Context Navigation

← Previous Changeset
Next Changeset →

Changeset 2841294

Timestamp:

12/29/2022 09:35:43 PM (3 years ago)

Author:

grimmdude

Message:

6.5.7

Location:

google-analyticator

Files:

: 139 added
: 2 edited

tags/6.5.7 (added)
tags/6.5.7/appsumo-capture-form.php (added)
tags/6.5.7/class.analytics.stats.php (added)
tags/6.5.7/download-button.png (added)
tags/6.5.7/external-tracking.js (added)
tags/6.5.7/external-tracking.min.js (added)
tags/6.5.7/ga-md-ad-532.png (added)
tags/6.5.7/ga-plugin-advert-sidebar.png (added)
tags/6.5.7/ga-plugin-advert.jpg (added)
tags/6.5.7/ga_logo.png (added)
tags/6.5.7/gapro-plugin-advert-sidebar.png (added)
tags/6.5.7/google-analyticator.php (added)
tags/6.5.7/google-analytics-stats-widget.php (added)
tags/6.5.7/google-analytics-summary-widget.php (added)
tags/6.5.7/google-api-php-client (added)
tags/6.5.7/google-api-php-client/LICENSE (added)
tags/6.5.7/google-api-php-client/NOTICE (added)
tags/6.5.7/google-api-php-client/README (added)
tags/6.5.7/google-api-php-client/src (added)
tags/6.5.7/google-api-php-client/src/Google_Client.php (added)
tags/6.5.7/google-api-php-client/src/auth (added)
tags/6.5.7/google-api-php-client/src/auth/Google_AssertionCredentials.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_Auth.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_AuthNone.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_LoginTicket.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_OAuth2.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_P12Signer.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_PemVerifier.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_Signer.php (added)
tags/6.5.7/google-api-php-client/src/auth/Google_Verifier.php (added)
tags/6.5.7/google-api-php-client/src/cache (added)
tags/6.5.7/google-api-php-client/src/cache/Google_ApcCache.php (added)
tags/6.5.7/google-api-php-client/src/cache/Google_Cache.php (added)
tags/6.5.7/google-api-php-client/src/cache/Google_FileCache.php (added)
tags/6.5.7/google-api-php-client/src/cache/Google_MemcacheCache.php (added)
tags/6.5.7/google-api-php-client/src/config.php (added)
tags/6.5.7/google-api-php-client/src/contrib (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_AdExchangeSellerService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_AdexchangebuyerService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_AdsensehostService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_AnalyticsService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_AndroidpublisherService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_AppstateService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_AuditService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_BigqueryService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_BloggerService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_BooksService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_CalendarService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_CivicInfoService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_ComputeService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_CoordinateService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_CustomsearchService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_DatastoreService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_DfareportingService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_DirectoryService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_DriveService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_FreebaseService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_FusiontablesService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_GamesManagementService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_GamesService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_GanService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_GroupssettingsService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_LatitudeService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_LicensingService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_MirrorService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_ModeratorService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_Oauth2Service.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_OrkutService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_PagespeedonlineService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_PlusDomainsService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_PlusMomentsService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_PlusService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_PredictionService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_ReportsService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_ResellerService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_SQLAdminService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_ShoppingService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_SiteVerificationService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_StorageService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_TaskqueueService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_TasksService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_TranslateService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_UrlshortenerService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_WebfontsService.php (added)
tags/6.5.7/google-api-php-client/src/contrib/Google_YouTubeAnalyticsService.php (added)
tags/6.5.7/google-api-php-client/src/external (added)
tags/6.5.7/google-api-php-client/src/external/URITemplateParser.php (added)
tags/6.5.7/google-api-php-client/src/io (added)
tags/6.5.7/google-api-php-client/src/io/Google_CacheParser.php (added)
tags/6.5.7/google-api-php-client/src/io/Google_CurlIO.php (added)
tags/6.5.7/google-api-php-client/src/io/Google_HttpRequest.php (added)
tags/6.5.7/google-api-php-client/src/io/Google_HttpStreamIO.php (added)
tags/6.5.7/google-api-php-client/src/io/Google_IO.php (added)
tags/6.5.7/google-api-php-client/src/io/Google_REST.php (added)
tags/6.5.7/google-api-php-client/src/io/cacerts.pem (added)
tags/6.5.7/google-api-php-client/src/local_config.php (added)
tags/6.5.7/google-api-php-client/src/service (added)
tags/6.5.7/google-api-php-client/src/service/Google_BatchRequest.php (added)
tags/6.5.7/google-api-php-client/src/service/Google_MediaFileUpload.php (added)
tags/6.5.7/google-api-php-client/src/service/Google_Model.php (added)
tags/6.5.7/google-api-php-client/src/service/Google_Service.php (added)
tags/6.5.7/google-api-php-client/src/service/Google_ServiceResource.php (added)
tags/6.5.7/google-api-php-client/src/service/Google_Utils.php (added)
tags/6.5.7/google-api-php-client/static (added)
tags/6.5.7/google-api-php-client/static/Credentials.png (added)
tags/6.5.7/images (added)
tags/6.5.7/images/products (added)
tags/6.5.7/images/products/appsumo-logo.png (added)
tags/6.5.7/images/products/appsumo-logo.svg (added)
tags/6.5.7/images/products/kingsumo-logo.svg (added)
tags/6.5.7/images/products/sendfox-logo.svg (added)
tags/6.5.7/images/products/sumo-logo.png (added)
tags/6.5.7/jquery.flot.min.js (added)
tags/6.5.7/jquery.sparkline.min.js (added)
tags/6.5.7/localizations (added)
tags/6.5.7/localizations/google-analyticator-es_ES.mo (added)
tags/6.5.7/localizations/google-analyticator-es_ES.po (added)
tags/6.5.7/localizations/google-analyticator-nl_NL.mo (added)
tags/6.5.7/localizations/google-analyticator-nl_NL.po (added)
tags/6.5.7/localizations/google-analyticator-pl_PL.mo (added)
tags/6.5.7/localizations/google-analyticator-pl_PL.po (added)
tags/6.5.7/localizations/google-analyticator-tr_TR.mo (added)
tags/6.5.7/localizations/google-analyticator-tr_TR.po (added)
tags/6.5.7/other_plugins.php (added)
tags/6.5.7/other_tools.php (added)
tags/6.5.7/privacy.png (added)
tags/6.5.7/readme.txt (added)
tags/6.5.7/screenshot-1.png (added)
tags/6.5.7/screenshot-2.png (added)
tags/6.5.7/screenshot-3.png (added)
tags/6.5.7/screenshot-4.png (added)
tags/6.5.7/screenshot-5.png (added)
tags/6.5.7/screenshot-6.png (added)
tags/6.5.7/scripts (added)
tags/6.5.7/scripts/google-analyticator-scripts.js (added)
tags/6.5.7/styles (added)
tags/6.5.7/styles/google-analyticator-style-common.css (added)
tags/6.5.7/styles/google-analyticator-style.css (added)
tags/6.5.7/wlcms-plugin-advert.png (added)
trunk/google-analyticator.php (modified) (33 diffs)
trunk/readme.txt (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

