From dfdd77f1ccfaf260c96056a1e3409216fcf47cdf Mon Sep 17 00:00:00 2001
From: girishpanchal30 <girish@krishaweb.com>
Date: Tue, 5 Jul 2022 11:59:51 +0530
Subject: [PATCH] Fix phar deserialization Codeinwp/visualizer-pro#339

---
 classes/Visualizer/Gutenberg/Block.php |  8 ++++++--
 classes/Visualizer/Module/Chart.php    | 11 ++++++++---
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/classes/Visualizer/Gutenberg/Block.php b/classes/Visualizer/Gutenberg/Block.php
index d575a9b70..31210b5a5 100644
--- a/classes/Visualizer/Gutenberg/Block.php
+++ b/classes/Visualizer/Gutenberg/Block.php
@@ -750,8 +750,12 @@ public function upload_csv_data( $data ) {
 			return false;
 		}
 
-		if ( $data['url'] && ! is_wp_error( $data['url'] ) && filter_var( $data['url'], FILTER_VALIDATE_URL ) ) {
-			$source = new Visualizer_Source_Csv_Remote( $data['url'] );
+		$remote_data = false;
+		if ( isset( $data['url'] ) && function_exists( 'wp_http_validate_url' ) ) {
+			$remote_data = wp_http_validate_url( $data['url'] );
+		}
+		if ( false !== $remote_data && ! is_wp_error( $remote_data ) ) {
+			$source = new Visualizer_Source_Csv_Remote( $remote_data );
 			if ( $source->fetch() ) {
 				$temp = $source->getData();
 				if ( is_string( $temp ) && is_array( unserialize( $temp ) ) ) {
diff --git a/classes/Visualizer/Module/Chart.php b/classes/Visualizer/Module/Chart.php
index ed0f61241..75e9d7fee 100644
--- a/classes/Visualizer/Module/Chart.php
+++ b/classes/Visualizer/Module/Chart.php
@@ -1111,10 +1111,15 @@ public function uploadData() {
 
 		$source = null;
 		$render = new Visualizer_Render_Page_Update();
-		if ( isset( $_POST['remote_data'] ) && filter_var( $_POST['remote_data'], FILTER_VALIDATE_URL ) ) {
-			$source = new Visualizer_Source_Csv_Remote( $_POST['remote_data'] );
+
+		$remote_data = false;
+		if ( isset( $_POST['remote_data'] ) && function_exists( 'wp_http_validate_url' ) ) {
+			$remote_data = wp_http_validate_url( $_POST['remote_data'] );
+		}
+		if ( false !== $remote_data ) {
+			$source = new Visualizer_Source_Csv_Remote( $remote_data );
 			if ( isset( $_POST['vz-import-time'] ) ) {
-				apply_filters( 'visualizer_pro_chart_schedule', $chart_id, $_POST['remote_data'], $_POST['vz-import-time'] );
+				apply_filters( 'visualizer_pro_chart_schedule', $chart_id, $remote_data, $_POST['vz-import-time'] );
 			}
 			// phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison
 		} elseif ( isset( $_FILES['local_data'] ) && $_FILES['local_data']['error'] == 0 ) {