Release 4.12.2

[MAILPOET-5254]

mailpoet/lib/Newsletter/ApiDataSanitizer.php

@@ -13,9 +13,6 @@ class ApiDataSanitizer {
     'header' => ['text'],
     'footer' => ['text'],
     'text' => ['text'],
-    'button' => ['url'],
-    'image' => ['link'],
-    'socialIcon' => ['link'],
   ];
 
   public function __construct(
@@ -38,8 +35,6 @@ class ApiDataSanitizer {
       }
       if (isset($block['blocks']) && is_array($block['blocks'])) {
         $blocks[$key]['blocks'] = $this->sanitizeBlocks($block['blocks']);
-      } elseif (isset($block['icons']) && is_array($block['icons'])) {
-        $blocks[$key]['icons'] = $this->sanitizeBlocks($block['icons']);
       } else {
         $blocks[$key] = $this->sanitizeBlock($block);
       }
@@ -56,9 +51,6 @@ class ApiDataSanitizer {
         continue;
       }
       $block[$property] = $this->htmlSanitizer->sanitize($block[$property]);
-      if (in_array($property, ['url', 'link'], true)) {
-        $block[$property] = $this->htmlSanitizer->sanitizeURL($block[$property]);
-      }
     }
     return $block;
   }

mailpoet/lib/Subscribers/ConfirmationEmailMailer.php

@@ -136,7 +136,10 @@ class ConfirmationEmailMailer {
 
     // replace activation link
     $body = (string)str_replace(
-      '[activation_link]',
+      [
+        'http://[activation_link]', // See MAILPOET-5253
+        '[activation_link]',
+      ],
       $this->subscriptionUrlFactory->getConfirmationUrl($subscriber),
       $body
     );

mailpoet/mailpoet.php

@@ -2,7 +2,7 @@
 
 /*
  * Plugin Name: MailPoet
- * Version: 4.12.1
+ * Version: 4.12.2
  * Plugin URI: https://www.mailpoet.com
  * Description: Create and send newsletters, post notifications and welcome emails from your WordPress.
  * Author: MailPoet
@@ -20,7 +20,7 @@
  */
 
 $mailpoetPlugin = [
-  'version' => '4.12.1',
+  'version' => '4.12.2',
   'filename' => __FILE__,
   'path' => dirname(__FILE__),
   'autoloader' => dirname(__FILE__) . '/vendor/autoload.php',

mailpoet/readme.txt

@@ -3,7 +3,7 @@ Contributors: mailpoet
 Tags: email, email marketing, post notification, woocommerce emails, email automation, newsletter, newsletter builder, newsletter subscribers
 Requires at least: 5.9
 Tested up to: 6.1
-Stable tag: 4.12.1
+Stable tag: 4.12.2
 Requires PHP: 7.2
 License: GPLv3
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
@@ -219,6 +219,9 @@ Check our [Knowledge Base](https://kb.mailpoet.com) or contact us through our [s
 
 == Changelog ==
 
+= 4.12.2 - 2023-04-21 =
+* Fixed: shortcode support in button, image and social icons links.
+
 = 4.12.1 - 2023-04-19 =
 * Fixed: post notifications not sent if scheduled with minutes.
 

mailpoet/tests/integration/Newsletter/ApiDataSanitizerTest.php

@@ -30,33 +30,6 @@ class ApiDataSanitizerTest extends \MailPoetTest {
           'link' => '',
           'text' => 'http://some.url/wp-c\'"><img src=x onerror=alert(2)>ontent/fake-logo.png',
         ],
-        [
-          'type' => 'image',
-          'link' => 'javascript:alert(1)',
-          'src' => 'http://some.url/wp-content/fake-image.png',
-        ],
-        [
-          'type' => 'social',
-          'iconSet' => 'default',
-          'icons' => [
-            [
-              'type' => 'socialIcon',
-              'iconType' => 'facebook',
-              'link' => 'javascript:alert(1)',
-              'height' => '32px',
-              'width' => '32px',
-              'text' => 'Facebook',
-            ],
-            [
-              'type' => 'socialIcon',
-              'iconType' => 'twitter',
-              'link' => 'https://example.com/',
-              'height' => '32px',
-              'width' => '32px',
-              'text' => 'Facebook',
-            ],
-          ],
-        ],
       ],
     ],
   ];
@@ -80,13 +53,5 @@ class ApiDataSanitizerTest extends \MailPoetTest {
     expect($image['type'])->equals('header');
     expect($image['link'])->equals('');
     expect($image['text'])->equals('http://some.url/wp-c\'"&gt;ontent/fake-logo.png');
-    $imageAlert = $result['content']['blocks'][2];
-    expect($imageAlert['type'])->equals('image');
-    expect($imageAlert['link'])->equals('');
-    $socialIcons = $result['content']['blocks'][3];
-    expect($socialIcons['type'])->equals('social');
-    expect($socialIcons['icons'][0]['type'])->equals('socialIcon');
-    expect($socialIcons['icons'][0]['link'])->equals('');
-    expect($socialIcons['icons'][1]['link'])->equals('https://example.com/');
   }
 }

mailpoet/tests/integration/Subscribers/ConfirmationEmailMailerTest.php

@@ -3,14 +3,17 @@
 namespace MailPoet\Subscribers;
 
