Issues in html-admin-page-addons.php (master) - Issues in master - AyeCode/invoicing - Measure and Improve Code Quality continuously with Scrutinizer

Issues (865)

Security Analysis 4 potential vulnerabilities

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Code Injection (1)

Code Injection enables an attacker to execute arbitrary code on the server.

Variable Injection (2)

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Cross-Site Scripting (1)

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

Header Injection

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/admin/html-admin-page-addons.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php
/**
 * Admin View: Page - Addons
 *
 */
if ( ! defined( 'ABSPATH' ) ) {
	exit;
}
add_ThickBox();
?>
<div class="wrap wpi_addons_wrap">
	<h1><?php echo esc_html( get_admin_page_title() ); ?></h1>

	<?php if ( $tabs ) { ?>
		<nav class="nav-tab-wrapper wpi-nav-tab-wrapper">
			<?php
			foreach ( $tabs as $name => $label ) {
				echo '<a href="' . esc_url( admin_url( 'admin.php?page=wpi-addons&tab=' . $name ) ) . '" class="nav-tab ' . ( $current_tab == $name ? 'nav-tab-active' : '' ) . '">' . esc_html( $label ) . '</a>';
			}
			do_action( 'wpi_addons_tabs' );
			?>
		</nav>

		<?php

		if ( $current_tab == 'membership' ) {

			?>

			<div class="wpi-membership-tab-conatiner">
				<div class="membership-content">
<!--
				<h2>With our WPInvoicing Membership you get access to all our products!</h2>
				<p><a class="button button-primary" href="https://wpgetpaid.com/downloads/membership/">View Memberships</a></p>-->
				<?php if ( defined( 'WP_EASY_UPDATES_ACTIVE' ) ) { ?>
					<h2><?php esc_html_e( 'Have a membership key?', 'invoicing' ); ?></h2>
					<p>
						<?php
						$wpeu_admin = new External_Updates_Admin( 'wpinvoicing.com', '1' );
filter:
    dependency_paths: ["lib/*"]
						echo $wpeu_admin->render_licence_actions( 'wpinvoicing.com', 'membership', array( 95, 106, 108, 12351 ) );
						?>
					</p>
				<?php } ?>

				<div class="membership-cta-contet">
					<div class="main-cta">
							<h2><?php esc_html_e( 'Membership benefits Include:', 'invoicing' ); ?></h2>
							<div class="feature-list">
								<ul>
									<?php
									$addon_obj = new WPInv_Admin_Addons();
									if ( $addons = $addon_obj->get_section_data( 'addons' ) ) {
										foreach ( $addons as $addon ) {
											echo '<li><i class="far fa-check-circle fa-sm"></i> ' . esc_html( $addon->info->title ) . '</li>';
										}
									}
									?>
									</ul>

									<div class="feature-cta">
										<h3><?php esc_html_e( 'Membership Starts from', 'invoicing' ); ?></h3>
										<h4>$99</h4>
										<a href="https://wpgetpaid.com/downloads/membership/" target="_blank"><?php esc_attr_e( 'Buy Membership', 'invoicing' ); ?></a>
									</div>
									<h3><?php esc_html_e( 'Included Gateways:', 'invoicing' ); ?></h3>
									<ul>
										<?php
										if ( $addons = $addon_obj->get_section_data( 'gateways' ) ) {
											foreach ( $addons as $addon ) {
												echo '<li><i class="far fa-check-circle fa-sm"></i> ' . esc_html( $addon->info->title ) . '</li>';
											}
										}
										?>
								</ul>
							</div>


					</div>
					<div class="member-testimonials">
						<h3>Testimonials</h3>
						<div class="testimonial-content">
							<div class="t-image">
								<?php
									echo '<img src="' . esc_url( plugins_url( 'images/t-image2.png', dirname( __FILE__ ) ) ) . '" > ';
								?>
							</div>
							<div class="t-content">
								<p>
									It works perfectly right out of the box and above all it’s VAT compliant, something crucial for everyone doing business with EU B2C and B2B customers.<br><br>

Then I had a minor issue which required their support and they delivered an unparalleled example of how excellent support works.<br><br>

