', '', $fs_root_path );
+
+ // Check if the current file is part of the active theme.
+ $is_current_sdk_from_active_theme = $file_path == $themes_directory . '/' . get_stylesheet() . '/' . $theme_candidate_sdk_basename . '/' . basename( $file_path );
+ $is_current_sdk_from_parent_theme = false;
+
+ // Check if the current file is part of the parent theme.
+ if ( ! $is_current_sdk_from_active_theme ) {
+ $theme_candidate_sdk_basename = str_replace( $themes_directory . '/' . get_template() . '/',
+ '',
+ $fs_root_path );
+ $is_current_sdk_from_parent_theme = $file_path == $themes_directory . '/' . get_template() . '/' . $theme_candidate_sdk_basename . '/' . basename( $file_path );
+ }
+
+ $theme_name = null;
+ if ( $is_current_sdk_from_active_theme ) {
+ $theme_name = get_stylesheet();
+ $this_sdk_relative_path = '../' . $themes_directory_name . '/' . $theme_name . '/' . $theme_candidate_sdk_basename;
+ $is_theme = true;
+ } else if ( $is_current_sdk_from_parent_theme ) {
+ $theme_name = get_template();
+ $this_sdk_relative_path = '../' . $themes_directory_name . '/' . $theme_name . '/' . $theme_candidate_sdk_basename;
+ $is_theme = true;
+ } else {
+ $this_sdk_relative_path = plugin_basename( $fs_root_path );
+ $is_theme = false;
+
+ /**
+ * If this file was included from another plugin with lower SDK version, and if this plugin is symlinked, then we need to get the actual plugin path,
+ * as the value right now will be wrong, it will only remove the directory separator from the file_path.
+ *
+ * The check of `fs_find_direct_caller_plugin_file` determines that this file was indeed included by a different plugin than the main plugin.
+ */
+ if ( DIRECTORY_SEPARATOR . $this_sdk_relative_path === $fs_root_path && function_exists( 'fs_find_direct_caller_plugin_file' ) ) {
+ $original_plugin_dir_name = dirname( fs_find_direct_caller_plugin_file( $file_path ) );
+
+ // Remove everything before the original plugin directory name.
+ $this_sdk_relative_path = substr( $this_sdk_relative_path, strpos( $this_sdk_relative_path, $original_plugin_dir_name ) );
+
+ unset( $original_plugin_dir_name );
+ }
+ }
if ( ! isset( $fs_active_plugins ) ) {
// Load all Freemius powered active plugins.
@@ -176,7 +219,8 @@
$this_sdk_version != $fs_active_plugins->plugins[ $this_sdk_relative_path ]->version
) {
if ( $is_theme ) {
- $plugin_path = basename( dirname( $this_sdk_relative_path ) );
+ // Saving relative path and not only directory name as it could be a subfolder
+ $plugin_path = $theme_name;
} else {
$plugin_path = plugin_basename( fs_find_direct_caller_plugin_file( $file_path ) );
}
@@ -225,11 +269,23 @@
$is_newest_sdk_type_theme = ( isset( $fs_newest_sdk->type ) && 'theme' === $fs_newest_sdk->type );
- if ( ! $is_newest_sdk_type_theme ) {
- $is_newest_sdk_plugin_active = is_plugin_active( $fs_newest_sdk->plugin_path );
- } else {
- $current_theme = wp_get_theme();
- $is_newest_sdk_plugin_active = ( $current_theme->stylesheet === $fs_newest_sdk->plugin_path );
+ /**
+ * @var bool $is_newest_sdk_module_active
+ * True if the plugin with the newest SDK is active.
+ * True if the newest SDK is part of the current theme or current theme's parent.
+ * False otherwise.
+ */
+ if ( ! $is_newest_sdk_type_theme ) {
+ $is_newest_sdk_module_active = is_plugin_active( $fs_newest_sdk->plugin_path );
+ } else {
+ $current_theme = wp_get_theme();
+ // Detect if current theme is the one registered as newer SDK
+ $is_newest_sdk_module_active = (
+ strpos(
+ $fs_newest_sdk->plugin_path,
+ '../' . $themes_directory_name . '/' . $current_theme->get_stylesheet() . '/'
+ ) === 0
+ );
$current_theme_parent = $current_theme->parent();
@@ -237,13 +293,19 @@
* If the current theme is a child of the theme that has the newest SDK, this prevents a redirects loop
* from happening by keeping the SDK info stored in the `fs_active_plugins` option.
