🚀 Release: Releasing 3.1.3

Author: Joel-James

404-to-301.php

@@ -3,7 +3,7 @@
  * Plugin Name:     404 to 301 - Redirect, Log and Notify 404 Errors
  * Plugin URI:      https://duckdev.com/products/404-to-301/
  * Description:     Automatically redirect all <strong>404 errors</strong> to any page using <strong>301 redirect for SEO</strong>. You can <strong>redirect and log</strong> every 404 errors. No more 404 errors in Webmaster tool.
- * Version:         3.1.1
+ * Version:         3.1.3
  * Author:          Joel James
  * Author URI:      https://duckdev.com/
  * Donate link:     https://paypal.me/JoelCJ
@@ -44,7 +44,7 @@
 // Define plugin base file.
 define( 'JJ4T3_BASE_FILE', __FILE__ );
 // Define plugin version.
-define( 'JJ4T3_VERSION', '3.1.1' );
+define( 'JJ4T3_VERSION', '3.1.3' );
 // Define plugin version.
 define( 'JJ4T3_DB_VERSION', '11.0' );
 // Define plugin log table.

includes/admin/class-jj4t3-admin.php

@@ -241,8 +241,8 @@ public function screen_option() {
 	 * Show error listing table view.
 	 *
 	 * This method displays the listing table HTML to the page.
-	 * Regitsering action hook - "jj4t3_log_list_above_form".
-	 * Regitsering action hook - "jj4t3_log_list_below_form".
+	 * Registering action hook - "jj4t3_log_list_above_form".
+	 * Registering action hook - "jj4t3_log_list_below_form".
 	 *
 	 * @since  2.1.0
 	 * @access public
@@ -252,7 +252,7 @@ public function screen_option() {
 	public function error_list() {
 		?>
 		<div class="wrap">
-			<h2><?php _e( '404 Error Logs', '404-to-301' ); ?></h2>
+			<h2><?php esc_html_e( '404 Error Logs', '404-to-301' ); ?></h2>
 			<div id="poststuff">
 				<div id="post-body" class="metabox-holder">
 					<div id="post-body-content">
@@ -465,7 +465,7 @@ public function review_notice() {
 						<?php
 						printf(
 							__( 'Hey %1$s, I noticed you\'ve been using %2$s404 to 301%3$s for more than 1 week – that’s awesome! Could you please do me a BIG favor and give it a 5-star rating on WordPress? Just to help us spread the word and boost our motivation.', '404-to-301' ),
-							empty( $current_user->display_name ) ? __( 'there', '404-to-301' ) : ucwords( $current_user->display_name ),
+							empty( $current_user->display_name ) ? esc_html__( 'there', '404-to-301' ) : esc_html( ucwords( $current_user->display_name ) ),
 							'<strong>',
 							'</strong>'
 						);
@@ -475,10 +475,10 @@ public function review_notice() {
 						<a href="https://wordpress.org/support/plugin/404-to-301/reviews/#new-post" target="_blank"><?php esc_html_e( 'Ok, you deserve it', '404-to-301' ); ?></a>
 					</p>
 					<p>
-						<a href="<?php echo add_query_arg( 'jj4t3_rating', 'later' ); // later. ?>"><?php esc_html_e( 'Nope, maybe later', '404-to-301' ); ?></a>
+						<a href="<?php echo esc_url( add_query_arg( 'jj4t3_rating', 'later' ) ); // later. ?>"><?php esc_html_e( 'Nope, maybe later', '404-to-301' ); ?></a>
 					</p>
 					<p>
-						<a href="<?php echo add_query_arg( 'jj4t3_rating', 'dismiss' ); // dismiss link. ?>"><?php esc_html_e( 'I already did', '404-to-301' ); ?></a>
+						<a href="<?php echo esc_url( add_query_arg( 'jj4t3_rating', 'dismiss' ) ); // dismiss link. ?>"><?php esc_html_e( 'I already did', '404-to-301' ); ?></a>
 					</p>
 				</div>
 				<?php

includes/admin/class-jj4t3-log-listing.php

@@ -261,19 +261,21 @@ private function set_groupby() {
 		// Get group by value from request.
 		$group_by = jj4t3_from_request( 'group_by_top', '' );
 