google-analyticator/trunk/google-analyticator.php

-                      r2839517
+                      r2841294
 /*
  * Plugin Name: Analyticator
  * Version: 6.5.6
+ * Version: 6.5.7
  * Plugin URI: http://www.videousermanuals.com/google-analyticator/?utm_campaign=analyticator&utm_medium=plugin&utm_source=readme-txt
  * Description: Adds the necessary JavaScript code to enable <a href="http://www.google.com/analytics/">Google's Analytics</a>. After enabling this plugin you need to authenticate with Google, then select your domain and you're set.
 …
 //ini_set('display_errors', '1');
 define('GOOGLE_ANALYTICATOR_VERSION', '6.5.6');
+define('GOOGLE_ANALYTICATOR_VERSION', '6.5.7');
 define('GOOGLE_ANALYTICATOR_CLIENTID', '1007949979410.apps.googleusercontent.com');
 …
   <p>You need to sign in to Google and grant this plugin access to your Google Analytics account</p>
   <p> <a
                 onclick="window.open('https://accounts.google.com/o/oauth2/auth?<?php echo $url ?>', 'activate','width=700, height=600, menubar=0, status=0, location=0, toolbar=0')"
+                onclick="window.open('https://accounts.google.com/o/oauth2/auth?<?php echo esc_url($url) ?>', 'activate','width=700, height=600, menubar=0, status=0, location=0, toolbar=0')"
                 target="_blank"
                 href="javascript:void(0);"> Click Here </a> - <small> Or <a target="_blank" href="https://accounts.google.com/o/oauth2/auth?<?php echo $url ?>">here</a> if you have popups blocked</small> </p>
+                href="javascript:void(0);"> Click Here </a> - <small> Or <a target="_blank" href="https://accounts.google.com/o/oauth2/auth?<?php echo esc_url($url) ?>">here</a> if you have popups blocked</small> </p>
   <div  id="key">
     <p>Enter your Google Authentication Code in this box. This code will be used to get an Authentication Token so you can access your website stats.</p>
     <form method="post" action="<?php echo ga_analyticator_setting_url();?>">
+    <form method="post" action="<?php echo esc_url(ga_analyticator_setting_url());?>">
       <?php wp_nonce_field('google-analyticator-update_settings'); ?>
       <input type="text" name="key_ga_google_token" value="" style="width:450px;"/>
 …
   <p>If you don't want to authenticate through Google and only use the tracking capability of the plugin (<strong><u>not the dashboard functionality</u></strong>), you can do this by clicking the button below. </p>
   <p>You will be asked on the next page to manually enter your Google Analytics UID.</p>
   <form method="post" action="<?php echo ga_analyticator_setting_url();?>">
+  <form method="post" action="<?php echo esc_url(ga_analyticator_setting_url());?>">
     <input type="hidden" name="key_ga_google_token" value="" />
     <?php wp_nonce_field('google-analyticator-update_settings'); ?>
 …
         // Give an updated message
         echo "<div class='updated settings-error notice is-dismissible'><p><strong>" . __('Google Analyticator settings saved.', 'google-analyticator') . "</strong></p><button type='button' class='notice-dismiss'><span class='screen-reader-text'>Dismiss this notice.</span></button></div>";
+        echo "<div class='updated settings-error notice is-dismissible'><p><strong>" . esc_html__('Google Analyticator settings saved.', 'google-analyticator') . "</strong></p><button type='button' class='notice-dismiss'><span class='screen-reader-text'>Dismiss this notice.</span></button></div>";
+    }
         // Are we using the auth system?
 …
         <?php endif ?>
       <form method="post" action="<?php echo ga_analyticator_setting_url();?>">
+      <form method="post" action="<?php echo esc_url(ga_analyticator_setting_url());?>">
         <?php
                 # Add a nonce
 …
         <?php if (get_option(key_ga_status) == ga_disabled) { ?>
         <div style="margin:10px auto; border:3px #f00 solid; background-color:#fdd; color:#000; padding:10px; text-align:center;">
+          <?php _e('Google Analytics integration is currently <strong>DISABLED</strong>.', 'google-analyticator'); ?>
+            <?php //phpcs:ignore ?>
+            <?php _e('Google Analytics integration is currently <strong>DISABLED</strong>.', 'google-analyticator'); ?>
         </div>
         <?php } ?>
         <?php if ((get_option(key_ga_uid) == "XX-XXXXX-X") && (get_option(key_ga_status) != ga_disabled)) { ?>
         <div style="margin:10px auto; border:3px #f00 solid; background-color:#fdd; color:#000; padding:10px; text-align:center;">
           <?php _e('Google Analytics integration is currently enabled, but you did not enter a UID. Tracking will not occur.', 'google-analyticator'); ?>
+          <?php esc_html_e('Google Analytics integration is currently enabled, but you did not enter a UID. Tracking will not occur.', 'google-analyticator'); ?>
         </div>
         <?php } ?>
 …
           <tr>
             <td colspan="2" style="padding-left:0"><h3>
                 <?php _e('Basic Settings', 'google-analyticator'); ?>
+                <?php esc_html_e('Basic Settings', 'google-analyticator'); ?>
               </h3></td>
           </tr>
           <tr>
             <th width="35%" valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_status ?>">
                 <?php _e('Google Analytics logging is', 'google-analyticator'); ?>:</label>
+            <th width="35%" valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_status) ?>">
+                <?php esc_html_e('Google Analytics logging is', 'google-analyticator'); ?>:</label>
             </th>
             <td>
             <?php
                             echo "<select name='".key_ga_status."' id='".key_ga_status."'>\n";
                             echo "<option value='".ga_enabled."'";
+                            echo "<select name='".esc_attr(key_ga_status)."' id='".esc_attr(key_ga_status)."'>\n";
+                            echo "<option value='".esc_attr(ga_enabled)."'";
                             if(get_option(key_ga_status) == ga_enabled)
                                 echo " selected='selected'";
                             echo ">" . __('Enabled', 'google-analyticator') . "</option>\n";
                             echo "<option value='".ga_disabled."'";
+                            echo ">" . esc_html__('Enabled', 'google-analyticator') . "</option>\n";
+                            echo "<option value='".esc_attr(ga_disabled)."'";
                             if(get_option(key_ga_status) == ga_disabled)
                                 echo" selected='selected'";
                             echo ">" . __('Disabled', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Disabled', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
 …
           </tr>
           <tr id="ga_ajax_accounts">
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_uid; ?>"><?php _e('Analytics Account', 'google-analyticator'); ?>:</label>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_uid); ?>"><?php esc_html_e('Analytics Account', 'google-analyticator'); ?>:</label>
             </th>
             <td>
 …
                                 $uids = ga_get_analytics_accounts();
                                 echo "<select name='".key_ga_uid."'> ";
+                                echo "<select name='".esc_attr(key_ga_uid)."'> ";
                                 $hasSelected = false; // Will be set to true once a match is found. Cant echo selected twice.
 …
                                     foreach($uids as $id=>$domain):
                                         echo '<option value="'.$id.'"';
+                                        echo '<option value="'.esc_attr($id).'"';
                                         // If set in DB.
                                         if( get_option(key_ga_uid) == $id ) { $hasSelected=true; echo ' selected="selected"'; }
