It was horrible code, there was not escaping ( not developer friendly )

Hi Arafat Jamil,

Sorry about that. Can you provide us the code you see not developer friendly.

We’re working hard to make the plugin better.

Thanks ??

• This reply was modified 2 years, 4 months ago by ThimPress.

I was building a theme, copied the template files and checked, over 40 issues of only escaping at the output level.

WordPress coding standard suggests late escaping, i.e – escaping your outputs when echoing.

You are a legendary company in the WordPress world, this is not expected from your end.

If you fix your issues, I will change my feedback of course.

• This reply was modified 2 years, 4 months ago by Arafat Jamil.

remove_filter( ‘deprecated_file_trigger_error’, ‘__return_false’ );

This piece of code is in single-course\item-comments.php file, which is meant to be copied as template in the theme folder.

Theme should not contain filters.

learnpress\profile\tabs\courses.php

Line 32: ‘ data-tab=’enrolled’>
Line 39: ‘ data-tab=’created’>
Line 47: style='<?php echo $tab_active !== ‘enrolled’ ? ‘display: none;’ : ”; ?>’>
Line 51: ‘
Line 52: data-tab='<?php echo $key === ” ? ‘all’ : $key; ?>’>
Line 62: data-tab='<?php echo $key === ” ? ‘all’ : $key; ?>’
Line 63: style='<?php echo $key !== $courses_enrolled_tab_active ? ‘display: none’ : ”; ?>’> <?p
Line 74: style='<?php echo $tab_active !== ‘created’ ? ‘display: none;’ : ”; ?>’>
Line 78: ‘
Line 79: data-tab='<?php echo $key === ” ? ‘all’ : $key; ?>’>
Line 89: data-tab='<?php echo $key === ” ? ‘all’ : $key; ?>’ style='<?php echo $key !== ” ? ‘displ

There are so many others like these

Hi Arafat Jamil,

Thank for your feedback, we fixed that, and will send you a beta so you can test it. We’ll release the fixed version this week. We hope to get more of your feedback about LP. And you should create a topic for us can support better, Wodpress doesn’t agree support on Review.

Thanks so much, again.

• This reply was modified 2 years, 4 months ago by ThimPress.

Hi Arafat Jamil,

We update the beta version fixed bugs and optimze. You can download v4.1.6.9-beta-1

Please feedback to us when the test is completed.

Thanks so much.

I have tested the beta, sorry there are a lot more issues.
You can put the code from templates folder in any theme ad run a check with Envato theme check plugin.

Or use PHPCS on template folder, it will show all the issues.

Example –

WARNING: Found echo $ in the file user-time.php. Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered.
Line 26: <time class='entry-date enrolled'><?php echo $start_time->format( 'i18n' ); ?></time>
Line 32: <time class='entry-date expire'><?php echo $expiration_time->format( 'i18n' ); ?></time>
Line 43: <time class='entry-date finished'><?php echo $end_time->format( 'i18n' ); ?></time>
WARNING: Found echo $ in the file thumbnail.php. Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered.
Line 26: <?php echo $course->get_image( 'course_thumbnail' ); ?>
WARNING: Found echo $ in the file tabs.php. Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered.
Line 61: echo $profile_tab['icon'];
Line 86: echo $section_data['icon'];
WARNING: Found echo $ in the file tabs.php. Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered.
Line 51: <input type='radio' name='learn-press-course-tab-radio' id='tab-<?php echo $key; ?>-input'
Line 52: <?php checked( $active_tab === $key ); ?> value='<?php echo $key; ?>'/>
Line 66: <label for='tab-<?php echo $key; ?>-input'><?php echo $tab['title']; ?></label>
WARNING: Found echo $ in the file sections.php. Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered.
Line 48: <input type='radio' name='<?php echo esc_attr( $unique_group ); ?>' class='learn-press-tabs__checker' <?php echo $checked; ?> id='<?php echo esc_attr( $unique_group . '__' . $section_
WARNING: Found echo $ in the file review-order.php. Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered.
Line 50: <?php echo $_course->get_image(); ?>
Line 90: <td class='col-number'><?php echo $cart->get_subtotal(); ?></td>
Line 104: <td class='col-number'><?php echo $cart->get_total(); ?></td>
WARNING: Found echo $ in the file retry.php. Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered.
Line 33: data-confirm='<?php echo $message_data_confirm; ?>'>

Or I can do a contribution to your regular plugin code, you can tell me where to push my codes.

Thanks.

Hi,

Thanks for the feedback, you can create a topic on Github. We’ll check there and fix issues until the error is gone. When done, we’ll push the beta version for you can check it.

Thanks.

Hi Arafat Jamil,

We release v4.1.6.9 fixed ESC, please check it.

Thank you so much.

The problems have been solved, thank you.

Hi Arafat Jamil,

Thanks for that. If you have any errors or need support, please contact us.

We really hope you can help me change the rating now. A nice rating for LearnPress is a big motivation for us to keep up the hard work and It’s really important to us. Very appreciate your help.`

• This reply was modified 2 years, 3 months ago by ThimPress.
• This reply was modified 2 years, 3 months ago by ThimPress.
• This reply was modified 2 years, 3 months ago by ThimPress.

I have updated your review.

Thank you so much, happy coding.