CVE-2023-0968: takings.php in watu/trunk/views – WordPress Plugin Repository

1<style type="text/css">2<?php watu_resp_table_css(800);?>3</style>45<?php if(!$in_shortcode):?>6<div class="wrap">7 <h2><?php printf(__(“Users who submitted the %s '%s’", ‘watu’), WATU_QUIZ_WORD, $exam->name); ?></h2>8 9 <p><?php _e(“A lot more detailed reports, filters, exports, and other important features are available in", ‘watu’)?> <a href="http://calendarscripts.info/watupro” target="_blank">WatuPRO</a></p>10 11 <p><a href="admin.php?page=watu_exams"><?php printf(__('Back to %s list’, ‘watu’), WATU_QUIZ_WORD_PLURAL)?></a>12 <?php if($count):?> | 13 <a href="#” onclick="jQuery(‘#filterForm’).toggle(‘slow’);return false;"><?php _e(‘Filter/search these records’, ‘watu’)?></a> 14  | 15 <a href="admin.php?page=watu_takings&exam_id=<?php echo $exam->ID?>&watu_export=1&noheader=1&<?php echo $filters_url;?>"><?php printf(__(‘Export as CSV (%s delimited)‘, ‘watu’), ($delim == ‘,’ ? __(‘comma’, ‘watu’) : __(‘tab’, ‘watu’)) );?><?php if($display_filters):?> <?php _e('(Filters apply)‘, ‘watu’)?><?php endif;?></a>16  | 17 <a href="#" onclick="WatuDelAll();return false;"><?php printf(__(‘Delete all user-submitted data for this %s’, ‘watu’), WATU_QUIZ_WORD)?></a><?php endif;?></p> 18 19 <p><?php _e(‘Shortcode to publish a simplified version of this page:’, ‘watu’);?> <input type="text" size="30" value=’[watu-takings quiz_id=<?php echo $exam->ID?>]' readonly="readonly" onclick="this.select();"> <?php _e(‘You can switch off some columns.’, ‘watu’);?> <a href="admin.php?page=watu_help"><?php _e(‘See the help page for configuration parementers.’, ‘watu’);?></a></p>20 21 <div class="wrap" style="min-width:60%;margin-right:2%;float:left"> 22 <div id="filterForm" style=’display:<?php echo $display_filters?’block’:’none’;?>;margin-bottom:10px;padding:5px;’ class="widefat">23 <form method="get" class="watu-admin" action="admin.php">24 <input type="hidden" name="page" value="watu_takings">25 <input type="hidden" name="exam_id" value="<?php echo $exam->ID?>">26 <div><label><?php _e(‘Username’, ‘watu’)?></label> <select name="dnf">27 <option value="equals" <?php if(empty($_GET[‘dnf’]) or $_GET[‘dnf’]==’equals’) echo “selected"?>><?php _e('Equals’, ‘watu’)?></option>28 <option value="starts” <?php if(!empty($_GET[‘dnf’]) and $_GET[‘dnf’]==’starts’) echo “selected"?>><?php _e('Starts with’, ‘watu’)?></option>29 <option value="ends” <?php if(!empty($_GET[‘dnf’]) and $_GET[‘dnf’]==’ends’) echo “selected"?>><?php _e('Ends with’, ‘watu’)?></option>30 <option value="contains” <?php if(!empty($_GET[‘dnf’]) and $_GET[‘dnf’]==’contains’) echo “selected"?>><?php _e('Contains’, ‘watu’)?></option>31 </select> <input type="text” name="dn" value="<?php echo esc_attr($_GET[‘dn’] ?? ‘’)?>"></div>32 <div><label><?php _e(‘Email’, ‘watu’)?></label> <select name="emailf">33 <option value="equals" <?php if(empty($_GET[‘emailf’]) or $_GET[‘emailf’]==’equals’) echo “selected"?>><?php _e('Equals’, ‘watu’)?></option>34 <option value="starts” <?php if(!empty($_GET[‘emailf’]) and $_GET[‘emailf’]==’starts’) echo “selected"?