                                         // Else if the domain matches the current domain & nothing set in DB.
                                         elseif( ( $_SERVER['HTTP_HOST'] == $domain ) && ( ! $hasSelected ) ) { $hasSelected=true; echo ' selected="selected"'; }
                                         echo '>'.$domain.'</option>';
+                                        echo '>'.esc_html($domain).'</option>';
                                     endforeach;
 …
                             else:
                                 echo '<input type="text" name="'.key_ga_uid.'" value="'. get_option( key_ga_uid ) .'" />';
+                                echo '<input type="text" name="'.esc_attr(key_ga_uid).'" value="'. esc_attr(get_option( key_ga_uid )) .'" />';
                             endif;
                             ?><br />
                             <input type="checkbox" name="<?php echo key_ga_disable_gasites?>" id="<?php echo key_ga_disable_gasites?>"<?php if(get_option(key_ga_disable_gasites) == ga_enabled){?> checked="checked"<?php }?> /> <?php _e('Hide Google Analytics UID after saving', 'google-analyticator'); ?>
+                            <input type="checkbox" name="<?php echo esc_attr(key_ga_disable_gasites)?>" id="<?php echo esc_attr(key_ga_disable_gasites)?>"<?php if(get_option(key_ga_disable_gasites) == ga_enabled){?> checked="checked"<?php }?> /> <?php esc_html_e('Hide Google Analytics UID after saving', 'google-analyticator'); ?>
                 <?php }else{
                 ?><?php echo get_option( 'ga_domain_name' ); ?> - To change this, you must <a href="<?php echo wp_nonce_url(admin_url('/options-general.php?page=ga_reset'), 'ga-reset'); ?>">deauthorize and reset the plugin</a>
                  <input type="hidden" name="<?php echo key_ga_disable_gasites?>" value="<?php echo ga_enabled?>" /><input type="hidden" name="<?php echo key_ga_uid?>" value="<?php echo get_option(key_ga_uid)?>" />
+                ?><?php echo esc_html(get_option( 'ga_domain_name' )); ?> - To change this, you must <a href="<?php echo esc_attr(wp_nonce_url(admin_url('/options-general.php?page=ga_reset'), 'ga-reset')); ?>">deauthorize and reset the plugin</a>
+                 <input type="hidden" name="<?php echo esc_attr(key_ga_disable_gasites)?>" value="<?php echo esc_attr(ga_enabled)?>" /><input type="hidden" name="<?php echo esc_attr(key_ga_uid)?>" value="<?php echo esc_attr(get_option(key_ga_uid))?>" />
                 <?php
                 }?>
 …
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_analytic_snippet ?>">
                 <?php _e('Tracking Code', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_analytic_snippet."' id='".key_ga_analytic_snippet."'>\n";
                             echo "<option value='".ga_disabled."'";
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_analytic_snippet) ?>">
+                <?php esc_html_e('Tracking Code', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_analytic_snippet)."' id='".esc_attr(key_ga_analytic_snippet)."'>\n";
+                            echo "<option value='".esc_attr(ga_disabled)."'";
                             if(get_option(key_ga_analytic_snippet) == ga_disabled)
                                 echo" selected='selected'";
                             echo ">" . __('Universal (analytics.js)', 'google-analyticator') . "</option>\n";
                             echo "<option value='".ga_enabled."'";
+                            echo ">" . esc_html__('Universal (analytics.js)', 'google-analyticator') . "</option>\n";
+                            echo "<option value='".esc_attr(ga_enabled)."'";
                             if(get_option(key_ga_analytic_snippet) == ga_enabled)
                                 echo " selected='selected'";
                             echo ">" . __('Traditional (ga.js)', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Traditional (ga.js)', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
                             ?>
                           <p  class="setting-description">
+                            <?php // phpcs:ignore ?>
                             <?php _e('If you are using Universal Analytics make sure you have changed your account to a Universal Analytics property in Google Analytics. Read more about Universal Analytics <a href="https://support.google.com/analytics/answer/2817075?hl=en" target="_blank">here</a>.', 'google-analyticator'); ?>
                           </p>
 …
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_widgets; ?>">
                 <?php _e('Support us', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_show_ad."' id='".key_ga_show_ad."'>\n";
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_widgets); ?>">
+                <?php esc_html_e('Support us', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_show_ad)."' id='".esc_attr(key_ga_show_ad)."'>\n";
                             echo "<option value='1'";
                             if(get_option(key_ga_show_ad) == '1')
                                 echo " selected='selected'";
                             echo ">" . __('Yes', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Yes', 'google-analyticator') . "</option>\n";
                             echo "<option value='0' ";
                             if(get_option(key_ga_show_ad) == '0')
                                 echo" selected='selected'";
                             echo ">" . __('No', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('No', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
                             ?>
               <p  class="setting-description">
                 <?php _e('Show our link on the admin dashboard. Pretty please.', 'google-analyticator'); ?>
+                <?php esc_html_e('Show our link on the admin dashboard. Pretty please.', 'google-analyticator'); ?>
               </p></td>
           </tr>
 …
           </tr>
         <tr>
             <td><input type="submit" class="button button-primary" name="info_update" value="<?php _e('Save Changes', 'google-analyticator'); ?>" /></td>
+            <td><input type="submit" class="button button-primary" name="info_update" value="<?php esc_html_e('Save Changes', 'google-analyticator'); ?>" /></td>
         </tr>
           <tr>
             <td colspan="2" style="padding-left:0"><h3>
                 <?php _e('Tracking Settings', 'google-analyticator'); ?>
+                <?php esc_html_e('Tracking Settings', 'google-analyticator'); ?>
               </h3></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label>
                 <?php _e('Anonymize IP Addresses', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_annon."' id='".key_ga_annon."'>\n";
+                <?php esc_html_e('Anonymize IP Addresses', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_annon)."' id='".esc_attr(key_ga_annon)."'>\n";
                             echo "<option value='0'";
                             if(get_option(key_ga_annon) == false )
                                 echo " selected='selected'";
                             echo ">" . __('No', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('No', 'google-analyticator') . "</option>\n";
                             echo "<option value='1'";
                             if(get_option(key_ga_annon) == true)
                                 echo" selected='selected'";
                             echo ">" . __('Yes', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Yes', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
 …
                             ?>
               <p  class="setting-description">
