release: fixes

- Fixed Visualizer block widget not loading
- Improved the popup rendering
- Enhanced security

Author: vytisbulkevicius

classes/Visualizer/Module/Admin.php

@@ -53,6 +53,7 @@ public function __construct( Visualizer_Plugin $plugin ) {
 		parent::__construct( $plugin );
 		$this->_addAction( 'load-post.php', 'enqueueMediaScripts' );
 		$this->_addAction( 'load-post-new.php', 'enqueueMediaScripts' );
+		$this->_addAction( 'enqueue_block_editor_assets', 'enqueueMediaScripts' );
 		$this->_addAction( 'admin_footer', 'renderTemplates' );
 		$this->_addAction( 'admin_enqueue_scripts', 'enqueueLibraryScripts', null, 0 );
 		$this->_addAction( 'admin_menu', 'registerAdminMenu' );
@@ -330,7 +331,9 @@ public function feedbackReviewTrigger( $dumb ) {
 	 */
 	public function enqueueMediaScripts() {
 		global $typenow;
-		if ( post_type_supports( $typenow, 'editor' ) ) {
+		global $current_screen;
+
+		if ( post_type_supports( $typenow, 'editor' ) || $current_screen->id === 'widgets' ) {
 			wp_enqueue_style( 'visualizer-media', VISUALIZER_ABSURL . 'css/media.css', array( 'media-views' ), Visualizer_Plugin::VERSION );
 
 			// Load all the assets for the different libraries we support.
@@ -1019,6 +1022,7 @@ public function renderLibraryPage() {
 		}
 		// enqueue charts array
 		$ajaxurl = admin_url( 'admin-ajax.php' );
+
 		wp_localize_script(
 			'visualizer-library',
 			'visualizer',

classes/Visualizer/Module/Chart.php

@@ -1431,6 +1431,10 @@ public function getQueryData() {
 			wp_send_json_error( array( 'msg' => __( 'Action not allowed for this user.', 'visualizer' ) ) );
 		}
 
+		if ( ! Visualizer_Module::is_pro() ) {
+			wp_send_json_error( array( 'msg' => __( 'Feature is not available.', 'visualizer' ) ) );
+		}
+
 		$params     = wp_parse_args( $_POST['params'] );
 		$chart_id   = filter_var( $params['chart_id'], FILTER_VALIDATE_INT );
 		$query      = trim( $params['query'], ';' );
@@ -1452,6 +1456,17 @@ public function getQueryData() {
 	public function saveQuery() {
 		check_ajax_referer( Visualizer_Plugin::ACTION_SAVE_DB_QUERY . Visualizer_Plugin::VERSION, 'security' );
 
+		if ( ! current_user_can( 'administrator' ) ) {
+			wp_send_json_error( array( 'msg' => __( 'Action not allowed for this user.', 'visualizer' ) ) );
+		}
+		if ( ! is_super_admin() ) {
+			wp_send_json_error( array( 'msg' => __( 'Action not allowed for this user.', 'visualizer' ) ) );
+		}
+
+		if ( ! Visualizer_Module::is_pro() ) {
+			wp_send_json_error( array( 'msg' => __( 'Feature is not available.', 'visualizer' ) ) );
+		}
+
 		$chart_id   = filter_input(
 			INPUT_GET,
 			'chart',

classes/Visualizer/Plugin.php

@@ -57,6 +57,8 @@ class Visualizer_Plugin {
 	const ACTION_UPLOAD_DATA = 'visualizer-upload-data';
 	const ACTION_EXPORT_DATA = 'visualizer-export-data';
 
+	const STORE_URL = 'https://store.themeisle.com/';
+
 	/**
 	 *Action used for fetching specific users/roles for permissions.
 	 */