-		// Verify if the group by value is allowed.
-		if ( ! in_array( $group_by, $allowed_values, true ) ) {
-			return;
-		}
-
 		/**
 		 * Filter to alter the log listing groupby param.
 		 *
 		 * Only allowed column names are accepted.
 		 *
 		 * @since 2.0.0
 		 */
-		$this->group_by = apply_filters( 'jj4t3_log_list_groupby', $group_by );
+		$group_by = apply_filters( 'jj4t3_log_list_groupby', $group_by );
+
+		// Verify if the group by value is allowed.
+		if ( ! in_array( $group_by, $allowed_values, true ) ) {
+			return;
+		}
+
+		$this->group_by = $group_by;
 	}
 
 	/**
@@ -720,7 +722,7 @@ public function extra_tablenav( $which ) {
 			echo '<select name="group_by_top" class="404_group_by">';
 			echo '<option value="">' . esc_html__( 'Group by', '404-to-301' ) . '</option>';
 			foreach ( $column_names as $column ) {
-				echo '<option value="' . $column . '" ' . selected( $column, $this->group_by ) . '>' . esc_attr( $available_columns[ $column ] ) . '</option>';
+				echo '<option value="' . esc_attr( $column ) . '" ' . selected( $column, $this->group_by ) . '>' . esc_attr( $available_columns[ $column ] ) . '</option>';
 			}
 			echo '</select>';
 			submit_button( __( 'Apply', '404-to-301' ), 'button', 'filter_action', false, array( 'id' => 'post-query' ) );

includes/admin/views/settings.php

@@ -52,7 +52,7 @@
 		<tr id="custom_url" class="<?php echo esc_attr( $cl_style ); ?>">
 			<th><?php esc_html_e( 'Custom URL', '404-to-301' ); ?></th>
 			<td>
-				<input type="url" size="40" placeholder="<?php echo home_url(); ?>" name="i4t3_gnrl_options[redirect_link]" value="<?php echo esc_url( $options['redirect_link'] ); ?>">
+				<input type="url" size="40" placeholder="<?php echo esc_url( home_url() ); ?>" name="i4t3_gnrl_options[redirect_link]" value="<?php echo esc_url( $options['redirect_link'] ); ?>">
 				<p class="description jj4t3-p-desc"><?php esc_html_e( 'Enter any url (including http://)', '404-to-301' ); ?></p>
 			</td>
 		</tr>

includes/index.php

@@ -10,12 +10,12 @@
  * 404 page. This class can be extended to access the 404
  * page details such as URL, Time, User Agent etc.
  *
+ * @link       https://duckdev.com/products/404-to-301/
+ * @author     Joel James <[email protected]>
+ * @license    http://www.gnu.org/licenses/ GNU General Public License
  * @category   Core
  * @package    JJ4T3
  * @subpackage 404Data
- * @author     Joel James <[email protected]>
- * @license    http://www.gnu.org/licenses/ GNU General Public License
- * @link       https://duckdev.com/products/404-to-301/
  */
 class JJ4T3_404_Data {
 
@@ -66,7 +66,6 @@ class JJ4T3_404_Data {
 	 * @access private
 	 */
 	public function init() {
-
 		$this->set_ip();
 		$this->set_ref();
 		$this->set_ua();
@@ -80,20 +79,19 @@ public function init() {
 	 * Get real IP address of the user.
 	 * http://stackoverflow.com/a/55790/3845839
 	 *
-	 * @param string $ip Default value for IP Address.
-	 *
 	 * @since  2.2.6
 	 * @access private
 	 *
+	 * @param string $ip Default value for IP Address.
+	 *
 	 * @return void
 	 */
 	private function set_ip( $ip = '' ) {
-
-		// IP varibals in priority oder.
-		$ips = array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'REMOTE_ADDR' );
-		foreach ( $ips as $ip ) {
-			if ( isset( $_SERVER[ $ip ] ) ) {
-				$ip = $_SERVER[ $ip ];
+		// IP variables in priority oder.
+		$headers = array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'REMOTE_ADDR' );
+		foreach ( $headers as $header ) {
+			if ( isset( $_SERVER[ $header ] ) ) {
+				$ip = $_SERVER[ $header ]; // phpcs:ignore
 			}
 		}
 
