skaut / skaut-fio-bank-transactions Goto Github PK

Warning: Use of undefined constant SKAUTISINTEGRATION_URL - assumed 'SKAUTISINTEGRATION_URL' (this will throw an Error in a future version of PHP) in /home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/src/Frontend/Shortcode.php on line 110

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.2.2

You may then close this issue as it won't be done automatically.

Odkaz do nápovědy: https://napoveda.skaut.cz/dobryweb/skaut-fio-bank-transactions

Zobrazování informací z účtů ve FIO bance, bez nutnosti mít účet s veřejnou adresou pro zobrazení. Pro příklad, středisko má svůj účet a chce dát možnost svým vedoucím nahlížet na pohybu na účtu. Má zaheslovanou sekci na střediskovém webu a chtěla by to tam zobrazit. A tohle jim tu možnost dá.

Základní info:
Využívalo by se FIO api http://www.fio.cz/bankovni-sluzby/api-bankovnictvi a PDF dokument http://www.fio.cz/docs/cz/API_Bankovnictvi.pdf
V nastavení pluginu by měly být možnost přidávat API klíče pro více účtů, který vygeneruje bankovnictví. K tomu se váže i možnost na stránce/příspěvku na začátku zadat, který účet se má použít.
Nastavení v administraci

• položka v hlavním menu "FIO banka" s logem FIO banky
• Přidávání API klíčů řešeno rozhraním jako jsou stránky/příspěvky
• Tím pádem možnost přiřadit si na web více API klíčů

Nastavení zobrazení

1. Přes ikonu v editoru stránky/příspěvku by se vkládal obsah
2. V dialogu vy se zatržítky vybíralo to co má být zobrazeno s možností měnit pořadí sloupců
3. Možnost zadat, kolik položek se zobrazí na jedné stránce
4. Pevně danná výška řádků, pokud by nějaká informace přesahovala (zpráva pro příjemce třeba), byla by tam šipka, která by značila "zobrazit více".

Dotazy k zadání na můj email [email protected]
Děkuji
Michal Janata

Máš nějaký nápad, sem s ním 👍

Zdravím,
při zobrazení shortcodu na stránce mi to vyhodí "Chyba při spojení s Fio bankou. Zkuste to znovu." Token by měl být vygenerován pro zobrazování (jedná se o transparentní účet). Žádné další error to nezobrazuje, můžete prosím poradit kde by mohla být chyba?

According to wp.org, the plugin has less than 10 users, do we really need it?

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 6.3
Latest version: 6.4

This issue will be closed automatically when the versions match.

Ahojte, zadal som shortcode [fio] a dostanem chybu:

TypeError thrown
Argument 1 passed to FioTransactions\Frontend\Shortcode::processShortcode() must be of the type array, string given, called in /web/htdocs5/xxx/home/www/wp-includes/shortcodes.php on line 343

poprosim o radu
Dakujem

i.e. remove ignore_warnings_on_exit

Your plugin has had to be temporarily withdrawn from the WordPress.org Plugin Directory due to an exploit.

https://wordpress.org/plugins/skaut-fio-bank-transactions/

For the next 60 days, your plugin will simply say that it is no longer available for download. After that time, it will state that it was closed for a security issue.

What to Do Next

We understand this can be a shocking and painful email to receive. We do not close plugins lightly, and when it comes to security issues we attempt to balance the volume of users and the history of the developers with the severity and potential for damage of the report. We believe that leaving plugins open would put users at risk if we allowed them to download code that could be exploited, and once an exploit is reported, it is often acted upon by persons nefarious.

To help restore your plugin as quickly as possible, you are required to do the following:

Review the report (listed below) and make corrections to prevent it from being exploitable
Perform a full security and standards review on your own code
Increase the plugin version
Ensure the 'tested up to' version in your readme is the latest release of WordPress
Update the code in SVN
Reply to this email and request a re-review

If you believe the report is not valid, and that your plugin is secure, please reply to this email to let us know. If the vulnerability is XSS or CSRF related, know that Chrome actually prevents those from working in their browser and you may need to check in Firefox or another browser.

Should you, for any reason, find you are unable to update the plugin, please let us know promptly so we can decide on the best course of action to take in order to protect the users. It's okay if you just can't fix this or don't want to.