classes/Visualizer/Render/Library.php

@@ -206,7 +206,55 @@ private function getDisplayForm() {
 		</form>
 		</div>';
 	}
+	/**
+	 * Renders pro charts blocker.
+	 *
+	 * @access private
+	 */
+	private function _renderProPopupBlocker() {
+		if ( Visualizer_Module::is_pro() ) {
+			return;
+		}
+		$license = get_option( 'visualizer_pro_license_data', 'free' );
+		$license_key = '';
+		$download_id = '';
+		if ( ! empty( $license ) && is_object( $license ) ) {
+			$license_key = $license->key;
+			$download_id = $license->download_id;
+		}
+		$admin_license_url = admin_url( 'options-general.php#visualizer_pro_license' );
+		$renew_license_url = tsdk_utmify( Visualizer_Plugin::STORE_URL . '?edd_license_key=' . $license_key . '&download_id=' . $download_id, 'visualizer_license_block' );
+		echo '
+				<div class="vizualizer-renew-notice-overlay" id="overlay-visualizer"></div>
+				<div class="vizualizer-renew-notice-popup">
+					<h1 class="vizualizer-renew-notice-heading">Alert!</h1>
+					<p class="vizualizer-renew-notice-message">' . esc_html__( 'In order to edit premium charts, benefit from updates and support for Visualizer Premium plugin, please renew your license code or activate it.', 'visualizer' ) . '</p>
+					<div class="vizualizer-renew-notice-buttons-container">
+						<a href="' . esc_url( $renew_license_url) . '" target="_blank">
+							<button class="vizualizer-renew-notice-button vizualizer-renew-notice-renew-button">
+								<span class="dashicons dashicons-cart"></span>' . esc_html__( 'Renew License', 'visualizer' ) . ' 
+							</button>
+						</a>
+						<a href="' . esc_url( $admin_license_url ) . '">
+							<button class="vizualizer-renew-notice-button vizualizer-renew-notice-activate-button">
+								<span class="dashicons dashicons-unlock"></span> ' . esc_html__( 'Activate License', 'visualizer' ) . ' 
+							</button>
+						</a>
+						<button class="vizualizer-renew-notice-button vizualizer-renew-notice-close-icon" aria-label="Close" onclick="closePopup()">
+							<i class="dashicons dashicons-no"></i>
+						</button>
+					</div>
+				</div>
+				<script>
+				function closePopup() {
+					var overlay = document.getElementById("overlay-visualizer");
+					var popup = document.querySelector(".vizualizer-renew-notice-popup");
+					overlay.style.display = "none";
+					popup.style.display = "none";
+				}
+				</script>';
 
+	}
 	/**
 	 * Renders library content.
 	 *
@@ -215,10 +263,14 @@ private function getDisplayForm() {
 	 * @access private
 	 */
 	private function _renderLibrary() {
+
 		// Added by Ash/Upwork
 		$filterBy = ! empty( $_GET['s'] ) ? sanitize_text_field( wp_unslash( $_GET['s'] ) ) : null; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 		// Added by Ash/Upwork
 		echo $this->custom_css;
+
+		$this->_renderProPopupBlocker();
+
 		echo '<div id="visualizer-types" class="visualizer-clearfix">';
 		echo '<svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><symbol id="list-icon" fill="currentColor"><path d="M8 0C3.58 0 0 3.58 0 8C0 12.42 3.58 16 8 16C12.42 16 16 12.42 16 8C16 3.58 12.42 0 8 0ZM7.385 12.66H6.045L2.805 8.12L4.146 6.87L6.715 9.27L11.856 3.339L13.196 4.279L7.385 12.66Z"/></symbol></svg>';
 		$this->getDisplayForm();

composer.lock

@@ -522,6 +522,7 @@ div#visualizer-types ul, div#visualizer-types form p {
 
 
 .vizualizer-renew-notice-overlay {
+	display: none;
 	position: fixed;
 	top: 0;
 	left: 0;
@@ -532,7 +533,7 @@ div#visualizer-types ul, div#visualizer-types form p {
 }
 
 .vizualizer-renew-notice-popup {
-	display: block;
+	display: none;
 	position: fixed;
 	top: 50%;
 	left: 50%;
@@ -594,8 +595,17 @@ div#visualizer-types ul, div#visualizer-types form p {
 
 .vizualizer-renew-notice-close-icon {
 	position: absolute;
-	top: 10px;
-	right: 10px;
+	top: -10px;
+	right: -70px;
 	cursor: pointer;
 	color: #333;
+	background: none;
+	border: none;
+	padding: 0;
+	outline: none;
+	/* Reset button styles */
+	display: inline-block;
+	font: inherit;
+	text-align: inherit;
+	text-decoration: none;
 }

css/library.css

@@ -2,7 +2,7 @@
 /*
 	Plugin Name: Visualizer: Tables and Charts for WordPress
 	Plugin URI: https://themeisle.com/plugins/visualizer-charts-and-graphs/
-	Description: A simple, easy to use and quite powerful tool to create, manage and embed interactive charts into your WordPress posts and pages. The plugin uses Google Visualization API to render charts, which supports cross-browser compatibility (adopting VML for older IE versions) and cross-platform portability to iOS and new Android releases.
+	Description: Effortlessly create and embed responsive charts and tables with Visualizer, a powerful WordPress plugin that enhances data presentation from multiple sources.
 	Version: 3.11.1
 	Author: Themeisle
 	Author URI: http://themeisle.com

index.php

@@ -33,63 +33,13 @@
     });
 })(wp.media.view);
 