                 <?php _e('By selecting "Yes", This tells Google Analytics to anonymize the information sent by the tracker objects by removing the last octet of the IP address prior to its storage. Note that this will slightly reduce the accuracy of geographic reporting.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_admin ?>">
                 <?php _e('Track all logged in WordPress users', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_admin."' id='".key_ga_admin."'>\n";
                             echo "<option value='".ga_enabled."'";
+                <?php esc_html_e('By selecting "Yes", This tells Google Analytics to anonymize the information sent by the tracker objects by removing the last octet of the IP address prior to its storage. Note that this will slightly reduce the accuracy of geographic reporting.', 'google-analyticator'); ?>
+              </p></td>
+          </tr>
+          <tr>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_admin) ?>">
+                <?php esc_html_e('Track all logged in WordPress users', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_admin)."' id='".esc_attr(key_ga_admin)."'>\n";
+                            echo "<option value='".esc_attr(ga_enabled)."'";
                             if(get_option(key_ga_admin) == ga_enabled)
                                 echo " selected='selected'";
                             echo ">" . __('Yes', 'google-analyticator') . "</option>\n";
                             echo "<option value='".ga_disabled."'";
+                            echo ">" . esc_html__('Yes', 'google-analyticator') . "</option>\n";
+                            echo "<option value='".esc_attr(ga_disabled)."'";
                             if(get_option(key_ga_admin) == ga_disabled)
                                 echo" selected='selected'";
                             echo ">" . __('No', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('No', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
 …
                             ?>
               <p  class="setting-description">
                 <?php _e('Selecting "no" to this option will prevent logged in WordPress users from showing up on your Google Analytics reports. This setting will prevent yourself or other users from showing up in your Analytics reports. Use the next setting to determine what user groups to exclude.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_admin_role ?>">
                 <?php _e('User roles to not track', 'google-analyticator'); ?>:</label>
+                <?php esc_html_e('Selecting "no" to this option will prevent logged in WordPress users from showing up on your Google Analytics reports. This setting will prevent yourself or other users from showing up in your Analytics reports. Use the next setting to determine what user groups to exclude.', 'google-analyticator'); ?>
+              </p></td>
+          </tr>
+          <tr>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_admin_role) ?>">
+                <?php esc_html_e('User roles to not track', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
 …
                             # Loop through the roles
                             foreach ( $roles AS $role => $name ) {
                                 echo '<input type="checkbox" value="' . $role . '" name="' . key_ga_admin_role . '[]"';
+                                echo '<input type="checkbox" value="' . esc_attr($role) . '" name="' . esc_attr(key_ga_admin_role) . '[]"';
                                 if ( in_array($role, $selected_roles) )
                                     echo " checked='checked'";
                                 $name_pos = strpos($name, '|');
                                 $name = ( $name_pos ) ? substr($name, 0, $name_pos) : $name;
                                 echo ' /> ' . _x($name, 'User role') . '<br />';
+                                echo ' /> ' . esc_html($name, 'User role') . '<br />';
+                            }
                             ?>
               <p  class="setting-description">
                 <?php _e('Specifies the user roles to not include in your WordPress Analytics report. If a user is logged into WordPress with one of these roles, they will not show up in your Analytics report.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_admin_disable ?>">
                 <?php _e('Method to prevent tracking', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_admin_disable."' id='".key_ga_admin_disable."'>\n";
+                <?php esc_html_e('Specifies the user roles to not include in your WordPress Analytics report. If a user is logged into WordPress with one of these roles, they will not show up in your Analytics report.', 'google-analyticator'); ?>
+              </p></td>
+          </tr>
+          <tr>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_admin_disable) ?>">
+                <?php esc_html_e('Method to prevent tracking', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_admin_disable)."' id='".esc_attr(key_ga_admin_disable)."'>\n";
                             echo "<option value='remove'";
                             if(get_option(key_ga_admin_disable) == 'remove')
                                 echo " selected='selected'";
                             echo ">" . __('Remove', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Remove', 'google-analyticator') . "</option>\n";
                             echo "<option value='admin'";
                             if(get_option(key_ga_admin_disable) == 'admin')
                                 echo" selected='selected'";
                             echo ">" . __('Use \'admin\' variable', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Use \'admin\' variable', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
                             ?>
               <span class="ga_admin_disable_DimentionIndex_span"> <?php _e('Dimension Index', 'google-analyticator'); ?>:
               <input type="text" name="<?php echo key_ga_admin_disable_DimentionIndex?>" style="width:50px;" value="<?php echo get_option(key_ga_admin_disable_DimentionIndex)?>" class="<?php echo key_ga_admin_disable_DimentionIndex?>" id="<?php echo key_ga_admin_disable_DimentionIndex?>" />
+              <span class="ga_admin_disable_DimentionIndex_span"> <?php esc_html_e('Dimension Index', 'google-analyticator'); ?>:
+              <input type="text" name="<?php echo esc_attr(key_ga_admin_disable_DimentionIndex)?>" style="width:50px;" value="<?php echo esc_attr(get_option(key_ga_admin_disable_DimentionIndex))?>" class="<?php echo esc_attr(key_ga_admin_disable_DimentionIndex)?>" id="<?php echo esc_attr(key_ga_admin_disable_DimentionIndex)?>" />
               </span>
               <p  class="setting-description">
                 <?php _e('Selecting the "Remove" option will physically remove the tracking code from logged in users. Selecting the "Use \'admin\' variable" option will assign a variable called \'admin\' to logged in users. This option will allow Google Analytics\' site overlay feature to work, but you will have to manually configure Google Analytics to exclude tracking from pageviews with the \'admin\' variable.', 'google-analyticator'); ?>
+                <?php esc_html_e('Selecting the "Remove" option will physically remove the tracking code from logged in users. Selecting the "Use \'admin\' variable" option will assign a variable called \'admin\' to logged in users. This option will allow Google Analytics\' site overlay feature to work, but you will have to manually configure Google Analytics to exclude tracking from pageviews with the \'admin\' variable.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label>
                 <?php _e('Enable Remarketing, Demographics and Interests reports', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_remarketing."' id='".key_ga_remarketing."'>\n";
