Stingray_454

This can be marked as resolved. The issue was that some orders at the launch of the shop had different VAT settings (with no tax entered on the VAT), but this was fixed a few days later. The missing VAT on the shipping shows up when printing orders placed after this change. My bad!

Happy to see mailing lists subscription shortcodes are supported in the latest version!

Hope to see above described WooCommerce integration as well in the near future.

Probably because you’ve set mailgun to track clicks (all links are redirected first to mailgun where it collects information about who clicked it, counts total number of clicks and so on, and then redirects you to the actual link). You can turn this off in the mailgun settings.

+1, I would really like a form to fill out (like a shortcode to generate signup form).

WooCommerce integration would also be awesome, like a “sign up for mailing list” option in the checkout and an unsubscribe function on My Account page. Any plans for similar functions?

Thanks for the suggestion. If possible, I’d like to use this plugin as we’ve tested it extensively, styled it to fit our site and such, and it works perfect for us. Switching would be some work. Also this plugin includes saved cards (if it was only working). Seems to be the best Stripe plugin out there, including the paid ones if you ask me. I wouldn’t mind paying for this plugin, at least if it had some support and updates ??

I’m guessing it’s due to an API issue, as it was working earlier for other people. Hoping for a fix from the developers.

Hijacking this request a bit, as it’s the same request as Adaptas :).

I noticed it’s also missing the swedish characters ?, ? and ? (big and small, so “??????”) and converting to similar strings (“?” = “-cc-88” for example). Would suggest replacing those with “aaoAAO” instead.

Great, thanks! I agree it’s maybe not the plugins responsibility, but at least some “skip rename if title matches filename”-option in the settings would be awesome.

Thanks for quick feedback and solution!

The titles are exactly the same as the old file name. Real example from the site:

Title: fbimg_788689751180518.jpg
Filename: fbimg_788689751180518.jpg
Suggested change: fbimg_788689751180518-jpg.jpg

I would suggest skipping a name change if the title == the filename, or maybe that has other negative side effects?

Just a followup – is any kind of xmlrpc protection implemented yet? I still get tons of blocks daily from the above patch I made, and other xmlrpc functions are working properly. I haven’t updated wordfence in a while since this would remove the xmlrpc protection, and haven’t seen anything mentioned that it has been added in the latest versions. Anything that is planned?

The above code adds a “category_id_in” shortcode attribute, but if you have a better implementation idea I’m all for it.

Thanks for a quick reply and happy to hear the requested feature is beeing added. Adding a 5-star review ??

Did a quick patch on the current version, was easy enough to change:

Changed the start of function html_render() in class-subscribe.php to

public function html_render( $atts = false ){

      extract( shortcode_atts( array(
        'category_in' => false,
        'category_id_in' => false,
        'category_not_in' => false,
      ), $atts ));

      // add hook when we have a request to render html
  		add_action('wp_footer', array( $this, 'add_script_to_footer' ), 20);

      // getting all categories
      $args = array( 'hide_empty' => 0 );
  		$cats = get_categories( $args );

      if( !empty( $category_in ) ){
        $cats = $this->filter_categories_in( $cats, $category_in );
      }elseif( !empty( $category_id_in ) ){
        $cats = $this->filter_categories_id_in( $cats, $category_id_in );
      }elseif( !empty( $category_not_in ) ){
        $cats = $this->filter_categories_not_in( $cats, $category_not_in );
      }

And added function

/**
     * Filter to show categories by attribute 'category_id_in' in shortcode
     *
     * @param  array  $cats_all All categories
     * @param  string $cats_id_in  Categories entered in shortcode
     *
     * @since 1.3.0
     *
     * @return array            Array with categories to show
     */
    private function filter_categories_id_in( $cats_all = '', $cats_id_in = '' ){

      if(empty( $cats_all ))
        return false;

      $cats_id_in = explode(',', str_replace(', ', ',', $cats_id_in ) );

      $filtered_cats = array();
      foreach( $cats_id_in as $cat_id_in ){
        foreach ($cats_all as $cat ) {
          if( $cat_id_in == $cat->cat_ID )
            $filtered_cats[] = $cat;
        }
      }

      return $filtered_cats;

    }

Works like a charm. Feel free to include something similar in the next release, as I’m not comfortable to used forked plugins on the site ??

Replying to my own post here. I just relized you have you use post_thumbnail and not post_image to get the correct size. Now the size attribute works as expected. Leaving this thread here if someone else has the same question. Thanks for a great plugin!

@b13story: As it only does something like “if it’s an xmlprc call, get the username from the xml instead of the username field” (and only does this on failed login attempts), I can’t see any way it would interfere with any current xmlrpc calls, as it’s not modifying anything in existing calls. That said, yes, it could be a bad idea to modify the plugin manually :).

Hope this gets added in an upcoming release, I already have a massive number of blocks this way (all correct ones from distributed attacks toward xmlrpc).

I had a similar issue, seems many brute-force attacs tries to verify credentials through XMLRPC and not the regular login. This means they do get logged in Wordfence log as failed login attempts, but they won’t be banned according to any rules set.

I made a quickfix that I pasted in the thread “Feature request: Add support for XMLRPC attacks” if that’s any help, thought it requires modifying wordfence files.

Did a quickfix myself if anyone needs the same functionlity.. Note that this is very ugly and “hacky” but works to block xmlrpc hack attempts if they use blacklisted users. Also changed to permanent block as there was no option for this in the settings.

In wordfence/lib/wordfenceClass.php, method authenticateFilter(), line 982:

Changed from:

if($blacklist = wfConfig::get('loginSec_userBlacklist')){
					$users = explode(',', $blacklist);
					foreach($users as $user){
						if(strtolower($_POST['log']) == strtolower($user)){
							self::getLog()->blockIP($IP, "Blocked by login security setting.");
							$secsToGo = wfConfig::get('blockedTime');
							self::getLog()->do503($secsToGo, "Blocked by login security setting.");
							break;
						}
					}
				}

to

if($blacklist = wfConfig::get('loginSec_userBlacklist')){
					if($_SERVER['REQUEST_URI'] == '/xmlrpc.php') {
						$xml = @file_get_contents("php://input");
						$startPos = strpos($xml, "<param><value>");
						if($startPos !== false) {
							$startPos += 14; // length of searchstring
							$endPos = strpos($xml, "</value>", $startPos);
							$len = $endPos - $startPos;
							$username = substr($xml, $startPos, $len);
						} else $username = "";
					} else {
						$username = $_POST['log'];
					}
					$users = explode(',', $blacklist);
					foreach($users as $user){
						if(strtolower($username) == strtolower($user)){
							self::getLog()->blockIP($IP, "Blocked by login security setting.",false,true); // Permanent block
							$secsToGo = wfConfig::get('blockedTime');
							self::getLog()->do503($secsToGo, "Blocked by login security setting.");
							break;
						}
					}
				}

Hope it helps someone.