 use Codeception\Stub;
+use MailPoet\Entities\NewsletterEntity;
 use MailPoet\Entities\SubscriberEntity;
 use MailPoet\Mailer\Mailer;
 use MailPoet\Mailer\MailerError;
 use MailPoet\Mailer\MailerFactory;
 use MailPoet\Mailer\MailerLog;
+use MailPoet\Newsletter\NewslettersRepository;
 use MailPoet\Services\AuthorizedEmailsController;
 use MailPoet\Settings\SettingsController;
 use MailPoet\Subscription\SubscriptionUrlFactory;
+use MailPoet\Test\DataFactories\Newsletter as NewsletterFactory;
 use MailPoet\Test\DataFactories\Segment as SegmentFactory;
 use MailPoet\Test\DataFactories\Subscriber as SubscriberFactory;
 use MailPoet\WP\Functions as WPFunctions;
@@ -253,4 +256,104 @@ class ConfirmationEmailMailerTest extends \MailPoetTest {
     }
     expect($sender->sendConfirmationEmail($this->subscriber))->equals(true);
   }
+
+  public function testGetMailBodyWithCustomizerReplacesActivationShortcode() {
+    $subcriptionUrlFactoryMock = $this->createMock(SubscriptionUrlFactory::class);
+    $subcriptionUrlFactoryMock->method('getConfirmationUrl')->willReturn('https://example.com');
+
+    $newsletterFactory = new NewsletterFactory();
+    $newsletter = $newsletterFactory
+      ->loadBodyFrom('newsletterThreeCols.json')
+      ->withType(NewsletterEntity::TYPE_CONFIRMATION_EMAIL_CUSTOMIZER)
+      ->create();
+
+    $body = $newsletter->getBody();
+    $newBody = $body;
+    $newBody['content']['blocks'][0]['blocks'][1]['blocks'][] =
+      [
+        'type' => 'button',
+        'url' => '[activation_link]',
+        'text' => 'Click here to confirm your subscription',
+        'styles' => [
+          'block' => [
+            'backgroundColor' => '#2ea1cd',
+            'borderColor' => '#0074a2',
+            'borderWidth' => '1px',
+            'borderRadius' => '5px',
+            'borderStyle' => 'solid',
+            'width' => '100%',
+            'lineHeight' => '40px',
+            'fontColor' => '#ffffff',
+            'fontFamily' => 'Verdana',
+            'fontSize' => '18px',
+            'fontWeight' => 'normal',
+            'textAlign' => 'center',
+          ],
+        ],
+      ];
+
+    $newsletter->setBody($newBody);
+
+    $newsletterRepository = $this->diContainer->get(NewslettersRepository::class);
+    $newsletterRepository->persist($newsletter);
+    $newsletterRepository->flush();
+
+    $settings = SettingsController::getInstance();
+    $settings->set(ConfirmationEmailCustomizer::SETTING_ENABLE_EMAIL_CUSTOMIZER,
+      true
+    );
+    $settings->set(ConfirmationEmailCustomizer::SETTING_EMAIL_ID, $newsletter->getId());
+    $confirmationEmailCustomizer = $this->diContainer->get(ConfirmationEmailCustomizer::class);
+
+    $sender = new ConfirmationEmailMailer(
+      $this->createMock(MailerFactory::class),
+      $this->diContainer->get(WPFunctions::class),
+      $settings,
+      $this->diContainer->get(SubscribersRepository::class),
+      $subcriptionUrlFactoryMock,
+      $confirmationEmailCustomizer
+    );
+
+    $confirmationNewsletter = $confirmationEmailCustomizer->getNewsletter();
+    expect($confirmationNewsletter->getId())->equals($newsletter->getId());
+    $confirmationMailBody = $sender->getMailBodyWithCustomizer($this->subscriber, ['test_segment']);
+    expect($confirmationMailBody['body']['html'])->stringContainsString('<a class="mailpoet_button" href="https://example.com"');
+
+
+    // See MAILPOET-5253
+    $newBody = $body;
+    $newBody['content']['blocks'][0]['blocks'][1]['blocks'][] =
+      [
+        'type' => 'button',
+        'url' => 'http://[activation_link]',
+        'text' => 'Click here to confirm your subscription',
+        'styles' => [
+          'block' => [
+            'backgroundColor' => '#2ea1cd',
+            'borderColor' => '#0074a2',
+            'borderWidth' => '1px',
+            'borderRadius' => '5px',
+            'borderStyle' => 'solid',
+            'width' => '100%',
+            'lineHeight' => '40px',
+            'fontColor' => '#ffffff',
+            'fontFamily' => 'Verdana',
+            'fontSize' => '18px',
+            'fontWeight' => 'normal',
+            'textAlign' => 'center',
+          ],
+        ],
+      ];
+
+    $newsletter->setBody($newBody);
+
+    $newsletterRepository->persist($newsletter);
+    $newsletterRepository->flush();
+
+    $confirmationNewsletter = $confirmationEmailCustomizer->getNewsletter();
+    expect($confirmationNewsletter->getId())->equals($newsletter->getId());
+    $confirmationMailBody = $sender->getMailBodyWithCustomizer($this->subscriber, ['test_segment']);
+    expect($confirmationMailBody['body']['html'])->stringContainsString('<a class="mailpoet_button" href="https://example.com"');
+
+  }
 }