@@ -102,47 +100,49 @@ private function set_ip( $ip = '' ) {
 		 *
 		 * @since 3.0.0
 		 */
-		$this->ip = apply_filters( 'jj4t3_404_ip', $ip );
+		$ip = apply_filters( 'jj4t3_404_ip', $ip );
+
+		$this->ip = sanitize_text_field( $ip );
 	}
 
 	/**
 	 * Set visitors user agent/browser.
 	 *
-	 * @param string $ua Default value for User Agent.
-	 *
 	 * @since  3.0.0
 	 * @access private
 	 *
+	 * @param string $ua Default value for User Agent.
+	 *
 	 * @return void
 	 */
 	private function set_ua( $ua = '' ) {
-
 		if ( isset( $_SERVER['HTTP_USER_AGENT'] ) ) {
-			$ua = $_SERVER['HTTP_USER_AGENT'];
+			$ua = $_SERVER['HTTP_USER_AGENT']; // phpcs:ignore
 		}
 
 		/**
 		 * Filter to alter User Agent.
 		 *
 		 * @since 3.0.0
 		 */
-		$this->ua = apply_filters( 'jj4t3_404_ua', $ua );
+		$ua = apply_filters( 'jj4t3_404_ua', $ua );
+
+		$this->ua = sanitize_text_field( $ua );
 	}
 
 	/**
 	 * Set visitors referring link.
 	 *
-	 * @param string $ref Default value for Ref.
-	 *
 	 * @since  3.0.0
 	 * @access private
 	 *
+	 * @param string $ref Default value for Ref.
+	 *
 	 * @return void
 	 */
 	private function set_ref( $ref = '' ) {
-
 		if ( isset( $_SERVER['HTTP_REFERER'] ) ) {
-			$ref = esc_url( $_SERVER['HTTP_REFERER'] );
+			$ref = $_SERVER['HTTP_REFERER']; // phpcs:ignore
 		}
 
 		/**
@@ -152,23 +152,24 @@ private function set_ref( $ref = '' ) {
 		 *
 		 * @since 3.0.0
 		 */
-		$this->ref = apply_filters( 'jj4t3_404_ref', $ref );
+		$ref = apply_filters( 'jj4t3_404_ref', $ref );
+
+		$this->ref = esc_url_raw( $ref );
 	}
 
 	/**
 	 * Set visitors referring link.
 	 *
-	 * @param string $url Default value for 404 URL.
-	 *
 	 * @since  3.0.0
 	 * @access private
 	 *
+	 * @param string $url Default value for 404 URL.
+	 *
 	 * @return void
 	 */
 	private function set_url( $url = '' ) {
-
 		if ( isset( $_SERVER['REQUEST_URI'] ) ) {
-			$url = untrailingslashit( esc_url( $_SERVER['REQUEST_URI'] ) );
+			$url = $_SERVER['REQUEST_URI']; // phpcs:ignore
 		}
 
 		/**
@@ -178,7 +179,9 @@ private function set_url( $url = '' ) {
 		 *
 		 * @since 3.0.0
 		 */
-		$this->url = apply_filters( 'jj4t3_404_url', $url );
+		$url = apply_filters( 'jj4t3_404_url', $url );
+
+		$this->url = untrailingslashit( esc_url_raw( $url ) );
 	}
 
 	/**
@@ -190,11 +193,10 @@ private function set_url( $url = '' ) {
 	 * @return void
 	 */
 	private function set_time() {
-
 		/**
 		 * Filter to alter current time.
 		 *
-		 * @note If you using this filter, remember to
+		 * @note  If you using this filter, remember to
 		 *  return proper MySQL time format.
 		 *
 		 * @since 3.0.0
@@ -215,7 +217,6 @@ private function set_time() {
 	 * @return boolean
 	 */
 	public function is_excluded() {
-
 		$excluded = jj4t3_get_option( 'exclude_paths', '' );
 
 		$paths = array();
@@ -229,7 +230,7 @@ public function is_excluded() {
 		/**
 		 * Filter to alter exclude path values.
 		 *
-		 * @note You should return array if strings .
+		 * @note  You should return array if strings .
 		 *
 		 * @since 3.0.0
 		 */
@@ -249,5 +250,4 @@ public function is_excluded() {
 
 		return false;
 	}
-
 }