Response was super fast, they analyzed the issue, delivered a patch in record time and solved this issue for good in the next release.<br><br>

Many commercial plugins and theme companies from the WordPress scene should learn from them.
								</p>
								<p><strong>Pedstone </strong> (@pedstone)</p>
							</div>
						</div>

						<div class="testimonial-content">
							<div class="t-image">
								<?php
									echo '<img src="' . esc_url( plugins_url( 'images/t-image1.png', dirname( __FILE__ ) ) ) . '" > ';
								?>
							</div>
							<div class="t-content">
								<p>
									I have been looking for a basic invoicing system that will allow recurring invoices.
This plugin is far from basic, with some nice in-depth options yet a great easy to use interface.<br><br>

I tried numerous plugins in an attempt to give me what I needed, this is by far the best and there was no need to buy premium plugins to get the features I required.<br><br>
Great job so far guys, can’t wait to see where this goes!
								</p>
								<p><strong>Coldcutt </strong>(@coldcutt)</p>
							</div>
						</div>
					</div>
					<div class="member-footer">
						<a class="footer-btn" href="https://wpgetpaid.com/downloads/membership/" target="_blank"><?php esc_html_e( 'Buy Membership', 'invoicing' ); ?></a>
						<a class="footer-link" href="post-new.php?post_type=wpi_invoice"><?php esc_html_e( 'Create Invoice', 'invoicing' ); ?></a>
					</div>
				</div>


			</div>
		</div>
			<?php
		} else {
			$installed_plugins = get_plugins();
            $addon_obj = new WPInv_Admin_Addons();
			if ( $addons = $addon_obj->get_section_data( $current_tab ) ) :
				//print_r($addons);
				?>
				<ul class="wpi-products">
                <?php
                foreach ( $addons as $addon ) :
                        if ( 965 == $addon->info->id ) {
continue;}// don't show quote add on
						?>
                        <li class="wpi-product">
								<div class="wpi-product-title">
									<h3>
                                    <?php
										if ( ! empty( $addon->info->excerpt ) ) {
										wpi_help_tip( $addon->info->excerpt, false, false, true );
										}
										echo esc_html( $addon->info->title );
                                        ?>
                                        </h3>
								</div>

								<span class="wpi-product-image">
									<?php if ( ! empty( $addon->info->thumbnail ) ) : ?>
										<img src="<?php echo esc_attr( $addon->info->thumbnail ); ?>"/>
									<?php
                                    endif;

									if ( 'stripe-payment-gateway' == $addon->info->slug ) {
										$addon->info->slug = 'getpaid-stripe-payments';
										$addon->info->link = 'https://wordpress.org/plugins/getpaid-stripe-payments/';
									}
                                    elseif( 'wallet' == $addon->info->slug ){
										$addon->info->slug = 'getpaid-wallet';
										$addon->info->link = 'https://wordpress.org/plugins/getpaid-wallet/';
									}
                                    elseif( 'item-inventory' == $addon->info->slug ){
										$addon->info->slug = 'getpaid-item-inventory';
										$addon->info->link = 'https://wordpress.org/plugins/getpaid-item-inventory/';
									}

									if ( isset( $addon->info->link ) && substr( $addon->info->link, 0, 21 ) === 'https://wordpress.org' ) {
										echo '<a href="' . esc_url( admin_url( '/plugin-install.php?tab=plugin-information&plugin=' . $addon->info->slug ) ) . '&width=770&height=660&TB_iframe=true" class="thickbox" >';
										echo '<span class="wpi-product-info">' . esc_html__( 'More info', 'invoicing' ) . '</span>';
										echo '</a>';
									} elseif ( isset( $addon->info->link ) && ( substr( $addon->info->link, 0, 23 ) === 'https://wpinvoicing.com' || substr( $addon->info->link, 0, 21 ) === 'https://wpgetpaid.com' ) ) {
										if ( defined( 'WP_EASY_UPDATES_ACTIVE' ) ) {
											$url = admin_url( '/plugin-install.php?tab=plugin-information&plugin=' . $addon->info->slug . '&width=770&height=660&item_id=' . $addon->info->id . '&update_url=https://wpgetpaid.com&TB_iframe=true' );
										} else {
											// if installed show activation link
											if ( isset( $installed_plugins['wp-easy-updates/external-updates.php'] ) ) {
												$url = '#TB_inline?width=600&height=50&inlineId=wpi-wpeu-required-activation';
											} else {
												$url = '#TB_inline?width=600&height=50&inlineId=wpi-wpeu-required-for-external';
											}
										}
										echo '<a href="' . esc_url( $url ) . '" class="thickbox">';
										echo '<span class="wpi-product-info">' . esc_html__( 'More info', 'invoicing' ) . '</span>';
										echo '</a>';
									}

