release: fixes

- Enhanced security

Author: vytisbulkevicius

composer.lock

@@ -579,7 +579,7 @@ public function about_page() {
 			'location'         => 'otter',
 			'logo'             => esc_url_raw( OTTER_BLOCKS_URL . 'assets/images/logo-alt.png' ),
 			'has_upgrade_menu' => ! DEFINED( 'OTTER_PRO_VERSION' ),
-			'upgrade_link'     => tsdk_utmify( Pro::get_url(), 'editor', Pro::get_reference() ),
+			'upgrade_link'     => tsdk_translate_link( tsdk_utmify( Pro::get_url(), 'editor', Pro::get_reference() ) ),
 			'upgrade_text'     => __( 'Get Otter Pro', 'otter-blocks' ),
 		);
 	}

inc/class-main.php

@@ -250,7 +250,7 @@ public function render_metabox_upsell( $post_type ) {
 					<li><?php _e( 'Priority Support', 'otter-blocks' ); ?></li>
 				</ul>
 
-				<a href="<?php echo esc_url_raw( tsdk_utmify( self::get_url(), 'woobuilder', 'wooproducteditor' ) ); ?>" target="_blank" class="button button-primary">
+				<a href="<?php echo esc_url_raw( tsdk_translate_link( tsdk_utmify( self::get_url(), 'woobuilder', 'wooproducteditor' ) ) ); ?>" target="_blank" class="button button-primary">
 					<?php _e( 'Discover Otter Pro', 'otter-blocks' ); ?>
 				</a>
 			</div>

inc/class-pro.php

@@ -252,8 +252,8 @@ public function enqueue_block_editor_assets() {
 				'hasNeve'                 => defined( 'NEVE_VERSION' ),
 				'hasPro'                  => Pro::is_pro_installed(),
 				'isProActive'             => Pro::is_pro_active(),
-				'upgradeLink'             => tsdk_utmify( Pro::get_url(), 'editor', Pro::get_reference() ),
-				'patternsLink'            => tsdk_utmify( Pro::get_patterns_url(), 'editor', Pro::get_reference() ),
+				'upgradeLink'             => tsdk_translate_link( tsdk_utmify( Pro::get_url(), 'editor', Pro::get_reference() ) ),
+				'patternsLink'            => tsdk_translate_link( tsdk_utmify( Pro::get_patterns_url(), 'editor', Pro::get_reference() ) ),
 				'should_show_upsell'      => Pro::should_show_upsell(),
 				'assetsPath'              => OTTER_BLOCKS_URL . 'assets',
 				'updatePath'              => admin_url( 'update-core.php' ),

inc/class-registration.php

@@ -179,7 +179,7 @@ public function form_submissions_callback() {
 				<img style="max-width: 100%" src="<?php echo esc_url( OTTER_BLOCKS_URL . 'assets/images/form-submissions-upsell.svg' ); ?>" alt="Otter Form Submissions Upsell" />
 				<h2 style="line-height: 1"><?php esc_html_e( 'Collect Your Form Submissions', 'otter-blocks' ); ?></h2>
 				<p><?php esc_html_e( 'Store, manage and analyze your form submissions with ease – all in one place. With Otter powerful features, managing submissions has never been simpler.', 'otter-blocks' ); ?></p>
-				<a href="<?php echo esc_url( tsdk_utmify( 'https://themeisle.com/plugins/otter-blocks/upgrade/', 'form-submissions', 'admin' ) ); ?>" class="button button-primary" target="_blank"><?php esc_html_e( 'Explore Otter PRO', 'otter-blocks' ); ?></a>
+				<a href="<?php echo esc_url( tsdk_translate_link( tsdk_utmify( 'https://themeisle.com/plugins/otter-blocks/upgrade/', 'form-submissions', 'admin' ) ) ); ?>" class="button button-primary" target="_blank"><?php esc_html_e( 'Explore Otter PRO', 'otter-blocks' ); ?></a>
 			</div>
 		</div>
 		<?php
@@ -192,9 +192,7 @@ public function form_submissions_callback() {
 	 * @access  public
 	 */
 	public function enqueue_options_assets() {
-		$wp_upload_dir = wp_upload_dir( null, false );
-		$basedir       = $wp_upload_dir['basedir'] . '/themeisle-gutenberg/';
-		$asset_file    = include OTTER_BLOCKS_PATH . '/build/dashboard/index.asset.php';
+		$asset_file = include OTTER_BLOCKS_PATH . '/build/dashboard/index.asset.php';
 
