From 7fc6b8c15800d2a74b14a2adf6e9a3c24dc9ba35 Mon Sep 17 00:00:00 2001 From: Irshad Ahmad <94346512+irshadahmad21@users.noreply.github.com> Date: Thu, 23 Mar 2023 18:20:36 +0530 Subject: [PATCH] Improve excerpt formatting to allow plain text (#65) * Improve message template sanitization to prevent breaking the markup * Update donate link * Update format-text * Improve excerpt formatting to allow plain text * Prepare for v4.0.9 --------- Co-authored-by: irshadahmad21 --- README.md | 5 +- changelog.md | 11 ++++ composer.json | 2 +- package.json | 2 +- src/README.txt | 9 ++- src/changelog.md | 11 ++++ src/includes/TemplateGuard.php | 85 +++++++++++++++++++++++++++++ src/includes/Utils.php | 29 +++++----- src/includes/format-text | 2 +- src/languages/wptelegram.pot | 4 +- src/modules/notify/NotifySender.php | 1 + src/modules/p2tg/PostData.php | 7 +++ src/wptelegram.php | 4 +- 13 files changed, 146 insertions(+), 26 deletions(-) create mode 100644 src/includes/TemplateGuard.php diff --git a/README.md b/README.md index 9cf26e8..fa5e461 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,10 @@ **Requires at least:** 5.8 **Requires PHP:** 7.2 **Tested up to:** 6.1.1 -**Stable tag:** 4.0.8 +**Stable tag:** 4.0.9 **License:** GPLv2 or later -**License URI:** [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html) +**License URI:** [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html) +**Donate link:** [wpsocio.com/donate](https://wpsocio.com/donate) [![Wordpress plugin](https://img.shields.io/wordpress/plugin/v/wptelegram.svg)](https://wordpress.org/plugins/wptelegram/) [![Wordpress](https://img.shields.io/wordpress/plugin/dt/wptelegram.svg)](https://wordpress.org/plugins/wptelegram/) diff --git a/changelog.md b/changelog.md index 2148926..620622e 100644 --- a/changelog.md +++ b/changelog.md @@ -4,6 +4,17 @@ All notable changes to this project are documented in this file. ## Unreleased +## [4.0.9 - 2023-03-23](https://github.com/wpsocio/wptelegram/releases/tag/v4.0.9) + +### Enhancements + +- Improved message template sanitization to prevent breaking the markup +- Added a new filter `wptelegram_p2tg_post_data_plain_excerpt` to allow sending plain text excerpt + +### Bug fixes + +- Fixed the links added in parenthesis when "Formatting" is set to "None" + ## [4.0.8 - 2023-03-12](https://github.com/wpsocio/wptelegram/releases/tag/v4.0.8) ### Bug fixes diff --git a/composer.json b/composer.json index 4f9fa55..c2ad4ef 100644 --- a/composer.json +++ b/composer.json @@ -1,6 +1,6 @@ { "name": "wptelegram/core", - "version": "4.0.8", + "version": "4.0.9", "description": "Integrate your WordPress site perfectly with Telegram with full control.", "require-dev": { "wp-coding-standards/wpcs": "*" diff --git a/package.json b/package.json index e5661ea..e1dc49f 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "wptelegram", "title": "WP Telegram", - "version": "4.0.8", + "version": "4.0.9", "description": "Integrate your WordPress site perfectly with Telegram with full control.", "repository": { "type": "git", diff --git a/src/README.txt b/src/README.txt index cba6943..c685559 100644 --- a/src/README.txt +++ b/src/README.txt @@ -1,11 +1,11 @@ === WP Telegram (Auto Post and Notifications) === Contributors: wpsocio, irshadahmad21 -Donate link: https://wpsocio.com +Donate link: https://wpsocio.com/donate Tags: telegram, notifications, posts, channel, group Requires at least: 5.8 Requires PHP: 7.2 Tested up to: 6.1.1 -Stable tag: 4.0.8 +Stable tag: 4.0.9 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -205,6 +205,11 @@ Yes, all you need to do is to setup **Private Notifications** module and use the == Changelog == += 4.0.9 = +- Improved message template sanitization to prevent breaking the markup +- Added a new filter `wptelegram_p2tg_post_data_plain_excerpt` to allow sending plain text excerpt +- Fixed the links added in parenthesis when "Formatting" is set to "None" + = 4.0.8 = - Fixed the broken hyperlinks in Message Template when using custom field link diff --git a/src/changelog.md b/src/changelog.md index 2148926..620622e 100644 --- a/src/changelog.md +++ b/src/changelog.md @@ -4,6 +4,17 @@ All notable changes to this project are documented in this file. ## Unreleased +## [4.0.9 - 2023-03-23](https://github.com/wpsocio/wptelegram/releases/tag/v4.0.9) + +### Enhancements + +- Improved message template sanitization to prevent breaking the markup +- Added a new filter `wptelegram_p2tg_post_data_plain_excerpt` to allow sending plain text excerpt + +### Bug fixes + +- Fixed the links added in parenthesis when "Formatting" is set to "None" + ## [4.0.8 - 2023-03-12](https://github.com/wpsocio/wptelegram/releases/tag/v4.0.8) ### Bug fixes diff --git a/src/includes/TemplateGuard.php b/src/includes/TemplateGuard.php new file mode 100644 index 0000000..40f19f8 --- /dev/null +++ b/src/includes/TemplateGuard.php @@ -0,0 +1,85 @@ +Click here + * gets converted to + * Click here + * due to ":" in the href being treated as a part of some protocol. + * + * @since 4.0.9 + * + * @param string $template The template to safeguard. + * + * @return string The safeguarded template. + */ + public function safeguard_macros( $template ) { + + $this->macro_map = []; + + // Match all macros in the template. + if ( preg_match_all( '/\{[^\}]+?\}/iu', $template, $matches ) ) { + + $total = count( $matches[0] ); + // Replace the macros with temporary placeholders. + for ( $i = 0; $i < $total; $i++ ) { + $this->macro_map[ "##MACRO{$i}##" ] = $matches[0][ $i ]; + } + } + + // Replace the macros with temporary placeholders. + $safe_template = str_replace( array_values( $this->macro_map ), array_keys( $this->macro_map ), $template ); + + return $safe_template; + } + + /** + * Restore the template macros. + * + * @since 4.0.9 + * + * @param string $template The template to restore. + * + * @return string The restored template. + */ + public function restore_macros( $template ) { + + // Restore the macros with the original values. + $restored_template = str_replace( array_keys( $this->macro_map ), array_values( $this->macro_map ), $template ); + + return $restored_template; + } +} diff --git a/src/includes/Utils.php b/src/includes/Utils.php index 9a7d0fb..bee28ce 100644 --- a/src/includes/Utils.php +++ b/src/includes/Utils.php @@ -268,20 +268,18 @@ public static function sanitize_message_template( $value, $addslashes = false, $ if ( is_object( $value ) || is_array( $value ) ) { return ''; } + $value = (string) $value; - $filtered = wp_check_invalid_utf8( (string) $value ); + $guard = new TemplateGuard(); - $allowed_protocols = []; + $value = $guard->safeguard_macros( $value ); - // If the Message Template contains a link with {cf: field as the href, - // We need to allow "{cf" as a protocol to avoid wp_kses() stripping the link. - if ( preg_match( '/]href=["\']{cf:/', $filtered ) ) { - $allowed_protocols = array_merge( wp_allowed_protocols(), [ '{cf' ] ); - } + $filtered = wp_check_invalid_utf8( $value ); - $allowed_protocols = apply_filters( 'wptelegram_message_template_allowed_protocols', $allowed_protocols, $filtered ); + $filtered = trim( wp_kses( $filtered, self::SUPPORTED_HTML_TAGS ) ); - $filtered = trim( wp_kses( $filtered, self::SUPPORTED_HTML_TAGS, $allowed_protocols ) ); + // Restore the macros with the original values. + $filtered = $guard->restore_macros( $filtered ); if ( $json_encode ) { // json_encode to avoid errors when saving multi-byte emojis into database with no multi-byte support. @@ -495,12 +493,13 @@ public static function get_html_converter( $options = [], $id = 'default' ) { public static function prepare_content( $content, $options = [] ) { $defaults = [ - 'elipsis' => '…', - 'format_to' => 'text', - 'id' => 'default', - 'limit' => 55, - 'limit_by' => 'words', - 'preserve_eol' => true, + 'elipsis' => '…', + 'format_to' => 'text', + 'id' => 'default', + 'limit' => 55, + 'limit_by' => 'words', + 'text_hyperlinks' => 'strip', + 'preserve_eol' => true, ]; $options = wp_parse_args( $options, $defaults ); diff --git a/src/includes/format-text b/src/includes/format-text index 62aa5b8..0f1aa78 160000 --- a/src/includes/format-text +++ b/src/includes/format-text @@ -1 +1 @@ -Subproject commit 62aa5b888629fa6a330733b152d082b5ae0c8ea0 +Subproject commit 0f1aa782fee4331e5d2422a7844384a6e163ac62 diff --git a/src/languages/wptelegram.pot b/src/languages/wptelegram.pot index 0b063e7..eb0b0eb 100644 --- a/src/languages/wptelegram.pot +++ b/src/languages/wptelegram.pot @@ -4,11 +4,11 @@ msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: https://github.com/wpsocio/wptelegram\n" -"POT-Creation-Date: 2023-03-12 17:29:13+00:00\n" +"POT-Creation-Date: 2023-03-23 12:50:29+00:00\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"PO-Revision-Date: 2023-03-12 17:290\n" +"PO-Revision-Date: 2023-03-23 12:500\n" "Last-Translator: WP Telegram\n" "Language-Team: WP Telegram\n" "Language: en_US\n" diff --git a/src/modules/notify/NotifySender.php b/src/modules/notify/NotifySender.php index 8ae4d00..19d9ee6 100644 --- a/src/modules/notify/NotifySender.php +++ b/src/modules/notify/NotifySender.php @@ -293,6 +293,7 @@ private function get_prepare_content_options( $limit = 0 ) { 'id' => 'notify', 'limit' => $limit, 'limit_by' => 'chars', + 'text_hyperlinks' => 'retain', 'images_in_links' => [ 'title_or_alt' => 'retain', 'lone_image_link' => 'retain', diff --git a/src/modules/p2tg/PostData.php b/src/modules/p2tg/PostData.php index a94d52d..068a01f 100644 --- a/src/modules/p2tg/PostData.php +++ b/src/modules/p2tg/PostData.php @@ -191,6 +191,13 @@ public function get_field_value( $field, $options = [] ) { 'preserve_eol' => $preserve_eol, ] ); + + $plain_excerpt = apply_filters( 'wptelegram_p2tg_post_data_plain_excerpt', false, $value, $excerpt, $this->post, $options ); + + if ( $plain_excerpt ) { + $value = trim( wp_strip_all_tags( $value ) ); + } + // If the excerpt is not empty. if ( $value ) { // Add custom tags for smart trimming. diff --git a/src/wptelegram.php b/src/wptelegram.php index b0eeada..4ad9830 100644 --- a/src/wptelegram.php +++ b/src/wptelegram.php @@ -10,7 +10,7 @@ * Plugin Name: WP Telegram * Plugin URI: https://t.me/WPTelegram * Description: Integrate your WordPress website perfectly with Telegram. Send posts automatically to Telegram when published or updated, whether to a Telegram Channel, Group or private chat, with full control. Get your email notifications on Telegram. - * Version: 4.0.8 + * Version: 4.0.9 * Requires at least: 5.8 * Requires PHP: 7.2 * Author: WP Socio @@ -26,7 +26,7 @@ die; } -define( 'WPTELEGRAM_VER', '4.0.8' ); +define( 'WPTELEGRAM_VER', '4.0.9' ); defined( 'WPTELEGRAM_MAIN_FILE' ) || define( 'WPTELEGRAM_MAIN_FILE', __FILE__ );