>><?php _e('Starts with’, ‘watu’)?></option>35 <option value="ends” <?php if(!empty($_GET[‘emailf’]) and $_GET[‘emailf’]==’ends’) echo “selected"?>><?php _e('Ends with’, ‘watu’)?></option>36 <option value="contains” <?php if(!empty($_GET[‘emailf’]) and $_GET[‘emailf’]==’contains’) echo “selected"?>><?php _e('Contains’, ‘watu’)?></option>37 </select> <input type="text” name="email" value="<?php echo sanitize_email($_GET[‘email’] ?? ‘’)?>"></div> 38 <div><label><?php _e(‘Date Taken’, ‘watu’)?></label> <select name="datef">39 <option value="equals" <?php if(empty($_GET[‘datef’]) or $_GET[‘datef’]==’equals’) echo “selected"?>><?php _e('Equals’, ‘watu’)?></option>40 <option value="before” <?php if(!empty($_GET[‘datef’]) and $_GET[‘datef’]==’before’) echo “selected"?>><?php _e('Is before’, ‘watu’)?></option>41 <option value="after” <?php if(!empty($_GET[‘datef’]) and $_GET[‘datef’]==’after’) echo “selected"?>><?php _e('Is after’, ‘watu’)?></option> 42 </select> <input type="text” name="date" value="<?php echo esc_attr($_GET[‘date’] ?? ‘’)?>"> <i>YYYY-MM-DD</i></div>43 <div><label><?php _e(‘Points received’, ‘watu’)?></label> <select name="pointsf">44 <option value="equals" <?php if(empty($_GET[‘pointsf’]) or $_GET[‘pointsf’]==’equals’) echo “selected"?>><?php _e('Equal’, ‘watu’)?></option>45 <option value="less” <?php if(!empty($_GET[‘pointsf’]) and $_GET[‘pointsf’]==’less’) echo “selected"?>><?php _e('Are less than’, ‘watu’)?></option>46 <option value="more” <?php if(!empty($_GET[‘pointsf’]) and $_GET[‘pointsf’]==’more’) echo “selected"?>><?php _e('Are more than’, ‘watu’)?></option> 47 </select> <input type="text” name="points" value="<?php echo absint($_GET[‘points’] ?? 0)?>"></div>48 49 <div><label><?php _e('Grade/result equals:’, ‘watu’)?></label> <select name="grade_id">50 <option value="0"><?php _e('- Any grade / result -', ‘watu’)?></option>51 <?php foreach($grades as $grade):?>52 <option value="<?php echo $grade->ID?>" <?php if(!empty($_GET[‘grade_id’]) and $_GET[‘grade_id’] == $grade->ID) echo 'selected’?>><?php echo stripslashes($grade->gtitle)?></option>53 <?php endforeach;?> 54 </select> <?php _e('(This filter will exclude grades earned prior to Watu version 2.4.7)', ‘watu’)?></div>55 56 <?php if(!empty($namaste_courses)):?>57 <div><label><?php _e('Student in course:’, ‘watu’)?></label> <select name="namaste_course_id">58 <option value=""><?php _e('Any course’, ‘watu’)?></option>59 <?php foreach($namaste_courses as $namaste_course):?>60 <option value="<?php echo $namaste_course->ID?>" <?php if(!empty($_GET[‘namaste_course_id’]) and $_GET[‘namaste_course_id’] == $namaste_course->ID) echo 'selected’?>><?php echo stripslashes($namaste_course->post_title)?></option>61 <?php endforeach;?> 62 </select></div>63 <?php endif;?>64 65 <?php if(count($source_urls)):?>66 <div><label><?php _e('Submitted from page:’, ‘watu’)?></label> <select name="source_url">67 <option value=""><?php _e('Any source’, ‘watu’)?></option>68 <?php foreach($source_urls as $source_url):?>69 <option value="<?php echo $source_url->source_url?