 		wp_enqueue_style(
 			'otter-blocks-styles',
@@ -213,55 +211,67 @@ public function enqueue_options_assets() {
 
 		wp_set_script_translations( 'otter-blocks-scripts', 'otter-blocks' );
 
-		$offer = new LimitedOffers();
-
 		wp_localize_script(
 			'otter-blocks-scripts',
 			'otterObj',
-			apply_filters(
-				'otter_dashboard_data',
-				array(
-					'version'                => OTTER_BLOCKS_VERSION,
-					'assetsPath'             => OTTER_BLOCKS_URL . 'assets/',
-					'stylesExist'            => is_dir( $basedir ) || boolval( get_transient( 'otter_animations_parsed' ) ),
-					'hasPro'                 => Pro::is_pro_installed(),
-					'upgradeLink'            => tsdk_utmify( Pro::get_url(), 'options', Pro::get_reference() ),
-					'docsLink'               => Pro::get_docs_url(),
-					'showFeedbackNotice'     => $this->should_show_feedback_notice(),
-					'deal'                   => ! Pro::is_pro_installed() ? $offer->get_localized_data() : array(),
-					'hasOnboarding'          => false !== get_theme_support( FSE_Onboarding::SUPPORT_KEY ),
-					'days_since_install'     => round( ( time() - get_option( 'otter_blocks_install', time() ) ) / DAY_IN_SECONDS ),
-					'rootUrl'                => get_site_url(),
-					'neveThemePreviewUrl'    => esc_url(
-						add_query_arg(
-							array(
-								'theme' => 'neve',
-							),
-							admin_url( 'theme-install.php' )
-						)
+			$this->get_dashboard_data()
+		);
+
+		$this->load_survey();
+	}
+
+	/**
+	 * Get the dashboard data to store in global object.
+	 * 
+	 * @return array
+	 */
+	public function get_dashboard_data() {
+		$wp_upload_dir = wp_upload_dir( null, false );
+		$basedir       = $wp_upload_dir['basedir'] . '/themeisle-gutenberg/';
+		$offer         = new LimitedOffers();
+
+		$global_data = array(
+			'version'                => OTTER_BLOCKS_VERSION,
+			'assetsPath'             => OTTER_BLOCKS_URL . 'assets/',
+			'stylesExist'            => is_dir( $basedir ) || boolval( get_transient( 'otter_animations_parsed' ) ),
+			'hasPro'                 => Pro::is_pro_installed(),
+			'upgradeLink'            => tsdk_translate_link( tsdk_utmify( Pro::get_url(), 'options', Pro::get_reference() ) ),
+			'docsLink'               => Pro::get_docs_url(),
+			'showFeedbackNotice'     => $this->should_show_feedback_notice(),
+			'deal'                   => ! Pro::is_pro_installed() ? $offer->get_localized_data() : array(),
+			'hasOnboarding'          => false !== get_theme_support( FSE_Onboarding::SUPPORT_KEY ),
+			'days_since_install'     => (int) round( ( time() - get_option( 'otter_blocks_install', time() ) ) / DAY_IN_SECONDS ),
+			'rootUrl'                => get_site_url(),
+			'neveThemePreviewUrl'    => esc_url(
+				add_query_arg(
+					array(
+						'theme' => 'neve',
 					),
-					'neveThemeActivationUrl' => esc_url(
-						add_query_arg(
-							array(
-								'action'     => 'activate',
-								'stylesheet' => 'neve',
-								'_wpnonce'   => wp_create_nonce( 'switch-theme_neve' ),
-							),
-							admin_url( 'themes.php' )
-						)
+					admin_url( 'theme-install.php' )
+				)
+			),
+			'neveThemeActivationUrl' => esc_url(
+				add_query_arg(
+					array(
+						'action'     => 'activate',
+						'stylesheet' => 'neve',
+						'_wpnonce'   => wp_create_nonce( 'switch-theme_neve' ),
 					),
-					'neveDashboardUrl'       => esc_url(
-						add_query_arg(
-							array(
-								'page' => 'neve-welcome',
-							),
-							admin_url( 'admin.php' )
-						)
+					admin_url( 'themes.php' )
+				)
+			),
+			'neveDashboardUrl'       => esc_url(
+				add_query_arg(
+					array(
+						'page' => 'neve-welcome',
 					),
-					'neveInstalled'          => defined( 'NEVE_VERSION' ),
+					admin_url( 'admin.php' )
 				)
-			)
+			),
+			'neveInstalled'          => defined( 'NEVE_VERSION' ),
 		);
+
+		return apply_filters( 'otter_dashboard_data', $global_data );
 	}
 