-function createPopupProBlocker() {
-
-    var link = document.createElement('link');
-    link.rel = 'stylesheet';
-    link.href = 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css';
-    document.head.appendChild(link);
-
-    var overlay = document.createElement('div');
-    overlay.classList.add('vizualizer-renew-notice-overlay');
-    overlay.id = 'overlay-visualizer';
-    document.body.appendChild(overlay);
-
-    var popup = document.createElement('div');
-    popup.classList.add('vizualizer-renew-notice-popup');
-
-    var closeIcon = document.createElement('i');
-    closeIcon.classList.add('fas', 'fa-times', 'vizualizer-renew-notice-close-icon');
-    closeIcon.addEventListener('click', function() {
-        document.body.removeChild(overlay);
-        popup.style.display = 'none';
-    });
-    popup.appendChild(closeIcon);
-
-    var heading = document.createElement('h1');
-    heading.textContent = 'Alert!';
-    heading.classList.add('vizualizer-renew-notice-heading');
-    popup.appendChild(heading);
-
-    var message = document.createElement('p');
-    message.textContent = 'In order to edit premium charts, benefit from updates and support for Visualizer Premium plugin, please renew your license code or activate it.';
-    message.classList.add('vizualizer-renew-notice-message');
-    popup.appendChild(message);
-
-    var buttonsContainer = document.createElement('div');
-    buttonsContainer.classList.add('vizualizer-renew-notice-buttons-container');
-
-    var link1 = document.createElement('a');
-    link1.href = 'https://store.themeisle.com/';
-    link1.target = '_blank';
-    var button1 = document.createElement('button');
-    button1.innerHTML = '<span class="fas fa-shopping-cart"></span> Renew License';
-    button1.classList.add('vizualizer-renew-notice-button', 'vizualizer-renew-notice-renew-button');
-    link1.appendChild(button1);
-    buttonsContainer.appendChild(link1);
-
-    var link2 = document.createElement('a');
-    link2.href = '/wp-admin/options-general.php#visualizer_pro_license';
-    var button2 = document.createElement('button');
-    button2.innerHTML = '<span class="fas fa-key"></span> Activate License';
-    button2.classList.add('vizualizer-renew-notice-button', 'vizualizer-renew-notice-activate-button');
-    link2.appendChild(button2);
-    buttonsContainer.appendChild(link2);
-
-    popup.appendChild(buttonsContainer);
-
-    document.body.appendChild(popup);
-
+function createPopupProBlocker( $ , e ) {
+    if ( ! visualizer.is_pro_user && e.target.classList.contains('viz-is-pro-chart') ) {
+        $("#overlay-visualizer").css("display", "block");
+        $(".vizualizer-renew-notice-popup").css("display", "block");
+        return true;
+    }
+    return false;
 }
 
 (function ($, vmv, vu) {
@@ -135,12 +85,11 @@ function createPopupProBlocker() {
             $(this).parent('form').submit();
         });
 
-        $('.visualizer-chart-shortcode').click(function (e) {
+        $('.visualizer-chart-shortcode').click(function (event) {
 
-            if ( ! visualizer.is_pro_user && e.target.classList.contains('viz-is-pro-chart') ) {
-                createPopupProBlocker();
-                e.preventDefault();
-                e.stopPropagation();
+            if ( createPopupProBlocker( $, event ) ) {
+                event.preventDefault();
+                event.stopPropagation();
                 return;
             }
 
@@ -149,12 +98,12 @@ function createPopupProBlocker() {
             if (window.getSelection && document.createRange) {
                 selection = window.getSelection();
                 range = document.createRange();
-                range.selectNodeContents(e.target);
+                range.selectNodeContents(event.target);
                 selection.removeAllRanges();
                 selection.addRange(range);
             } else if (document.selection && document.body.createTextRange) {
                 range = document.body.createTextRange();
-                range.moveToElementText(e.target);
+                range.moveToElementText(event.target);
                 range.select();
             }
         });
@@ -195,8 +144,7 @@ function createPopupProBlocker() {
 
         $('.visualizer-chart-edit').click(function (event) {
 
-            if ( ! visualizer.is_pro_user && event.target.classList.contains('viz-is-pro-chart') ) {
-                createPopupProBlocker();
+            if ( createPopupProBlocker( $, event ) ) {
                 return;
             }
 
@@ -215,16 +163,14 @@ function createPopupProBlocker() {
             return false;
         });
         $(".visualizer-chart-clone").on("click", function ( event ) {
-            if ( ! visualizer.is_pro_user && event.target.classList.contains('viz-is-pro-chart') ) {
-                createPopupProBlocker();
+            if ( createPopupProBlocker( $, event ) ) {
                 event.preventDefault();
             }
         });
 
         $(".visualizer-chart-export").on("click", function (event) {
 
-            if ( ! visualizer.is_pro_user && event.target.classList.contains('viz-is-pro-chart') ) {
-                createPopupProBlocker();
+            if ( createPopupProBlocker( $, event ) ) {
                 return;
             }
 
@@ -249,8 +195,7 @@ function createPopupProBlocker() {
         });
 
         $(".visualizer-chart-image").on("click", function (event) {
-            if ( ! visualizer.is_pro_user && event.target.classList.contains('viz-is-pro-chart') ) {
-                createPopupProBlocker();
+            if ( createPopupProBlocker( $, event ) ) {
                 return;
             }
             $('body').trigger('visualizer:action:specificchart', {action: 'image', id: $(this).attr("data-chart"), data: null, dataObj: {name: $(this).attr("data-chart-title")}});