									?>

								</span>


								<span class="wpi-product-button">
									<?php
                                    $addon_obj->output_button( $addon );
									?>
								</span>

								<span class="wpi-price"><?php //print_r($addon); //echo wp_kses_post( $addon->price ); ?></span></li><?php endforeach; ?></ul>
			<?php
            endif;
		}
}
	?>


	<div class="clearfix" ></div>

	<?php if ( $current_tab == 'addons' ) { ?>
	<p><?php printf(  esc_attr__( 'All of our Addons can be found on wpGetPaid.com here: %sInvoicing Addons%s', 'invoicing' ), '<a href="https://wpgetpaid.com/downloads/category/addons/">','</a>' ); ?></p>
	<?php } if ( $current_tab == 'gateways' ) { ?>
    <p><?php printf( esc_attr__( 'All of our Payment Gateways can be found on wpGetPaid.com here: %sGetPaid Payment Gateways %s', 'invoicing' ), '<a href="https://wpgetpaid.com/downloads/category/gateways/">','</a>'  ); ?></p>
    <?php } ?>

	<div id="wpi-wpeu-required-activation" style="display:none;"><span class="wpi-notification "><?php echo wp_kses_post(  sprintf( __( "The plugin <a href='https://wpeasyupdates.com/' target='_blank'>WP Easy Updates</a> is required to check for and update some installed plugins/themes, please <a href='%s'>activate</a> it now.", 'invoicing' ), wp_nonce_url( admin_url( 'plugins.php?action=activate&plugin=wp-easy-updates/external-updates.php' ), 'activate-plugin_wp-easy-updates/external-updates.php' ) ) ); ?></span></div>
	<div id="wpi-wpeu-required-for-external" style="display:none;"><span class="wpi-notification "><?php echo wp_kses_post( sprintf( __( "The plugin <a href='https://wpeasyupdates.com/' target='_blank'>WP Easy Updates</a> is required to check for and update some installed plugins/themes, please <a href='%s' onclick='window.open(\"https://wpeasyupdates.com/wp-easy-updates.zip\", \"_blank\");' >download</a> and install it now.", 'invoicing' ), admin_url( 'plugin-install.php?tab=upload&wpeu-install=true' ) ) ); ?></span></div>
	<div id="wpeu-licence-popup" style="display:none;">
		<span class="wpi-notification noti-white">
			<h3 class="wpeu-licence-title"><?php esc_html_e( 'Licence key', 'invoicing' ); ?></h3>
			<input class="wpeu-licence-key" type="text" placeholder="<?php esc_attr_e( 'Enter your licence key', 'invoicing' ); ?>"> <button class="button-primary wpeu-licence-popup-button" ><?php esc_html_e( 'Install', 'invoicing' ); ?></button>
			<br>
			<?php
			printf( esc_html__( '%1$sFind your licence key here%2$s OR %3$sBuy one here%4$s', 'invoicing' ), '<a href="https://wpgetpaid.com/your-account/" target="_blank">', '</a>', '<a class="wpeu-licence-link" href="https://wpgetpaid.com/downloads/category/addons/" target="_blank">', '</a>' );
			?>
		</span>
	</div>