*/
- if ( ! $is_newest_sdk_plugin_active && $current_theme_parent instanceof WP_Theme ) {
- $is_newest_sdk_plugin_active = ( $fs_newest_sdk->plugin_path === $current_theme_parent->stylesheet );
+ if ( ! $is_newest_sdk_module_active && $current_theme_parent instanceof WP_Theme ) {
+ // Detect if current theme parent is the one registered as newer SDK
+ $is_newest_sdk_module_active = (
+ strpos(
+ $fs_newest_sdk->plugin_path,
+ '../' . $themes_directory_name . '/' . $current_theme_parent->get_stylesheet() . '/'
+ ) === 0
+ );
}
}
if ( $is_current_sdk_newest &&
- ! $is_newest_sdk_plugin_active &&
+ ! $is_newest_sdk_module_active &&
! $fs_active_plugins->newest->in_activation
) {
// If current SDK is the newest and the plugin is NOT active, it means
@@ -262,14 +324,14 @@
. '/start.php' );
}
- $is_newest_sdk_path_valid = ( $is_newest_sdk_plugin_active || $fs_active_plugins->newest->in_activation ) && file_exists( $sdk_starter_path );
+ $is_newest_sdk_path_valid = ( $is_newest_sdk_module_active || $fs_active_plugins->newest->in_activation ) && file_exists( $sdk_starter_path );
if ( ! $is_newest_sdk_path_valid && ! $is_current_sdk_newest ) {
// Plugin with newest SDK is no longer active, or SDK was moved to a different location.
unset( $fs_active_plugins->plugins[ $fs_active_plugins->newest->sdk_path ] );
}
- if ( ! ( $is_newest_sdk_plugin_active || $fs_active_plugins->newest->in_activation ) ||
+ if ( ! ( $is_newest_sdk_module_active || $fs_active_plugins->newest->in_activation ) ||
! $is_newest_sdk_path_valid ||
// Is newest SDK downgraded.
( $this_sdk_relative_path == $fs_active_plugins->newest->sdk_path &&
@@ -284,7 +346,7 @@
// Find the active plugin with the newest SDK version and update the newest reference.
fs_fallback_to_newest_active_sdk();
} else {
- if ( $is_newest_sdk_plugin_active &&
+ if ( $is_newest_sdk_module_active &&
$this_sdk_relative_path == $fs_active_plugins->newest->sdk_path &&
( $fs_active_plugins->newest->in_activation ||
( class_exists( 'Freemius' ) && ( ! defined( 'WP_FS__SDK_VERSION' ) || version_compare( WP_FS__SDK_VERSION, $this_sdk_version, '<' ) ) )
@@ -313,7 +375,7 @@
return;
}
- if ( version_compare( $this_sdk_version, $fs_active_plugins->newest->version, '<' ) ) {
+ if ( isset( $fs_active_plugins->newest ) && version_compare( $this_sdk_version, $fs_active_plugins->newest->version, '<' ) ) {
$newest_sdk = $fs_active_plugins->plugins[ $fs_active_plugins->newest->sdk_path ];
$plugins_or_theme_dir_path = ( ! isset( $newest_sdk->type ) || 'theme' !== $newest_sdk->type ) ?
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/templates/forms/license-activation.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/templates/forms/license-activation.php
@@ -569,7 +569,7 @@
licenseKey = $otherLicenseKey.val();
} else {
if ( ! hasLicensesDropdown ) {
- licenseID = $availableLicenseKey.data( 'id' );
+ licenseID = $availableLicenseKey.data( 'id' ).toString();
} else {
licenseID = $licensesDropdown.val();
}
--- a/yet-another-stars-rating/vendor/freemius/wordpress-sdk/templates/pricing.php
+++ b/yet-another-stars-rating/vendor/freemius/wordpress-sdk/templates/pricing.php
@@ -69,6 +69,11 @@
wp_enqueue_script( 'freemius-pricing', $pricing_js_url );
+ $pricing_css_path = $fs->apply_filters( 'pricing/css_path', null );
+ if ( is_string( $pricing_css_path ) ) {
+ wp_enqueue_style( 'freemius-pricing', fs_asset_url( $pricing_css_path ) );
+ }
+
$has_tabs = $fs->_add_tabs_before_content();
if ( $has_tabs ) {
@@ -95,6 +100,8 @@
'unique_affix' => $fs->get_unique_affix(),
'show_annual_in_monthly' => $fs->apply_filters( 'pricing/show_annual_in_monthly', true ),
'license' => $fs->has_active_valid_license() ? $fs->_get_license() : null,
+ 'plugin_icon' => $fs->get_local_icon_url(),
+ 'disable_single_package' => $fs->apply_filters( 'pricing/disable_single_package', false ),
), $query_params );
wp_add_inline_script( 'freemius-pricing', 'Freemius.pricing.new( ' . json_encode( $pricing_config ) . ' )' );
--- a/yet-another-stars-rating/yet-another-stars-rating.php
+++ b/yet-another-stars-rating/yet-another-stars-rating.php
@@ -4,7 +4,7 @@
* Plugin Name: Yet Another Stars Rating
* Plugin URI: http://wordpress.org/plugins/yet-another-stars-rating/
* Description: Boost the way people interact with your site with an easy WordPress stars rating system! With schema.org rich snippets YASR will improve your SEO
- * Version: 3.4.12
+ * Version: 3.4.15
* Requires at least: 4.7
* Requires PHP: 5.4
* Author: YetAnotherStarsRating.com
@@ -76,7 +76,7 @@
yasr_fs();
// Signal that SDK was initiated.
do_action( 'yasr_fs_loaded' );
- define( 'YASR_VERSION_NUM', '3.4.12' );
+ define( 'YASR_VERSION_NUM', '3.4.15' );
//Plugin absolute path
//e.g. /var/www/html/plugin_development/wp-content/plugins/yet-another-stars-rating
define( 'YASR_ABSOLUTE_PATH', __DIR__ );