Plugins are closed immediately and the developer contacted when this happens, in part because we have an imperfect system of notifications. This means until your plugin is corrected to meet our guidelines, we will not reopen it.

Please review our documentation on how to use SVN - https://developer.wordpress.org/plugins/wordpress-org/how-to-use-subversion/#best-practices - as improper SVN usage can delay our reviews.

When we re-review your code we will look at not just the changes, but the entire plugin, so there may be a delay. Rest assured, we prioritize reviews of security related issues above all else.

Vulnerability Report

Your plugin is not escaping:

skaut-fio-bank-transactions/src/Accounts/Columns.php:49: echo $modifiedDate;
skaut-fio-bank-transactions/src/Accounts/Columns.php:51: echo '' . $modifiedAuthor . '';
skaut-fio-bank-transactions/src/Accounts/Admin.php:47: value="<?php echo get_post_meta( $post->ID, FIOTRANSACTIONS_NAME . '_token', true ); "

It also remote loads files:

skaut-fio-bank-transactions/src/Frontend/Shortcode.php:76: 'https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js',
skaut-fio-bank-transactions/src/Frontend/Shortcode.php:60: 'https://cdn.datatables.net/1.10.24/css/jquery.dataTables.min.css',
skaut-fio-bank-transactions/src/Frontend/Shortcode.php:68: 'https://cdn.datatables.net/1.10.24/js/jquery.dataTables.min.js',
skaut-fio-bank-transactions/src/Frontend/Shortcode.php:84: 'https://cdn.datatables.net/plug-ins/1.10.24/sorting/datetime-moment.js',
skaut-fio-bank-transactions/src/Frontend/public/js/fio-frontend.js:8: url: 'https://cdn.datatables.net/plug-ins/1.10.24/i18n/Czech.json',

This is not a full review of your plugin. Should we find other security issues on a re-review, you will be required to fix those before we reopen your plugin. This is because if we found another security issue down the road, we would have to close your plugin again. We feel it's better for your reputation to have a plugin closed once and fixed rather than multiple times.

If you have any questions, please let us know.

Ahoj,
ocenil bych možnost zobrazovat transkace filtrované například na základě variabilního symbolu lépe řečeno nějakého prefixu variabilního symbolu.

Využití:
Filtrování plateb týkajících se jedné konkrétní akce, člena apod.

Přidat sloupec s variabilním symbolem

We cannot accept your plugin with this name

Your autogenerated plugin slug was this: fio-bank-transactions

Since you don’t appear to legally represent that group, we need to change the plugin slug.

We recommend the following: sakut-fio-bank-transactions

A rather lengthy explanation of why is included below, but the tl;dr is that we're no longer accepting plugins that begin with (or are in total) a trademarked product name or term as the name or slug of a plugin (ex: Facebook or google-maps-bathrooms). Nor are we accepting plugins that include the name of another plugin at the beginning of the name/slug (eg: contact-form-7-music), UNLESS you legally represent that service/plugin/theme/etc.

Please reply to this email with what slug you’d like. We’ll edit it slug for you.

You DO NOT need to edit your code for this. ALL we need is to be on the same page for the plugin slug :)

If you DO work for the company, reply to this email and tell us. We can fix your submission.

Here's the long stuff.

The slug for your plugin is generated based on the name you put in your main plugin file, with hyphens inserted in place of spaces. This means if you were to name your plugin "My Really Cool Cookie Jam" then your URL on WordPress.org would be http://wordpress.org/plugins/my-really-cool-cookie-jam

This becomes a larger issue when plugins use the names of other plugins in their own.

For example, if you have written an add-on plugin for WooCommerce, you may not name it "WooCommerce Improved Product Search" as that would generate the slug "woocommerce-improved-product-search" and that would conflict with the trademark of 'WooCommerce.' That said, it would be acceptable to submit the name "Woo Improved Product Search" which would use the slug "woo-improved-product-search" (woo not being trademarked you see).

As another example, if you have a plugin that integrates a service with a Easy Digital Downloads, you may call it "My Service Integration for Easy Digital Downloads", but you may not use "Easy Digital Downloads - My Service Integration". Alternately you could use 'EDD My Service Integration' and that too would be permitted.