</div>


1			<?php
2			/**
3			* Admin View: Page - Addons
4			*
5			*/
6			if ( ! defined( 'ABSPATH' ) ) {
7			exit;
8			}
9			add_ThickBox();
10			?>
11			<div class="wrap wpi_addons_wrap">
12			<h1><?php echo esc_html( get_admin_page_title() ); ?></h1>
13
14			<?php if ( $tabs ) { ?>
15			<nav class="nav-tab-wrapper wpi-nav-tab-wrapper">
16			<?php
17			foreach ( $tabs as $name => $label ) {
18			echo '<a href="' . esc_url( admin_url( 'admin.php?page=wpi-addons&tab=' . $name ) ) . '" class="nav-tab ' . ( $current_tab == $name ? 'nav-tab-active' : '' ) . '">' . esc_html( $label ) . '</a>';
19			}
20			do_action( 'wpi_addons_tabs' );
21			?>
22			</nav>
23
24			<?php
25
26			if ( $current_tab == 'membership' ) {
27
28			?>
29
30			<div class="wpi-membership-tab-conatiner">
31			<div class="membership-content">
32			<!--
33			<h2>With our WPInvoicing Membership you get access to all our products!</h2>
34			<p><a class="button button-primary" href="https://wpgetpaid.com/downloads/membership/">View Memberships</a></p>-->
35			<?php if ( defined( 'WP_EASY_UPDATES_ACTIVE' ) ) { ?>
36			<h2><?php esc_html_e( 'Have a membership key?', 'invoicing' ); ?></h2>
37			<p>
38			<?php
39			$wpeu_admin = new External_Updates_Admin( 'wpinvoicing.com', '1' );
			0 ignored issues – show Bug introduced 2020-01-24 13:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `External_Updates_Admin` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
40			echo $wpeu_admin->render_licence_actions( 'wpinvoicing.com', 'membership', array( 95, 106, 108, 12351 ) );
41			?>
42			</p>
43			<?php } ?>
44
45			<div class="membership-cta-contet">
46			<div class="main-cta">
47			<h2><?php esc_html_e( 'Membership benefits Include:', 'invoicing' ); ?></h2>
48			<div class="feature-list">
49			<ul>
50			<?php
51			$addon_obj = new WPInv_Admin_Addons();
52			if ( $addons = $addon_obj->get_section_data( 'addons' ) ) {
53			foreach ( $addons as $addon ) {
54			echo '<li><i class="far fa-check-circle fa-sm"></i> ' . esc_html( $addon->info->title ) . '</li>';
55			}
56			}
57			?>
58			</ul>
59
60			<div class="feature-cta">
61			<h3><?php esc_html_e( 'Membership Starts from', 'invoicing' ); ?></h3>
62			<h4>$99</h4>
63			<a href="https://wpgetpaid.com/downloads/membership/" target="_blank"><?php esc_attr_e( 'Buy Membership', 'invoicing' ); ?></a>
64			</div>
65			<h3><?php esc_html_e( 'Included Gateways:', 'invoicing' ); ?></h3>
66			<ul>
67			<?php
68			if ( $addons = $addon_obj->get_section_data( 'gateways' ) ) {
69			foreach ( $addons as $addon ) {
70			echo '<li><i class="far fa-check-circle fa-sm"></i> ' . esc_html( $addon->info->title ) . '</li>';
71			}
72			}
73			?>
74			</ul>
75			</div>
76
77
78			</div>
79			<div class="member-testimonials">
80			<h3>Testimonials</h3>
81			<div class="testimonial-content">
82			<div class="t-image">
83			<?php
84			echo '<img src="' . esc_url( plugins_url( 'images/t-image2.png', dirname( __FILE__ ) ) ) . '" > ';
85			?>
86			</div>
87			<div class="t-content">
88			<p>
89			It works perfectly right out of the box and above all it’s VAT compliant, something crucial for everyone doing business with EU B2C and B2B customers.<br><br>
90
91			Then I had a minor issue which required their support and they delivered an unparalleled example of how excellent support works.<br><br>
92
93			Response was super fast, they analyzed the issue, delivered a patch in record time and solved this issue for good in the next release.<br><br>
94
95			Many commercial plugins and theme companies from the WordPress scene should learn from them.