>" <?php if(!empty($_GET[‘source_url’]) and $_GET[‘source_url’] == $source_url->source_url) echo 'selected’?>><?php echo $source_url->source_url?></option>70 <?php endforeach;?> 71 </select></div>72 <?php endif;?>73 74 <div><input type="submit" value="<?php _e('Search/Filter’, ‘watu’)?>">75 <input type="button" value="<?php _e('Clear Filters’, ‘watu’)?>" onclick="window.location=’admin.php?page=watu_takings&exam_id=<?php echo $exam->ID;?>’;"></div>76 </form>77 </div>78 <?php endif; // end if not in shortcode 79 if($count):?>80 <p><?php printf(__('%d records found’, ‘watu’), $count);?></p>81 <form method="post">82 <table class="widefat watu-table">83 <thead>84 <tr>85 <?php if(!$in_shortcode):?><th><input type="checkbox" onclick="watuSelectAll(this);"></th><?php endif;;?>86 <th><a href="<?php echo $target_url?>&ob=tU.user_login&offset=<?php echo $offset?>&dir=<?php echo $odir?>&<?php echo $filters_url;?>"><?php 87 if($show_email) _e('Name & Email’, ‘watu’);88 else _e('Name’, ‘watu’);?></a></th>89 <th><a href="<?php echo $target_url?>&ob=tT.date&offset=<?php echo $offset?>&dir=<?php echo $odir?>&<?php echo $filters_url;?>"><?php _e('Date’, ‘watu’)?></a></th>90 <?php if($show_points):?><th><a href="<?php echo $target_url?>&ob=tT.points&offset=<?php echo $offset?>&dir=<?php echo $odir?>&<?php echo $filters_url;?>"><?php _e('Points’, ‘watu’)?></a></th><?php endif;?>91 <?php if($show_percent):?><th><a href="<?php echo $target_url?>&ob=tT.percent_correct&offset=<?php echo $offset?>&dir=<?php echo $odir?>&<?php echo $filters_url;?>"><?php _e('% correct’, ‘watu’)?></a></th><?php endif;?> 92 <th><?php _e('Result’, ‘watu’)?></th>93 <?php if(!$in_shortcode):?>94 <th><?php _e('Details’, ‘watu’)?></th><th><?php _e('Delete’, ‘watu’)?></th>95 <?php endif; // end if not in shortcode; ?></tr>96 </thead>97 <tbody> 98 99 <?php foreach($takings as $taking):100 if(empty($taking->email) and !empty($taking->user_email)) $taking->email = $taking->user_email;101 $class = (‘alternate’ == @$class) ? “” : 'alternate’;?>102 <tr class="<?php echo $class?>">103 <?php if(!$in_shortcode):?><td><input type="checkbox" name="ids[]" value="<?php echo $taking->ID?>" class="wtpChk" onclick="watuShowHideButton();"></td><?php endif;?>104 <td><?php echo $taking->user_id ? '<a href="user-edit.php?user_id=’.$taking->user_id.’">’.$taking->user_login.’</a>’: _e('N/a’, ‘watu’);?>105 <?php if(!empty($taking->email) and $show_email) echo “<br>".$taking->email;?></td>106 <td><?php echo date_i18n(get_option(‘date_format’), strtotime($taking->date));107 if(!empty($taking->source_url)) printf('<br>’.__('Source: %s’, ‘watu’), $taking->source_url);?></td>108 <?php if($show_points):?><td><?php echo $taking->points?></td><?php endif;?>109 <?php if($show_percent):?><td><?php printf(__('%d%%’, ‘watu’), $taking->percent_correct)?> <br>110 <?php printf(__('%d correct, %d wrong, and %d unanswered’, ‘watu’), $taking->num_correct, $taking->num_wrong, $taking->num_empty);?></td><?php endif;?>111 <td><?php echo $in_shortcode ? stripslashes($taking->grade_title) : apply_filters(WATU_CONTENT_FILTER, $taking->result)?></td>112 <?php if(!