 	/**
@@ -720,6 +730,18 @@ public function form_submissions_widget_content() {
 		<?php
 	}
 
+	/**
+	 * Load the Formbricks deps from SDK to initiate the survey.
+	 */
+	private function load_survey() {
+		$survey_handler = apply_filters( 'themeisle_sdk_dependency_script_handler', 'survey' );
+		if ( empty( $survey_handler ) ) {
+			return;
+		}
+
+		do_action( 'themeisle_sdk_dependency_enqueue_script', 'survey' );
+	}
+
 	/**
 	 * The instance method for the static class.
 	 * Defines and returns the instance of the static class.

inc/plugins/class-dashboard.php

@@ -167,6 +167,7 @@ public function get( $request ) {
 
 			$fallback           = sanitize_text_field( $fallback );
 			$feedback_full_path = realpath( $fallback );
+			$feedback_full_path = str_contains( $feedback_full_path, WP_CONTENT_DIR );
 
 			if ( false !== $feedback_full_path && @getimagesize( $fallback ) ) { // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
 				$path = $feedback_full_path;

inc/server/class-dynamic-content-server.php

@@ -56,7 +56,7 @@ function() {
 			'is_enabled' => ! defined( 'OTTER_PRO_VERSION' ),
 			'pro_name'   => __( 'Otter Blocks Pro', 'otter-blocks' ),
 			'logo'       => OTTER_BLOCKS_URL . '/assets/images/logo-alt.png',
-			'cta_link'   => tsdk_utmify( 'https://themeisle.com/plugins/otter-blocks/upgrade/?discount=LOYALUSER583&dvalue=60#pricing', 'otter-welcome', 'notice' ),
+			'cta_link'   => tsdk_translate_link( tsdk_utmify( 'https://themeisle.com/plugins/otter-blocks/upgrade/?discount=LOYALUSER583&dvalue=60#pricing', 'otter-welcome', 'notice' ) ),
 		];
 	}
 );

otter-blocks.php

@@ -64,7 +64,6 @@
 		"lasttranslator": "Themeisle Translate Team <[email protected]>"
 	},
 	"dependencies": {
-		"@formbricks/js": "^2.2.0",
 		"@wordpress/icons": "^9.46.0",
 		"array-move": "^3.0.1",
 		"classnames": "^2.5.1",
@@ -80,7 +79,7 @@
 	},
 	"devDependencies": {
 		"@automattic/babel-plugin-replace-textdomain": "^1.0.35",
-		"@playwright/test": "^1.48.1",
+		"@playwright/test": "^1.48.2",
 		"@semantic-release/changelog": "^6.0.3",
 		"@semantic-release/exec": "^6.0.3",
 		"@semantic-release/git": "^10.0.1",

package-lock.json

@@ -59,6 +59,7 @@ function ( $message ) {
 );
 
 add_filter( 'otter_pro_hide_license_field', '__return_true' );
+add_filter( 'themeisle_sdk_ran_promos', '__return_false' );
 
 if ( ! defined( 'OTTER_BLOCKS_VERSION' ) ) {
 	add_action(