96			</p>
97			<p><strong>Pedstone </strong> (@pedstone)</p>
98			</div>
99			</div>
100
101			<div class="testimonial-content">
102			<div class="t-image">
103			<?php
104			echo '<img src="' . esc_url( plugins_url( 'images/t-image1.png', dirname( __FILE__ ) ) ) . '" > ';
105			?>
106			</div>
107			<div class="t-content">
108			<p>
109			I have been looking for a basic invoicing system that will allow recurring invoices.
110			This plugin is far from basic, with some nice in-depth options yet a great easy to use interface.<br><br>
111
112			I tried numerous plugins in an attempt to give me what I needed, this is by far the best and there was no need to buy premium plugins to get the features I required.<br><br>
113			Great job so far guys, can’t wait to see where this goes!
114			</p>
115			<p><strong>Coldcutt </strong>(@coldcutt)</p>
116			</div>
117			</div>
118			</div>
119			<div class="member-footer">
120			<a class="footer-btn" href="https://wpgetpaid.com/downloads/membership/" target="_blank"><?php esc_html_e( 'Buy Membership', 'invoicing' ); ?></a>
121			<a class="footer-link" href="post-new.php?post_type=wpi_invoice"><?php esc_html_e( 'Create Invoice', 'invoicing' ); ?></a>
122			</div>
123			</div>
124
125
126			</div>
127			</div>
128			<?php
129			} else {
130			$installed_plugins = get_plugins();
131			$addon_obj = new WPInv_Admin_Addons();
132			if ( $addons = $addon_obj->get_section_data( $current_tab ) ) :
133			//print_r($addons);
134			?>
135			<ul class="wpi-products">
136			<?php
137			foreach ( $addons as $addon ) :
138			if ( 965 == $addon->info->id ) {
139			continue;}// don't show quote add on
140			?>
141			<li class="wpi-product">
142			<div class="wpi-product-title">
143			<h3>
144			<?php
145			if ( ! empty( $addon->info->excerpt ) ) {
146			wpi_help_tip( $addon->info->excerpt, false, false, true );
147			}
148			echo esc_html( $addon->info->title );
149			?>
150			</h3>
151			</div>
152
153			<span class="wpi-product-image">
154			<?php if ( ! empty( $addon->info->thumbnail ) ) : ?>
155			<img src="<?php echo esc_attr( $addon->info->thumbnail ); ?>"/>
156			<?php
157			endif;
158
159			if ( 'stripe-payment-gateway' == $addon->info->slug ) {
160			$addon->info->slug = 'getpaid-stripe-payments';
161			$addon->info->link = 'https://wordpress.org/plugins/getpaid-stripe-payments/';
162			}
163			elseif( 'wallet' == $addon->info->slug ){
164			$addon->info->slug = 'getpaid-wallet';
165			$addon->info->link = 'https://wordpress.org/plugins/getpaid-wallet/';
166			}
167			elseif( 'item-inventory' == $addon->info->slug ){
168			$addon->info->slug = 'getpaid-item-inventory';
169			$addon->info->link = 'https://wordpress.org/plugins/getpaid-item-inventory/';
170			}
171
172			if ( isset( $addon->info->link ) && substr( $addon->info->link, 0, 21 ) === 'https://wordpress.org' ) {
173			echo '<a href="' . esc_url( admin_url( '/plugin-install.php?tab=plugin-information&plugin=' . $addon->info->slug ) ) . '&width=770&height=660&TB_iframe=true" class="thickbox" >';
174			echo '<span class="wpi-product-info">' . esc_html__( 'More info', 'invoicing' ) . '</span>';
175			echo '</a>';
176			} elseif ( isset( $addon->info->link ) && ( substr( $addon->info->link, 0, 23 ) === 'https://wpinvoicing.com' \|\| substr( $addon->info->link, 0, 21 ) === 'https://wpgetpaid.com' ) ) {
177			if ( defined( 'WP_EASY_UPDATES_ACTIVE' ) ) {
178			$url = admin_url( '/plugin-install.php?tab=plugin-information&plugin=' . $addon->info->slug . '&width=770&height=660&item_id=' . $addon->info->id . '&update_url=https://wpgetpaid.com&TB_iframe=true' );