+                <?php esc_html_e('Enable Remarketing, Demographics and Interests reports', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_remarketing)."' id='".esc_attr(key_ga_remarketing)."'>\n";
                             echo "<option value='0'";
                             if(get_option(key_ga_remarketing) == '0' )
                                 echo" selected='selected'";
                             echo ">" . __('No', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('No', 'google-analyticator') . "</option>\n";
 …
                             if(get_option(key_ga_remarketing) == '1' )
                                 echo " selected='selected'";
                             echo ">" . __('Yes', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Yes', 'google-analyticator') . "</option>\n";
 …
                             ?>
               <p  class="setting-description">
+                <?php // phpcs:ignore ?>
                 <?php _e( 'In order to use remarketing, <a href="https://support.google.com/analytics/answer/2611270" target="_blank">please make sure you complete this checklist from Google</a>', 'google-analyticator'); ?>
               </p>
               <p  class="setting-description">
+                <?php // phpcs:ignore ?>
                 <?php _e( 'To use remarketing, <a href="https://support.google.com/analytics/answer/2884495" target="_blank">Edit permission</a> is required', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label><?php _e('Track WordPress Login Page', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_track_login."' id='".key_ga_track_login."'>\n";
+            <th valign="top" style="padding-top: 10px;"> <label><?php esc_html_e('Track WordPress Login Page', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_track_login)."' id='".esc_attr(key_ga_track_login)."'>\n";
                             echo "<option value='1'";
                             if(get_option(key_ga_track_login) == '1' )
                                 echo " selected='selected'";
                             echo ">" . __('Yes', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Yes', 'google-analyticator') . "</option>\n";
                                                     echo "<option value='0'";
                             if(get_option(key_ga_track_login) == '0' )
                                 echo" selected='selected'";
                             echo ">" . __('No', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('No', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
 …
                             ?>
               <p  class="setting-description">
                 <?php _e( 'This will track all access to wp-login.php', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <td colspan="2" style="padding-left:0"><h3><?php _e('Link Tracking Settings', 'google-analyticator'); ?></h3></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_outbound ?>">
                 <?php _e('Outbound link tracking', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_outbound."' id='".key_ga_outbound."'>\n";
                             echo "<option value='".ga_enabled."'";
+                <?php esc_html_e( 'This will track all access to wp-login.php', 'google-analyticator'); ?>
+              </p></td>
+          </tr>
+          <tr>
+            <td colspan="2" style="padding-left:0"><h3><?php esc_html_e('Link Tracking Settings', 'google-analyticator'); ?></h3></td>
+          </tr>
+          <tr>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_outbound) ?>">
+                <?php esc_html_e('Outbound link tracking', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_outbound)."' id='".esc_attr(key_ga_outbound)."'>\n";
+                            echo "<option value='".esc_attr(ga_enabled)."'";
                             if(get_option(key_ga_outbound) == ga_enabled)
                                 echo " selected='selected'";
                             echo ">" . __('Enabled', 'google-analyticator') . "</option>\n";
                             echo "<option value='".ga_disabled."'";
+                            echo ">" . esc_html__('Enabled', 'google-analyticator') . "</option>\n";
+                            echo "<option value='".esc_attr(ga_disabled)."'";
                             if(get_option(key_ga_outbound) == ga_disabled)
                                 echo" selected='selected'";
                             echo ">" . __('Disabled', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Disabled', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
                             ?>
               <p  class="setting-description">
                 <?php _e('Disabling this option will turn off the tracking of outbound links. It\'s recommended not to disable this option unless you\'re a privacy advocate (now why would you be using Google Analytics in the first place?) or it\'s causing some kind of weird issue.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_event ?>">
                 <?php _e('Event tracking', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_event."' id='".key_ga_event."'>\n";
                             echo "<option value='".ga_enabled."'";
+                <?php esc_html_e('Disabling this option will turn off the tracking of outbound links. It\'s recommended not to disable this option unless you\'re a privacy advocate (now why would you be using Google Analytics in the first place?) or it\'s causing some kind of weird issue.', 'google-analyticator'); ?>
+              </p></td>
+          </tr>
+          <tr>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_event) ?>">
+                <?php esc_html_e('Event tracking', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_event)."' id='".esc_attr(key_ga_event)."'>\n";
+                            echo "<option value='".esc_attr(ga_enabled)."'";
                             if(get_option(key_ga_event) == ga_enabled)
                                 echo " selected='selected'";
                             echo ">" . __('Enabled', 'google-analyticator') . "</option>\n";
                             echo "<option value='".ga_disabled."'";
+                            echo ">" . esc_html__('Enabled', 'google-analyticator') . "</option>\n";
+                            echo "<option value='".esc_attr(ga_disabled)."'";
                             if(get_option(key_ga_event) == ga_disabled)
                                 echo" selected='selected'";
                             echo ">" . __('Disabled', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Disabled', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
                             ?>
               <p  class="setting-description">
+                <?php // phpcs:ignore ?>
                 <?php _e('Enabling this option will treat outbound links and downloads as events instead of pageviews. Since the introduction of <a href="https://developers.google.com/analytics/devguides/collection/gajs/eventTrackerGuide">event tracking in Analytics</a>, this is the recommended way to track these types of actions. Only disable this option if you must use the old pageview tracking method.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_enhanced_link_attr ?>">
                 <?php _e('Enhanced Link Attribution', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<select name='".key_ga_enhanced_link_attr."' id='".key_ga_enhanced_link_attr."'>\n";
                             echo "<option value='".ga_enabled."'";
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_enhanced_link_attr) ?>">
+                <?php esc_html_e('Enhanced Link Attribution', 'google-analyticator'); ?>:</label>
+            </th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_enhanced_link_attr)."' id='".esc_attr(key_ga_enhanced_link_attr)."'>\n";
