Fixing issue with

samiahmedsiddiqui · May 14, 2019 · fd60015 · fd60015
1 parent 9fd172d
commit fd60015
Show file tree

Hide file tree

Showing 5 changed files with 43 additions and 23 deletions.
diff --git a/admin/class-prevent-xss-vulnerability-reflected-settings.php b/admin/class-prevent-xss-vulnerability-reflected-settings.php
@@ -17,7 +17,7 @@ function __construct() {
    *
    * @access private
    * @since 0.1
-   * @updated 0.3.4
+   * @updated 0.3.5
    *
    * @return void
    */
@@ -53,13 +53,15 @@ private function xss_reflected_settings() {
         $reflected_xss['escape_html'] = wp_kses( $_POST['escape_html'], array() );
       }
       update_option(
-        'prevent_xss_vulnerability_reflected_settings',
-        serialize( $reflected_xss )
+        'prevent_xss_vulnerability_reflected_settings', $reflected_xss
       );
     }
-    $get_reflected_xss = unserialize( get_option(
+    $get_reflected_xss = get_option(
       'prevent_xss_vulnerability_reflected_settings'
-    ) );
+    );
+    if ( is_string( $get_reflected_xss ) ) {
+      $get_reflected_xss = unserialize( $get_reflected_xss );
+    }
     $enable_blocking                = '';
     $enable_encoding                = '';
     $escape_html                    = '';

diff --git a/admin/class-prevent-xss-vulnerability-self-settings.php b/admin/class-prevent-xss-vulnerability-self-settings.php
@@ -17,7 +17,7 @@ function __construct() {
    *
    * @access private
    * @since 0.3.0
-   * @updated 0.3.3
+   * @updated 0.3.5
    *
    * @return void
    */
@@ -39,15 +39,15 @@ private function self_xss_settings_page() {
         $self_xss['user_warning'] = 1;
       }
 
-      update_option(
-        'prevent_xss_vulnerability_self_xss_settings',
-        serialize( $self_xss )
-      );
+      update_option( 'prevent_xss_vulnerability_self_xss_settings', $self_xss );
     }
 
-    $get_self_xss = unserialize( get_option(
+    $get_self_xss = get_option(
       'prevent_xss_vulnerability_self_xss_settings'
-    ) );
+    );
+    if ( is_string( $get_self_xss ) ) {
+      $get_self_xss = unserialize( $get_self_xss );
+    }
 
     $warning_message = '';
     if ( isset( $get_self_xss['warning_message'] )

diff --git a/frontend/class-prevent-xss-vulnerability-frontend.php b/frontend/class-prevent-xss-vulnerability-frontend.php
@@ -22,14 +22,18 @@ public function init() {
    *
    * @access private
    * @since 0.1
-   * @updated 0.3.0
+   * @updated 0.3.5
    *
    * @return void
    */
   private function prevent_xss_vulnerability() {
-    $reflected_xss_settings = unserialize( get_option(
+    $reflected_xss_settings = get_option(
       'prevent_xss_vulnerability_reflected_settings'
-    ) );
+    );
+
+    if ( is_string( $reflected_xss_settings ) ) {
+      $reflected_xss_settings = unserialize( $reflected_xss_settings );
+    }
 
     if ( ! isset( $reflected_xss_settings ) || empty( $reflected_xss_settings )
       || ( 1 != $reflected_xss_settings['enable_encoding']
@@ -182,13 +186,19 @@ private function prevent_xss_vulnerability() {
    *
    * @access public
    * @since 0.2
+   * @updated 0.3.5
    *
    * @return void
    */
   public function escape_html() {
-    $reflected_xss_settings = unserialize( get_option(
+    $reflected_xss_settings = get_option(
       'prevent_xss_vulnerability_reflected_settings'
-    ) );
+    );
+
+    if ( is_string( $reflected_xss_settings ) ) {
+      $reflected_xss_settings = unserialize( $reflected_xss_settings );
+    }
+
     if ( isset( $reflected_xss_settings )
       && isset( $reflected_xss_settings['escape_html'] )
       && 1 == $reflected_xss_settings['escape_html'] ) {
@@ -204,14 +214,18 @@ public function escape_html() {
    *
    * @access public
    * @since 0.3.0
-   * @updated 0.3.3
+   * @updated 0.3.5
    *
    * @return void
    */
   public function self_xss_script() {
-    $self_xss_settings = unserialize( get_option(
+    $self_xss_settings = get_option(
       'prevent_xss_vulnerability_self_xss_settings'
-    ) );
+    );
+
+    if ( is_string( $self_xss_settings ) ) {
+      $self_xss_settings = unserialize( $self_xss_settings );
+    }
 
     if ( isset( $self_xss_settings )
       && isset( $self_xss_settings['user_warning'] )

diff --git a/prevent-xss-vulnerability.php b/prevent-xss-vulnerability.php
@@ -3,7 +3,7 @@
  * Plugin Name: Prevent XSS Vulnerability
  * Plugin URI: https://wordpress.org/plugins/prevent-xss-vulnerability/
  * Description: Secure your site from the XSS Attack.
- * Version: 0.3.4
+ * Version: 0.3.5
  * Author: Sami Ahmed Siddiqui
  * Author URI: https://www.yasglobal.com/web-design-development/wordpress/prevent-xss-vulnerability/
  * License: GPLv3
@@ -61,7 +61,7 @@ private function setup_constants() {
       define( 'PREVENT_XSS_VULNERABILITY_FILE', __FILE__ );
     }
     if ( ! defined( 'PREVENT_XSS_VULNERABILITY_PLUGIN_VERSION' ) ) {
-      define( 'PREVENT_XSS_VULNERABILITY_PLUGIN_VERSION', '0.3.4' );
+      define( 'PREVENT_XSS_VULNERABILITY_PLUGIN_VERSION', '0.3.5' );
     }
     if ( ! defined( 'PREVENT_XSS_VULNERABILITY_PATH' ) ) {
       define( 'PREVENT_XSS_VULNERABILITY_PATH', plugin_dir_path( PREVENT_XSS_VULNERABILITY_FILE ) );

diff --git a/readme.txt b/readme.txt
@@ -3,7 +3,7 @@ Contributors: sasiddiqui
 Tags: attack, cross-site scripting, security, vulnerability, xss, self-xss
 Requires at least: 3.5
 Tested up to: 5.2
-Stable tag: 0.3.4
+Stable tag: 0.3.5
 License: GPLv3
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
 
@@ -106,6 +106,10 @@ A. No, this plugin doesn't have any conflict with any plugin.
 
 == Changelog ==
 
+= 0.3.5 - May 14, 19 =
+
+  * Fixing issue with `update_option`
+
 = 0.3.4 - May 11, 19 =
 
   * Added `wp_kses` to make the textarea messages more secure