179			} else {
180			// if installed show activation link
181			if ( isset( $installed_plugins['wp-easy-updates/external-updates.php'] ) ) {
182			$url = '#TB_inline?width=600&height=50&inlineId=wpi-wpeu-required-activation';
183			} else {
184			$url = '#TB_inline?width=600&height=50&inlineId=wpi-wpeu-required-for-external';
185			}
186			}
187			echo '<a href="' . esc_url( $url ) . '" class="thickbox">';
188			echo '<span class="wpi-product-info">' . esc_html__( 'More info', 'invoicing' ) . '</span>';
189			echo '</a>';
190			}
191
192			?>
193
194			</span>
195
196
197			<span class="wpi-product-button">
198			<?php
199			$addon_obj->output_button( $addon );
200			?>
201			</span>
202
203			<span class="wpi-price"><?php //print_r($addon); //echo wp_kses_post( $addon->price ); ?></span></li><?php endforeach; ?></ul>
204			<?php
205			endif;
206			}
207			}
208			?>
209
210
211			<div class="clearfix" ></div>
212
213			<?php if ( $current_tab == 'addons' ) { ?>
214			<p><?php printf( esc_attr__( 'All of our Addons can be found on wpGetPaid.com here: %sInvoicing Addons%s', 'invoicing' ), '<a href="https://wpgetpaid.com/downloads/category/addons/">','</a>' ); ?></p>
215			<?php } if ( $current_tab == 'gateways' ) { ?>
216			<p><?php printf( esc_attr__( 'All of our Payment Gateways can be found on wpGetPaid.com here: %sGetPaid Payment Gateways %s', 'invoicing' ), '<a href="https://wpgetpaid.com/downloads/category/gateways/">','</a>' ); ?></p>
217			<?php } ?>
218
219			<div id="wpi-wpeu-required-activation" style="display:none;"><span class="wpi-notification "><?php echo wp_kses_post( sprintf( __( "The plugin <a href='https://wpeasyupdates.com/' target='_blank'>WP Easy Updates</a> is required to check for and update some installed plugins/themes, please <a href='%s'>activate</a> it now.", 'invoicing' ), wp_nonce_url( admin_url( 'plugins.php?action=activate&plugin=wp-easy-updates/external-updates.php' ), 'activate-plugin_wp-easy-updates/external-updates.php' ) ) ); ?></span></div>
220			<div id="wpi-wpeu-required-for-external" style="display:none;"><span class="wpi-notification "><?php echo wp_kses_post( sprintf( __( "The plugin <a href='https://wpeasyupdates.com/' target='_blank'>WP Easy Updates</a> is required to check for and update some installed plugins/themes, please <a href='%s' onclick='window.open(\"https://wpeasyupdates.com/wp-easy-updates.zip\", \"_blank\");' >download</a> and install it now.", 'invoicing' ), admin_url( 'plugin-install.php?tab=upload&wpeu-install=true' ) ) ); ?></span></div>
221			<div id="wpeu-licence-popup" style="display:none;">
222			<span class="wpi-notification noti-white">
223			<h3 class="wpeu-licence-title"><?php esc_html_e( 'Licence key', 'invoicing' ); ?></h3>
224			<input class="wpeu-licence-key" type="text" placeholder="<?php esc_attr_e( 'Enter your licence key', 'invoicing' ); ?>"> <button class="button-primary wpeu-licence-popup-button" ><?php esc_html_e( 'Install', 'invoicing' ); ?></button>
225			<br>
226			<?php
227			printf( esc_html__( '%1$sFind your licence key here%2$s OR %3$sBuy one here%4$s', 'invoicing' ), '<a href="https://wpgetpaid.com/your-account/" target="_blank">', '</a>', '<a class="wpeu-licence-link" href="https://wpgetpaid.com/downloads/category/addons/" target="_blank">', '</a>' );
228			?>
229			</span>
230			</div>
231
232			</div>
233

AyeCode / invoicing

Issues (865)

Security Analysis 4 potential vulnerabilities

includes/admin/html-admin-page-addons.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like