+                            echo "<option value='".esc_attr(ga_enabled)."'";
                             if(get_option(key_ga_enhanced_link_attr) == ga_enabled)
                                 echo " selected='selected'";
                             echo ">" . __('Enabled', 'google-analyticator') . "</option>\n";
                             echo "<option value='".ga_disabled."'";
+                            echo ">" . esc_html__('Enabled', 'google-analyticator') . "</option>\n";
+                            echo "<option value='".esc_attr(ga_disabled)."'";
                             if(get_option(key_ga_enhanced_link_attr) == ga_disabled )
                                 echo " selected='selected'";
                             echo ">" . __('Disabled', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Disabled', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
                             ?>
               <p  class="setting-description">
+                <?php // phpcs:ignore ?>
                 <?php _e('You can tag your pages to implement an enhanced link-tracking functionality by enabling this option. <a href="https://support.google.com/analytics/answer/2558867?hl=en" target="_blank">learn more</a>', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_downloads; ?>"><?php _e('Download extensions to track', 'google-analyticator'); ?>:</label>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_downloads); ?>"><?php esc_html_e('Download extensions to track', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<input type='text' size='50' ";
+                            echo "name='".key_ga_downloads."' ";
+                            echo "id='".key_ga_downloads."' ";
+                            echo "value='".wp_filter_kses(get_option(key_ga_downloads))."' />\n";
+                            ?>
+              <p  class="setting-description">
+                            echo "name='".esc_attr(key_ga_downloads)."' ";
+                            echo "id='".esc_attr(key_ga_downloads)."' ";
+                            echo "value='".esc_attr(wp_filter_kses(get_option(key_ga_downloads)))."' />\n";
+                            ?>
+              <p  class="setting-description">
+                <?php // phpcs:ignore ?>
                 <?php _e('Enter any extensions of files you would like to be tracked as a download. For example to track all MP3s and PDFs enter <strong>mp3,pdf</strong>. <em>Outbound link tracking must be enabled for downloads to be tracked.</em>', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_outbound_prefix; ?>">
                 <?php _e('Prefix external links with', 'google-analyticator'); ?>:</label>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_outbound_prefix); ?>">
+                <?php esc_html_e('Prefix external links with', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<input type='text' size='50' ";
                             echo "name='".key_ga_outbound_prefix."' ";
                             echo "id='".key_ga_outbound_prefix."' ";
                             echo "value='".  stripslashes( wp_filter_kses(get_option(key_ga_outbound_prefix)))."' />\n";
                             ?>
               <p  class="setting-description">
                 <?php _e('Enter a name for the section tracked external links will appear under. This option has no effect if event tracking is enabled.', 'google-analyticator'); ?>
+                            echo "name='".esc_attr(key_ga_outbound_prefix)."' ";
+                            echo "id='".esc_attr(key_ga_outbound_prefix)."' ";
+                            echo "value='".  esc_attr( wp_filter_kses(get_option(key_ga_outbound_prefix)))."' />\n";
+                            ?>
+              <p  class="setting-description">
+                <?php esc_html_e('Enter a name for the section tracked external links will appear under. This option has no effect if event tracking is enabled.', 'google-analyticator'); ?>
                 </em></p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_downloads_prefix; ?>">
                 <?php _e('Prefix download links with', 'google-analyticator'); ?>:</label>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_downloads_prefix); ?>">
+                <?php esc_html_e('Prefix download links with', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<input type='text' size='50' ";
                             echo "name='".key_ga_downloads_prefix."' ";
                             echo "id='".key_ga_downloads_prefix."' ";
                             echo "value='".stripslashes(wp_filter_kses ( get_option(key_ga_downloads_prefix) ))."' />\n";
                             ?>
               <p  class="setting-description">
                 <?php _e('Enter a name for the section tracked download links will appear under. This option has no effect if event tracking is enabled.', 'google-analyticator'); ?>
+                            echo "name='".esc_attr(key_ga_downloads_prefix)."' ";
+                            echo "id='".esc_attr(key_ga_downloads_prefix)."' ";
+                            echo "value='".esc_attr(wp_filter_kses ( get_option(key_ga_downloads_prefix) ))."' />\n";
+                            ?>
+              <p  class="setting-description">
+                <?php esc_html_e('Enter a name for the section tracked download links will appear under. This option has no effect if event tracking is enabled.', 'google-analyticator'); ?>
                 </em></p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_adsense; ?>">
                 <?php _e('Google Adsense ID', 'google-analyticator'); ?>:</label>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_adsense); ?>">
+                <?php esc_html_e('Google Adsense ID', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
                             echo "<input type='text' size='50' ";
                             echo "name='".key_ga_adsense."' ";
                             echo "id='".key_ga_adsense."' ";
                             echo "value='".get_option(key_ga_adsense)."' />\n";
                             ?>
               <p  class="setting-description">
                 <?php _e('Enter your Google Adsense ID assigned by Google Analytics in this box. This enables Analytics tracking of Adsense information if your Adsense and Analytics accounts are linked.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <td colspan="2" style="padding-left:0"><h3><?php _e('Additional Tracking Code', 'google-analyticator'); ?></h3></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_extra; ?>">
                 <?php _e('Additional tracking code', 'google-analyticator'); ?>
                 <br />(<?php _e('before tracker initialization', 'google-analyticator'); ?>):</label>
+                            echo "name='".esc_attr(key_ga_adsense)."' ";
+                            echo "id='".esc_attr(key_ga_adsense)."' ";
+                            echo "value='".esc_attr(get_option(key_ga_adsense))."' />\n";
+                            ?>
+              <p  class="setting-description">
+                <?php esc_html_e('Enter your Google Adsense ID assigned by Google Analytics in this box. This enables Analytics tracking of Adsense information if your Adsense and Analytics accounts are linked.', 'google-analyticator'); ?>
+              </p></td>
+          </tr>
+          <tr>
+            <td colspan="2" style="padding-left:0"><h3><?php esc_html_e('Additional Tracking Code', 'google-analyticator'); ?></h3></td>
+          </tr>
+          <tr>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_extra); ?>">
+                <?php esc_html_e('Additional tracking code', 'google-analyticator'); ?>
+                <br />(<?php esc_html_e('before tracker initialization', 'google-analyticator'); ?>):</label>