None of this impacts your display name of your plugin. The display name is generated from your readme.txt, and that can be whatever you'd like. Keep in mind, you should use "My Product for Other Product" as the description. Consider the example of Keurig. If you made an eco-friendly brew cup, you could market it "EcoBrew Pod for Keurig" but you could NOT attempt to market it as "Keurig EcoBrew Pod." The latter implies a direct relationship to Keurig and is actually against the law in some countries.

You are more than welcome, and encouraged, to include it in the description of the plugin in the ReadMe.txt file, but it cannot be in the name/slug of the plugin as described above.

If you got all the way down here and forgot what to do next, just press reply to this email and tell us what slug you’d like, or if you need to transfer the plugin to a different account. We can fix the plugin.

The value provided is questionable given the plugin architecture.

Ahoj,
plugin mi chvíli funguje (po autorizaci tokenu ve FIO) ale po nějaké době se na webu zobrazuje tato hláška: "Chyba při spojení s Fio bankou. Zkuste to znovu."

Kdyby se to podařilo opravit, bylo by to skvělé.

Přidat v administraci nastavení, kde půjde nastavit...

• kolik dní zpátky se budou transakce zobrazovat
• jaké sloupce se budou zobrazovat

The originals should be in English or internationalization should be removed altogether...

Ahojte,
po novej aktualizacii mi to hadze:

Error thrown Call to undefined method GuzzleHttp\Utils::chooseHandler()

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.2.2

You may then close this issue as it won't be done automatically.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 6.2
Latest version: 6.3

This issue will be closed automatically when the versions match.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.2.2

You may then close this issue as it won't be done automatically.

Nedá se vložit shortcode. Není žádná ikona, jak vybrat účet.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 6.4
Latest version: 6.5

This issue will be closed automatically when the versions match.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.8
Latest version: 5.9

This issue will be closed automatically when the versions match.

Hází mi to tuhle chybu....

Warning: include(/home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/vendor/composer/../../src/Services/Services.php): failed to open stream: No such file or directory in /home/vu008538/www/wp-content/plugins/google-calendar-events/vendor/composer/ClassLoader.php on line 444

Warning: include(): Failed opening '/home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/vendor/composer/../../src/Services/Services.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /home/vu008538/www/wp-content/plugins/google-calendar-events/vendor/composer/ClassLoader.php on line 444

Fatal error: Uncaught Error: Class 'FioTransactions\Services\Services' not found in /home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/fio-transactions.php:56 Stack trace: #0 /home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/fio-transactions.php(44): FioTransactions\FioTransactions->init() #1 /home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/fio-transactions.php(140): FioTransactions\FioTransactions->__construct() #2 /home/vu008538/www/wp-admin/includes/plugin.php(2300): include('/home/vu008538/...') #3 /home/vu008538/www/wp-admin/plugins.php(191): plugin_sandbox_scrape() #4 {main} thrown in /home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/fio-transactions.php on line 56

Your plugin cannot be reopened yet.

https://wordpress.org/plugins/skaut-fio-bank-transactions/

All closed plugins are required to pass a security and guideline check before they may be reopened, in order to reduce the negative impact on users. This is especially true now that a few 'security firms' have taken it on themselves to zero-day and release all known vulnerabilities for any closed plugin, regardless of cause. We hope that requiring this will protect you from them.

You are required to do the following:

Perform a complete review of your entire plugin to ensure it's properly up to date
Correct all issues listed below
Ensure the 'tested up to' version in your readme is the latest release of WordPress (if you fail to do this, we cannot review nor reopen your plugin as doing so would cause your plugin to become unfindable in our search system)
Increase your plugin version (you only need to do this once - if you've already done so, you do not need to again)
Upload your corrected plugin to SVN (don't worry - even with a new version, no one will get updated until the plugin is reopened)
Reply to this email

We will re-review your entire plugin again once we receive your email. Please remember that we cannot review an emailed zip. You must use SVN properly for us to proceed. We appreciate your patience and understanding in this process.

Calling files remotely

Offloading images, js, css, and other scripts to your servers or any remote service (like Google, MaxCDN, jQuery.com etc) is disallowed. When you call remote data you introduce an unnecessary dependency on another site. If the file you're calling isn't a part of WordPress Core, then you should include it -locally- in your plugin, not remotely. If the file IS included in WordPress core, please call that instead.

