From 66829408d46eac712d003676e1765bdd4d78d28d Mon Sep 17 00:00:00 2001 From: PranavAwasthi Date: Wed, 26 Jun 2024 15:42:26 +0530 Subject: [PATCH 1/4] Fixed category's parent issue --- php/classes/class-qsm-questions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php/classes/class-qsm-questions.php b/php/classes/class-qsm-questions.php index cd7d7888c..8d54db908 100644 --- a/php/classes/class-qsm-questions.php +++ b/php/classes/class-qsm-questions.php @@ -487,7 +487,7 @@ public static function get_question_categories_from_term_ids( $term_ids ) { $categories_names[ $tax->term_id ] = $tax->name; $taxs[ $tax->parent ][] = $tax; } - $categories_tree = self::create_terms_tree( $taxs, $taxs[0] ); + $categories_tree = self::create_terms_tree( $taxs, isset( $taxs[0] ) ? $taxs[0] : reset( $taxs ) ); } $categories = array( 'list' => $categories_names, @@ -527,7 +527,7 @@ public static function get_question_categories( $question_id = 0 ) { $categories_names[ $tax->term_id ] = $tax->name; $taxs[ $tax->parent ][] = $tax; } - $categories_tree = self::create_terms_tree( $taxs, $taxs[0] ); + $categories_tree = self::create_terms_tree( $taxs, isset( $taxs[0] ) ? $taxs[0] : reset( $taxs ) ); } } From 40d357957f1923e380168fa8daface54a5a5c96b Mon Sep 17 00:00:00 2001 From: PranavAwasthi Date: Thu, 27 Jun 2024 12:28:18 +0530 Subject: [PATCH 2/4] added case sensitive option to text question types --- php/admin/options-page-questions-tab.php | 2 +- php/classes/question-types/class-question-review-text.php | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/php/admin/options-page-questions-tab.php b/php/admin/options-page-questions-tab.php index 9d318afb3..ff2789454 100644 --- a/php/admin/options-page-questions-tab.php +++ b/php/admin/options-page-questions-tab.php @@ -433,7 +433,7 @@ class="save-page-button button button-primary"> __( 'Yes', 'quiz-master-next' ), ), 'default' => '0', - 'show' => '14' . $show_case_sensitive, + 'show' => '3, 5, 14' . $show_case_sensitive, ), 'limit_text' => array( 'heading' => __( 'Limit Text', 'quiz-master-next' ), diff --git a/php/classes/question-types/class-question-review-text.php b/php/classes/question-types/class-question-review-text.php index 79e02cf0a..18a2c9380 100644 --- a/php/classes/question-types/class-question-review-text.php +++ b/php/classes/question-types/class-question-review-text.php @@ -18,8 +18,14 @@ public function set_user_answer() { } public function set_answer_status() { + global $mlwQuizMasterNext; + $case_sensitive = $mlwQuizMasterNext->pluginHelper->get_question_setting( $this->question_id, 'case_sensitive' ); $user_answer_value = $this->user_answer['input']; - $answer_key = array_search( $this->prepare_for_string_matching( $user_answer_value ), array_map( array( $this, 'prepare_for_string_matching' ), $this->correct_answer ), true ); + if ( 1 === intval($case_sensitive ) ) { + $answer_key = array_search( $user_answer_value, $this->correct_answer, true ); + }else { + $answer_key = array_search( $this->prepare_for_string_matching( $user_answer_value ), array_map( array( $this, 'prepare_for_string_matching' ), $this->correct_answer ), true ); + } if ( false !== $answer_key ) { $this->answer_status = 'correct'; $this->points += $this->answer_array[ $answer_key ][1]; From e5a1b043785a199feaf53910188f83a60423b19a Mon Sep 17 00:00:00 2001 From: randhirexpresstech Date: Mon, 1 Jul 2024 09:54:09 +0530 Subject: [PATCH 3/4] adjust add result function for import feature --- php/classes/class-qmn-quiz-manager.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/php/classes/class-qmn-quiz-manager.php b/php/classes/class-qmn-quiz-manager.php index 97817780d..25f4c85bc 100644 --- a/php/classes/class-qmn-quiz-manager.php +++ b/php/classes/class-qmn-quiz-manager.php @@ -1870,7 +1870,7 @@ public function qsm_get_quiz_to_reload() { * * @return boolean results added or not */ - private function add_quiz_results( $data ) { + public function add_quiz_results( $data ) { global $wpdb; if ( empty( $wpdb ) || empty( $data['qmn_array_for_variables'] ) || empty( $data['results_array'] ) || empty( $data['unique_id'] ) || ! isset( $data['http_referer'] ) || ! isset( $data['form_type'] ) ) { return false; @@ -1883,6 +1883,9 @@ private function add_quiz_results( $data ) { $wpdb->suppress_errors(); try { + if ( empty( $data['page_name'] ) ) { + $data['page_name'] = url_to_postid( $data['http_referer'] ) ? get_the_title( url_to_postid( $data['http_referer'] ) ) : ''; + } $res = $wpdb->insert( $table_name, array( @@ -1902,11 +1905,11 @@ private function add_quiz_results( $data ) { 'time_taken' => $data['qmn_array_for_variables']['time_taken'], 'time_taken_real' => gmdate( 'Y-m-d H:i:s', strtotime( $data['qmn_array_for_variables']['time_taken'] ) ), 'quiz_results' => maybe_serialize( $data['results_array'] ), - 'deleted' => 0, + 'deleted' => ( isset( $data['deleted'] ) && 1 === intval( $data['deleted'] ) ) ? 1 : 0, 'unique_id' => $data['unique_id'], 'form_type' => $data['form_type'], 'page_url' => $data['http_referer'], - 'page_name' => url_to_postid( $data['http_referer'] ) ? get_the_title( url_to_postid( $data['http_referer'] ) ) : '', + 'page_name' => sanitize_text_field( $data['page_name'] ), ), array( '%d', From d66fd5383611be666c455437a37bb0398d16bf4a Mon Sep 17 00:00:00 2001 From: PranavAwasthi Date: Wed, 10 Jul 2024 12:20:26 +0530 Subject: [PATCH 4/4] Fixed vulnerability in text tab --- php/classes/class-qsm-fields.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/classes/class-qsm-fields.php b/php/classes/class-qsm-fields.php index e8f4c6061..f085aad69 100644 --- a/php/classes/class-qsm-fields.php +++ b/php/classes/class-qsm-fields.php @@ -31,7 +31,7 @@ public static function generate_section( $fields, $section ) { if ( ( isset( $_POST[ $field["id"] ] ) && 'multiple_fields' !== $field["type"] ) || 'selectinput' == $field["type"] ) { switch ( $field["type"] ) { case 'text': - $sanitized_value = sanitize_text_field( wp_unslash( $_POST[ $field["id"] ] ) ); + $sanitized_value = esc_html( sanitize_text_field( wp_unslash( $_POST[ $field["id"] ] ) ) ); break; case 'url':