Forum Replies Created
-
AuthorPosts
-
Hey BelIblis,
Thank you for reporting this.
I added an issue to our dev repo to be reviewed for one of the next releases.
Best regards,
GünterHey THP,
Thank you for this input.
I opened an issue in our dev repo and we will have a look how it is possible to integrate this.
Best regards,
GünterJanuary 26, 2021 at 2:49 pm in reply to: Cross site scripting vulnerability with pagination #1275498Hi,
Digging deeper: this seems to be a problem in WP core.
We are using the standart WP function ‘get_pagenum_link’ to get and modify the result query string for paging. Adding your string above to a URI WP returns the injection unmodified from this function.
In my opinion this should be handled by WP. Maybe you can try to open a ticket at WordPress.org and report it there?
Best regards,
GünterJanuary 26, 2021 at 1:59 pm in reply to: Cross site scripting vulnerability with pagination #1275482Hi,
Sorry for the late reply and thanks for the links.
With the next version we added a fix for injecting paging reported in another similar case. Can you please try if this fixes your case also.
In framework\php\function-set-avia-frontend.php around line 1401 (in function avia_which_archive() ) you find:
if (isset($_GET['paged']) && !empty($_GET['paged'])) { $output .= ' ('.__('Page','avia_framework').' '.$_GET['paged'].')'; }
Replace these lines with:
if( isset( $_GET['paged'] ) && ! empty( $_GET['paged'] ) ) { // avoid xss vulnerability - e.g. injection of code $output .= is_numeric( $_GET['paged'] ) ? ' (' . __( 'Page', 'avia_framework' ) . ' ' . $_GET['paged'] . ')' : ''; }
Do not forget to make a backup of the originla file for a fallback and clear server and browser cache.
If you want us to make the changes please provide WP admin and FTP access.Best regards,
GünterJanuary 22, 2021 at 12:28 pm in reply to: Cross site scripting vulnerability with pagination #1274665Hey Tobias,
Thank you for using Enfold and reporting this.
Could you please tell us the steps to reproduce this – so we can check?
Normally WP should filter the query strings as far as I’m concerned – but I’m not a security expert.
Best regards,
GünterHey Detlef Lehmann,
Danke für Ihr Interesse.
Eine reguläre Lizenz von Enfold können Sie nur hier beziehen:
https://themeforest.net/item/enfold-responsive-multipurpose-theme/4519990
Es gibt auch eine deutsche Übersetzung inkludiert, die von Usern gemacht werden.
Wir würden uns freuen, wenn Sie sich für Enfold entscheiden.
Es ist intuitiv zu bedienen und kann leicht angepasst werden. Bei Fragen stehen wir im Forum gerne zur Verfügung.Ich wünsche auch Ihnen alles Gute für 2021.
Best regards,
GünterHey Luigi,
Thanks a lot.
Our team also wishes you merry christmas all the best for the next year. Take care of you and stay healthy.
Best regards,
GünterHi,
We added an option to Product Grid and Product Slider where you can choose the image size.
Should be in next update. Please check the changelog.Best regards,
GünterHey Thomas,
Thank you for using Enfold and for this info.
We have been already testing Enfold with Jquery 3 and did not find any problems (Enfold 4.7.6.4).
WP provides a plugin https://wordpress.org/plugins/wp-jquery-update-test/ – “Test jQuery Updates” to test your environment with your additional plugins.
Have a nice day.
Best regards,
GünterNovember 6, 2020 at 2:09 pm in reply to: How to deactivate default entypo-fontello iconfont? #1258867Hi,
The default iconfont Entypo-fontello from Enfold is included in theme. Please check:
enfold\config-templatebuilder\avia-template-builder\assets\fonts\……
So they are loaded from your server and not from a 3rd party external server. That should be GDPR compliant as no user data is requested to load the font.
Hope this helps you.
Best regards,
GünterNovember 4, 2020 at 2:55 pm in reply to: Implementing data-nosnippet attribute (and others related) #1258287Hey Ricard,
Thank you for using Enfold – and thank you for this input.
I added it to our dev repo.
Have a great day.
Best regards,
GünterHi,
This “problem” is not a bug – it is the behaviour of this element. The filter buttons are only applied to the elements loaded (= “All”) and there is no callback to the server to load more elements automatically. This is intended and if you want a limitation with paging and filter.
Filter is based on https://isotope.metafizzy.co/ and changing this would need a complete redesign – at the moment there are no plans.
Best regards,
GünterHi,
If you are selecting the links in dropdowns like your screenshot Enfold is using the unique id’s. So it is save to change title, slug and even the WP permalink structure.
Only if you enter links “hardcoded” (e.g. when using setting manual) you have to take care of that yourself.
Hope this helps you?
Best regards,
GünterPS. Also categories, taxonomy links are always safed by id’s.
Hi,
Danke für die Info.
Hab es in unser Repo aufgenommen für das nächste Release.
Soweit ich auf die Schnelle sehe, sollte (function-set-avia-frontend.php Zeile 1401)
if (isset($_GET['paged']) && !empty($_GET['paged']) && is_numeric( $_GET['paged'] ) )
das Problem für diesen Fall lösen. Were aber auch durchschauen, ob es anderswo auch noch Probleme gibt.
Ich wünsche Dir einen schönen Tag noch und viel Freude mit Enfold.