             </th>
             <td><?php
                             echo "<textarea cols='50' rows='8' ";
+                            echo "name='".key_ga_extra."' ";
+                            echo "id='".key_ga_extra."'>";
+                            echo stripslashes(get_option(key_ga_extra))."</textarea>\n";
+                            ?>
+              <p  class="setting-description">
+                            echo "name='".esc_attr(key_ga_extra)."' ";
+                            echo "id='".esc_attr(key_ga_extra)."'>";
+                            echo esc_textarea(get_option(key_ga_extra))."</textarea>\n";
+                            ?>
+              <p  class="setting-description">
+                <?php // phpcs:ignore ?>
                 <?php _e('Enter any additional lines of tracking code that you would like to include in the Google Analytics tracking script. The code in this section will be displayed <strong>before</strong> the Google Analytics tracker is initialized.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_extra_after; ?>">
                 <?php _e('Additional tracking code', 'google-analyticator'); ?>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_extra_after); ?>">
+                <?php esc_html_e('Additional tracking code', 'google-analyticator'); ?>
                 <br />
                 (<?php _e('after tracker initialization', 'google-analyticator'); ?>):</label>
+                (<?php esc_html_e('after tracker initialization', 'google-analyticator'); ?>):</label>
             </th>
             <td><?php
                             echo "<textarea cols='50' rows='8' ";
+                            echo "name='".key_ga_extra_after."' ";
+                            echo "id='".key_ga_extra_after."'>";
+                            echo stripslashes(get_option(key_ga_extra_after))."</textarea>\n";
+                            ?>
+              <p  class="setting-description">
+                            echo "name='".esc_attr(key_ga_extra_after)."' ";
+                            echo "id='".esc_attr(key_ga_extra_after)."'>";
+                            echo esc_textarea(get_option(key_ga_extra_after))."</textarea>\n";
+                            ?>
+              <p  class="setting-description">
+                <?php // phpcs:ignore ?>
                 <?php _e('Enter any additional lines of tracking code that you would like to include in the Google Analytics tracking script. The code in this section will be displayed <strong>after</strong> the Google Analytics tracker is initialized.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr>
             <td colspan="2" style="padding-left:0"><h3><?php _e('Admin Dashboard Widgets', 'google-analyticator'); ?></h3>
+            <td colspan="2" style="padding-left:0"><h3><?php esc_html_e('Admin Dashboard Widgets', 'google-analyticator'); ?></h3>
               <?php if(!$useAuth): ?>
               <div style="margin:10px auto; border:3px #f00 solid; background-color:#fdd; color:#000; padding:10px; text-align:center;">
                 <?php _e('You have not authenticated with Google - you cannot use dashboard widgets! Reset the plugin to authenticate..', 'google-analyticator'); ?>
+                <?php esc_html_e('You have not authenticated with Google - you cannot use dashboard widgets! Reset the plugin to authenticate..', 'google-analyticator'); ?>
               </div>
               <?php endif;?></td>
           </tr>
           <tr<?php if(!$useAuth){echo ' style="display:none"';}?>>
             <th valign="top" style="padding-top: 10px;"><label for="<?php echo key_ga_widgets; ?>">
                 <?php _e('Include widgets', 'google-analyticator'); ?>:</label></th>
             <td><?php
                             echo "<select name='".key_ga_widgets."' id='".key_ga_widgets."'>\n";
                             echo "<option value='".ga_enabled."'";
+            <th valign="top" style="padding-top: 10px;"><label for="<?php echo esc_attr(key_ga_widgets); ?>">
+                <?php esc_html_e('Include widgets', 'google-analyticator'); ?>:</label></th>
+            <td><?php
+                            echo "<select name='".esc_attr(key_ga_widgets)."' id='".esc_attr(key_ga_widgets)."'>\n";
+                            echo "<option value='".esc_attr(ga_enabled)."'";
                             if(get_option(key_ga_widgets) == ga_enabled)
                                 echo " selected='selected'";
                             echo ">" . __('Enabled', 'google-analyticator') . "</option>\n";
                             echo "<option value='".ga_disabled."'";
+                            echo ">" . esc_html__('Enabled', 'google-analyticator') . "</option>\n";
+                            echo "<option value='".esc_attr(ga_disabled)."'";
                             if(get_option(key_ga_widgets) == ga_disabled)
                                 echo" selected='selected'";
                             echo ">" . __('Disabled', 'google-analyticator') . "</option>\n";
+                            echo ">" . esc_html__('Disabled', 'google-analyticator') . "</option>\n";
                             echo "</select>\n";
                             ?>
               <p  class="setting-description">
                 <?php _e('Disabling this option will completely remove the Dashboard Summary widget and the theme Stats widget. Use this option if you would prefer to not see the widgets.', 'google-analyticator'); ?>
+                <?php esc_html_e('Disabling this option will completely remove the Dashboard Summary widget and the theme Stats widget. Use this option if you would prefer to not see the widgets.', 'google-analyticator'); ?>
               </p></td>
           </tr>
           <tr<?php if(!$useAuth){echo ' style="display:none"';}?>>
             <th valign="top" style="padding-top: 10px;"> <label for="<?php echo key_ga_dashboard_role ?>">
                 <?php _e('User roles that can see the dashboard widget', 'google-analyticator'); ?>:</label>
+            <th valign="top" style="padding-top: 10px;"> <label for="<?php echo esc_attr(key_ga_dashboard_role) ?>">
+                <?php esc_html_e('User roles that can see the dashboard widget', 'google-analyticator'); ?>:</label>
             </th>
             <td><?php
 …
                             # Loop through the roles
                             foreach ( $roles AS $role => $name ) {
                                 echo '<input type="checkbox" value="' . $role . '" name="' . key_ga_dashboard_role . '[]"';
+                                echo '<input type="checkbox" value="' . esc_attr($role) . '" name="' . esc_attr(key_ga_dashboard_role) . '[]"';
                                 if ( in_array($role, $selected_roles) )
                                     echo " checked='checked'";
                                 $name_pos = strpos($name, '|');
                                 $name = ( $name_pos ) ? substr($name, 0, $name_pos) : $name;
                                 echo ' /> ' . _x($name, 'User role') . '<br />';
+                                echo ' /> ' . esc_html($name, 'User role') . '<br />';
+                            }
                             ?>
               <p  class="setting-description">
                 <?php _e('Specifies the user roles that can see the dashboard widget. If a user is not in one of these role groups, they will not see the dashboard widget.', 'google-analyticator'); ?>
+                <?php esc_html_e('Specifies the user roles that can see the dashboard widget. If a user is not in one of these role groups, they will not see the dashboard widget.', 'google-analyticator'); ?>
               </p></td>
           </tr>
 …
         </table>