$in_shortcode):?> 113 <td><?php if(empty($taking->snapshot)): _e('n/a’, ‘watu’);114 else:?><a href="#” onclick="Watu.takingDetails(‘<?php echo $taking->ID?>’);return false;"><?php _e('view’, ‘watu’)?></a><?php endif;?></td>115 <td><a href="#" onclick="WatuDelTaking('<?php echo wp_nonce_url(‘admin.php?page=watu_takings’, ‘watu_del_taking’);?>&exam_id=<?php echo $exam->ID?>&del_taking=1&id=<?php echo $taking->ID?>’);return false;"><?php _e('Delete’, ‘watu’)?></a></td>116 <?php endif; // end if not in shortcode ?> 117 </tr>118 <?php endforeach;?>119 </tbody>120 </table>121 <?php if(!$in_shortcode):?>122 <p align="center" style="display:none;" id="watuMassFrm">123 <input type="button" class="button" value="<?php _e('Delete selected’, ‘watu’);?>" onclick="confirmDelTakings(this.form);">124 <input type="hidden" name="del_takings" value="0">125 </p>126 <?php wp_nonce_field(‘watu_del_takings’);?>127 <?php endif;?> 128 </form>129 130 <?php if(!$in_shortcode or empty($atts[‘num’])):?>131 <p align="center"><?php if($offset>0):?><a href="<?php echo $target_url?>&offset=<?php echo ($offset-10)?>&ob=<?php echo $ob?>&dir=<?php echo $dir?>&<?php echo $filters_url;?>"><?php _e('Previous page’, ‘watu’)?></a><?php endif;?>132 133 <?php if($offset + 10 < $count):?> <a href="<?php echo $target_url?>&offset=<?php echo ($offset+10)?>&ob=<?php echo $ob?>&dir=<?php echo $dir?>&<?php echo $filters_url;?>"><?php _e('Next page’, ‘watu’)?></a> <?php endif;?></p>134 <?php endif;?>135 136 <?php else:?>137 <p><?php _e(‘No results match your search criteria.’,’watu’)?></p>138 <?php endif;?>139 140 141<?php if(!$in_shortcode):?> 142 </div> 143 144 <div id="watu-sidebar">145 <?php include(WATU_PATH."/views/sidebar.php");?>146 </div>147148 <form id="cleanupTakingsForm" method="post">149 <input type="hidden" name="delete_all_takings" value="0">150 <?php wp_nonce_field(‘watu_delete_all’);?>151 </form>152 <script type="text/javascript" >153 function WatuDelTaking(url) {154 if(confirm(“<?php _e('Are you sure?’, ‘watu’)?>”)) {155 window.location = url;156 } 157 }158 159 function WatuDelAll() {160 if(!confirm(“<?php printf(__('Are you sure? This will delete ALL user results for this %s!’, ‘watu’), WATU_QUIZ_WORD)?>”)) return false;161 162 jQuery('#cleanupTakingsForm input[name=delete_all_takings]').val(“1”);163 jQuery(‘#cleanupTakingsForm’).submit();164 }165 </script>166</div> 167 <?php endif;?>168169170<script type="text/javascript">171<?php watu_resp_table_js();?>172173function watuSelectAll(chk) {174 if(chk.checked) jQuery(‘.wtpChk’).prop('checked’, true);175 else jQuery(‘.wtpChk’).prop('checked’, false);176 177 watuShowHideButton();178}179180function watuShowHideButton() {181 var anyChecked = false;182 183 jQuery(‘.wtpChk’).each(function(e, elt) {184 if(elt.checked) {185 anyChecked = true;186 return true;187 }188 });189 190 if(anyChecked) jQuery(‘#watuMassFrm’).show();191 else jQuery(‘#watuMassFrm’).hide();192}193194function confirmDelTakings(frm) {195 if(confirm('<?php _e(‘Are you sure?’, ‘watu’)?>’)) {196 frm.del_takings.value = 1;197 frm.submit();198 }199}200</script>