An exception to this rule is if your plugin is performing a service. We will permit this on a case by case basis. Since this can be confusing we have some examples of what are not permitted:

Offloading jquery CSS files to Google - You should include the CSS in your plugin.
Inserting an iframe with a help doc - A link, or including the docs in your plugin is preferred.
Calling images from your own domain - They should be included in your plugin.

Here are some examples of what we would permit:

Calling font families from Google or their approved CDN (if GPL compatible)
API calls back to your server to process possible spam comments (like Akismet)
Offloading comments to your own servers (like Disqus)
oEmbed calls to a service provider (like Twitter or YouTube)

Please remove external dependencies from your plugin and, if possible, include all files within the plugin (that is not called remotely). If instead you feel you are providing a service, please re-write your readme.txt in a manner that explains the service, the servers being called, and if any account is needed to connect.

Example(s) from your plugin:

skaut-fio-bank-transactions/src/Frontend/Shortcode.php:76: 'https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js',
skaut-fio-bank-transactions/src/Frontend/Shortcode.php:60: 'https://cdn.datatables.net/1.10.24/css/jquery.dataTables.min.css',
skaut-fio-bank-transactions/src/Frontend/Shortcode.php:68: 'https://cdn.datatables.net/1.10.24/js/jquery.dataTables.min.js',
skaut-fio-bank-transactions/src/Frontend/Shortcode.php:84: 'https://cdn.datatables.net/plug-ins/1.10.24/sorting/datetime-moment.js',
skaut-fio-bank-transactions/src/Frontend/public/js/fio-frontend.js:8: url: 'https://cdn.datatables.net/plug-ins/1.10.24/i18n/Czech.json',

insert_account_transaction - místo nějakého textu

Tady je chyba v textu, není tam

We should delete all plugin data on uninstall

Otherwise, it will get banned like skaut/skaut-google-drive-gallery#1054

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.2.2

You may then close this issue as it won't be done automatically.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.3

You may then close this issue as it won't be done automatically.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.2.2

You may then close this issue as it won't be done automatically.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.2.2

You may then close this issue as it won't be done automatically.

Vytvořit blok, přes který se budou zobrazovat platby na webu

Warning: require(/home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/vendor/composer/../symfony/deprecation-contracts/function.php): failed to open stream: No such file or directory in /home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/vendor/composer/autoload_real.php on line 46

Fatal error: require(): Failed opening required '/home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/vendor/composer/../symfony/deprecation-contracts/function.php' (include_path='.:/usr/share/pear:/usr/share/php') in /home/vu008538/www/wp-content/plugins/skaut-fio-bank-transactions/vendor/composer/autoload_real.php on line 46

Notice: Funkce is_embed nebyla použita správným způsobem. Podmínkové funkce nefungují správně a vracejí pouze nepravdivý výsledek, dokud nedojde na základě aktuálně zobrazené URL adresy k samotnému dotazu do databáze na konkrétní obsah webu. Další informace o testování programu a hledání chyb naleznete v manuálu na stránce Ladění ve WordPressu (anglicky). (Tato zpráva se nově zobrazuje od verze 3.1.0.) in /home/vu008538/www/wp-includes/functions.php on line 5831

Notice: Funkce is_search nebyla použita správným způsobem. Podmínkové funkce nefungují správně a vracejí pouze nepravdivý výsledek, dokud nedojde na základě aktuálně zobrazené URL adresy k samotnému dotazu do databáze na konkrétní obsah webu. Další informace o testování programu a hledání chyb naleznete v manuálu na stránce Ladění ve WordPressu (anglicky). (Tato zpráva se nově zobrazuje od verze 3.1.0.) in /home/vu008538/www/wp-includes/functions.php on line 5831

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.2
Latest version: 5.2.2

You may then close this issue as it won't be done automatically.

Nejdou nahrát 2 soubory na wp.org, něco se jim nelíbí viz: mhujer/fio-api-php#14

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.9
Latest version: 6.0

This issue will be closed automatically when the versions match.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 6.1
Latest version: 6.2

This issue will be closed automatically when the versions match.

Máme 4.0.1 a nově je 4.1.0
https://github.com/mhujer/fio-api-php

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 6.0
Latest version: 6.1

This issue will be closed automatically when the versions match.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.7
Latest version: 5.8

This issue will be closed automatically when the versions match.

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 5.5
Latest version: 5.6

This issue will be closed automatically when the versions match.