Best regards,
GünterHi,
Thanks for home4.
It seems to be a problem with your install. If I copy the shortcode of this page to my server (no plugins except WooCommerce) I can save it and edit it.
Please try to deactivate all plugins and check.Best regards,
GünterOctober 15, 2020 at 10:13 am in reply to: Code Block ALB Element and insert Code as Content #1252966Hi,
Sorry for the late reply.
I checked your page – I can open the codeblock and I added an empty
<div></div>
and could save it.
And frontend seems to work also.And I also cannot reproduce any problems on my dev server.
Did you change anything?
Best regards,
GünterHi,
Thank you for the feedback and glad we could help you.
Feel free to come back when you need further assistance and enjoy the theme.
Have a great day.Best regards,
GünterHi,
Sorry for the late reply.
Yes, I found a solution. Will be in next update.
Meanwhile you can replace enfold\config-templatebuilder\avia-shortcodes\tabs\tabs.php and tabs.js with the content of the files:
https://github.com/KriesiMedia/enfold-library/blob/master/temp_fixes/Enfold_4_7_6_3/tabs/tabs.js
https://github.com/KriesiMedia/enfold-library/blob/master/temp_fixes/Enfold_4_7_6_3/tabs/tabs.phpIf you need help let us know and we can do it for you.
Do not forget to make a backup of the original files for a fallback.Best regards,
GünterSeptember 29, 2020 at 11:59 am in reply to: DSVGO/GDPR: Aktives Cookie Opt-In umsetzen (entsprechend BGH-Urteil) #1249345Hi,
Option Default Cookie Behaviour: User must accept and must opt in, only essential cookies selected
Und dann gibt es: button action: Accept all cookies and services, dismiss notification
Siehe auch https://kriesi.at/support/topic/enfold-cookie-consent-like-bor-labs-possible-better-results/
Best regards,
GünterSeptember 29, 2020 at 11:55 am in reply to: Enfold Cookie Consent like Bor-labs possible? Better Results! #1249342Hey royaltask,
Thank you for using Enfold.
Check option Default Cookie Behaviour: User must accept and must opt in, only essential cookies selected
and then you have the button action: Accept all cookies and services, dismiss notification
That does exactly what you describe above.
Best regards,
GünterHi,
Thank you for your feedback. I forwarded it to WPML so they can continue to investigate.
Enjoy the theme and have a great day.
Feel free to come back if you need further assistance.
Best regards,
GünterHey sckye,
Thank you for using Enfold.
This is not a bug. The change of the url hash was necessary because we added aria support for tabs and to fix a problem with FF breaking layout and a scrolling bug.
If you do not care about that you can remove it:
In enfold\config-templatebuilder\avia-shortcodes\tabs\tabs.js line 110:
window.location.replace( new_loc + '-active' );
replace with:
window.location.replace( new_loc );
But we would not recommened that.
Best regards,
GünterHi,
Thank you for coming back.
I’ve been in contact with WPML – they are having an eye on it.
There is a WPML problem with Avia Builder and special characters (like german Umlaute ä,ü,.. but likely also those in other languages).
It would be helpful to find out, which ALB element causes the problem. So the only way would be to make a copy of the page and then remove one element after the other and check if the translations still break (or the other way add elements to an empty page with the same setup one by one).
Best regards,
GünterSeptember 16, 2020 at 9:12 am in reply to: Optimizing images: Should I use more than 1 version? #1246228September 14, 2020 at 1:48 pm in reply to: Optimizing images: Should I use more than 1 version? #1245766Hi,
Checked it. For me it works.
But it depends on your settings.
Background images do not support scrset as the img tag – only for resolution (https://developer.mozilla.org/en-US/docs/Web/CSS/image-set)
If you select Image size behaviour to “no stretch” you get img tags and you must select an image size that has responsive thumbs (check option “Responsive Images Thumbnails Overview:”).
Best regards,
GünterHey!
Thanks a lot for your input.
We will add it to core – I opened an issue in our dev repo – but I’m not sure if we will be in the next release. Please check the changelog.
Cheers!
GünterHi,
Thank you for using Enfold.
Up to now we did not get any bug reports with translation editor and Enfold.
WPML has a compatibility team to integrate Enfold and also does a lot to keep everything running smoothly. And we also are in contact with them.For your special case – this seems to be related to WPML and not to Enfold.
Did you already open a support ticket at WPML?
Best regards,
GünterHi,
I have been in contact with WPML compatibility support.
Please see private content.
Best regards,
GünterHi,
Thank you for coming back and the credentials.
I setup a staging site on my dev server (with a page as footer) – using the 5 basic WPML plugins (Multilingual CMS, Translation Management, String Translation, Media, WC Multilingual) and WooCommerce. I cannot reproduce the problem. I can add a product to cart in both languages without the popup, this appears only when I switch the languages.
Also deactivating all other plugins on your staging server does not produce the error any longer.
It is correct, that $post->ID in function wcml_language_switch_dialog() points to the translated footer page ID.
It seems, that one of the other plugins hooks into the get_posts() query for the footer page and modifies the global $post variable.
The only way to find out is to deactivate all plugins (except the basic ones mentioned above) and then reactivate one by one until the problem occurs again.
Best regards,
Günter -
AuthorPosts