         <p class="submit">
           <input type="submit" class="button button-primary" name="info_update" value="<?php _e('Save Changes', 'google-analyticator'); ?>" />
+          <input type="submit" class="button button-primary" name="info_update" value="<?php esc_attr_e('Save Changes', 'google-analyticator'); ?>" />
         </p>
         <a href="<?php echo ga_analyticator_setting_url(). '&pageaction=ga_clear_cache' ?>"><?php _e('Clear Analyticator Cache', 'google-analyticator'); ?></a> |  <a href="<?php echo wp_nonce_url( admin_url('/options-general.php?page=ga_reset'), 'ga-reset'); ?>">
         <?php _e('Deauthorize &amp; Reset Google Analyticator.', 'google-analyticator'); ?></a>
+        <a href="<?php echo esc_url(ga_analyticator_setting_url()). '&pageaction=ga_clear_cache' ?>"><?php esc_html_e('Clear Analyticator Cache', 'google-analyticator'); ?></a> |  <a href="<?php echo esc_url(wp_nonce_url( admin_url('/options-general.php?page=ga_reset'), 'ga-reset')); ?>">
+        <?php esc_html_e('Deauthorize &amp; Reset Google Analyticator.', 'google-analyticator'); ?></a>
       </form>
 …
+            {
                 # Add the notice that Google Analyticator tracking is enabled
                 echo "<!-- Google Analytics Tracking by Google Analyticator " . GOOGLE_ANALYTICATOR_VERSION . " -->\n";
+                echo "<!-- Google Analytics Tracking by Google Analyticator " . esc_html(GOOGLE_ANALYTICATOR_VERSION) . " -->\n";
                 # Add the Adsense data if specified
                 if ( get_option(key_ga_adsense) != '' )
                     echo '<script type="text/javascript">window.google_analytics_uacct = "' . get_option(key_ga_adsense) . "\";</script>\n";
+                    echo '<script type="text/javascript">window.google_analytics_uacct = "' . esc_attr(get_option(key_ga_adsense)) . "\";</script>\n";
                 # Include the file types to track
 …
                 ?>
 <script type="text/javascript">
     var analyticsFileTypes = [<?php echo strtolower($ext); ?>];
+    var analyticsFileTypes = [<?php echo esc_js($ext ? '' : strtolower($ext) ); ?>];
 <?php if ( $event_tracking != 'enabled' ) { ?>
     var analyticsOutboundPrefix = '/<?php echo $outbound_prefix; ?>/';
     var analyticsDownloadsPrefix = '/<?php echo $downloads_prefix; ?>/';
+    var analyticsOutboundPrefix = '/<?php echo esc_js($outbound_prefix); ?>/';
+    var analyticsDownloadsPrefix = '/<?php echo esc_js($downloads_prefix); ?>/';
 <?php } ?>
     var analyticsSnippet = '<?php echo $jsanalytic_snippet; ?>';
     var analyticsEventTracking = '<?php echo $event_tracking; ?>';
+    var analyticsSnippet = '<?php echo esc_js($jsanalytic_snippet); ?>';
+    var analyticsEventTracking = '<?php echo esc_js($event_tracking); ?>';
 </script>
 <?php
 …
     _gaq.push(['_require', 'inpage_linkid', pluginUrl]);
 <?php endif; ?>
     _gaq.push(['_setAccount', '<?php echo $uid; ?>']);
+    _gaq.push(['_setAccount', '<?php echo esc_js($uid); ?>']);
     _gaq.push(['_addDevId', 'i9k95']); // Google Analyticator App ID with Google
 <?php if ($need_to_annon == '1' ): ?>
 …
     do_action('google_analyticator_extra_js_before');
     if ( '' != $extra )
             echo "  $extra\n";
+            echo esc_js("   $extra\n");
     # Add the track pageview function
 …
     do_action('google_analyticator_extra_js_after');
     if ( '' != $extra_after )
             echo "  $extra_after\n";
+            echo esc_js("   $extra_after\n");
     # Add the final section of the tracking code
 …
     m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
     })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
     ga('create', '<?php echo $uid; ?>', 'auto');
+    ga('create', '<?php echo esc_js($uid); ?>', 'auto');
 <?php if(get_option(key_ga_enhanced_link_attr) == ga_enabled): ?>
     ga('require', 'linkid', 'linkid.js');
 …
     # Add any tracking code before the trackPageview
     do_action('google_analyticator_extra_js_before');
     if ( '' != $extra ) echo "  $extra\n";
+    if ( '' != $extra ) echo esc_js("   $extra\n");
 ?>
 <?php
     $dimentionKeyVal = get_option(key_ga_admin_disable_DimentionIndex);
     if ( ( get_option(key_ga_admin_disable) == "admin" ) && ( ga_current_user_is(get_option(key_ga_admin_role)) ) && $dimentionKeyVal )
       echo "    ga('set', 'dimension". $dimentionKeyVal ."', 'admin');\n";
+      echo esc_js(" ga('set', 'dimension". $dimentionKeyVal ."', 'admin');\n");
 ?>
     ga('send', 'pageview');
 …
     do_action('google_analyticator_extra_js_after');
     if ( '' != $extra_after )
       echo "    $extra_after\n";
+      echo esc_js(" $extra_after\n");
 }?>
 </script>
 …
         } else {
             # Add the notice that Google Analyticator tracking is enabled
             echo "<!-- Google Analytics Tracking by Google Analyticator " . GOOGLE_ANALYTICATOR_VERSION . ": http://wordpress.org/plugins/google-analyticator/ -->\n";
             echo "  <!-- " . __('Tracking code is hidden, since the settings specify not to track admins. Tracking is occurring for non-admins.', 'google-analyticator') . " -->\n";
+            echo "<!-- Google Analytics Tracking by Google Analyticator " . esc_html(GOOGLE_ANALYTICATOR_VERSION) . ": http://wordpress.org/plugins/google-analyticator/ -->\n";
+            echo "  <!-- " . esc_html__('Tracking code is hidden, since the settings specify not to track admins. Tracking is occurring for non-admins.', 'google-analyticator') . " -->\n";
+        }
+    }
 …
             </style>
             <div class="updated" id="ga_analyticator_global_notification" style="border:3px solid #317A96;position:relative;background:##3c9cc2;background-color:#3c9cc2;color:#ffffff;height:70px;">
                 <a class="notice-dismiss" href="<?php echo admin_url('admin.php?page=google-analyticator&ga_analyticator_global_notification=0'); ?>" style="right:165px;top:0;"></a>
                 <a href="<?php echo admin_url('admin.php?page=google-analyticator&ga_analyticator_global_notification=0'); ?>" style="position:absolute;top:9px;right:15px;color:#ffffff;">Dismiss and go to settings</a>
+                <a class="notice-dismiss" href="<?php echo esc_url(admin_url('admin.php?page=google-analyticator&ga_analyticator_global_notification=0')); ?>" style="right:165px;top:0;"></a>
+                <a href="<?php echo esc_url(admin_url('admin.php?page=google-analyticator&ga_analyticator_global_notification=0')); ?>" style="position:absolute;top:9px;right:15px;color:#ffffff;">Dismiss and go to settings</a>
                 <p style="font-size:16px;line-height:50px;">
                     <?php _e('Grow your site faster!'); ?> &nbsp;<a style="background-color: #6267BE;border-color: #3C3F76;" href="<?php echo admin_url('plugin-install.php?tab=plugin-information&plugin=sumome&TB_iframe=true&width=743&height=500'); ?>" class="thickbox button button-primary">Get SumoMe WordPress Plugin</a>
+                    <?php esc_html('Grow your site faster!'); ?> &nbsp;<a style="background-color: #6267BE;border-color: #3C3F76;" href="<?php echo esc_url(admin_url('plugin-install.php?tab=plugin-information&plugin=sumome&TB_iframe=true&width=743&height=500')); ?>" class="thickbox button button-primary">Get SumoMe WordPress Plugin</a>
                 </p>
             </div>

google-analyticator/trunk/readme.txt

-                      r2839517
+                      r2841294
 Requires at least: 3.2
 Tested up to: 6.1.1
 Stable tag: 6.5.6
+Stable tag: 6.5.7
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 …
 == Changelog ==
+= 6.5.7 =
+* Add some data escaping
 = 6.5.6 =
 * Fix deauthorize link nonce.

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 2841294

Legend:

google-analyticator/trunk/google-analyticator.php

google-analyticator/trunk/readme.txt

Download in other formats: