Plugin Directory


Ignore:
Timestamp:
12/12/2023 03:14:25 PM (16 months ago)
Author:
DaanvandenBergh
Message:

Update to version 5.7.7 from GitHub

Location:
host-webfonts-local
Files:
6 edited
1 copied

Legend:

Unmodified
Added
Removed
  • host-webfonts-local/tags/5.7.7/host-webfonts-local.php

    r2992194 r3008876  
    44 * Plugin URI: https://daan.dev/wordpress/omgf/
    55 * Description: Increase GDPR/DSGVO compliance and leverage browser cache by automatically self-hosting Google Fonts.
    6  * Version: 5.7.6
     6 * Version: 5.7.7
    77 * Author: Daan from Daan.dev
    88 * Author URI: https://daan.dev
  • host-webfonts-local/tags/5.7.7/readme.txt

    r2992194 r3008876  
    44Requires at least: 4.6
    55Tested up to: 6.3
    6 Stable tag: 5.7.6
     6Stable tag: 5.7.7
    77Requires PHP: 7.0
    88License: GPLv2 or later
     
    7979
    8080== Changelog ==
     81
     82= 5.7.7 | December 12th, 2023 =
     83* Fixed: CSRF issue in custom Update Settings logic.
    8184
    8285= 5.7.6 | November 8th, 2023 =
  • host-webfonts-local/tags/5.7.7/src/Admin/Actions.php

    r2963278 r3008876  
    2222    /**
    2323     * Execute all actions required in wp-admin.
    24      *
    2524     * @return void
    2625     */
     
    3534    /**
    3635     * Needs to run before admin_menu and admin_init.
    37      *
    3836     * @action _admin_menu
    3937     */
     
    4442    /**
    4543     * Initialize the Save & Optimize routine.
    46      *
    4744     * @return void
    4845     */
     
    5350    /**
    5451     * We use a custom update action, because we're storing multidimensional arrays upon form submit.
    55      *
    5652     * This prevents us from having to use AJAX, serialize(), stringify() and eventually having to json_decode() it, i.e.
    5753     * a lot of headaches.
    58      *
    5954     * @since v5.6.0
    6055     */
    6156    public function update_settings() {
    62         // phpcs:ignore WordPress.Security
    63         if ( empty( $_POST['action'] ) || $_POST['action'] !== 'omgf-update' ) {
     57        $action = $_GET[ 'tab' ] ?? 'omgf-optimize-settings';
     58
     59        wp_verify_nonce( $_POST[ '_wpnonce' ], $action );
     60
     61        if ( ! current_user_can( 'manage_options' ) ) {
    6462            return;
    6563        }
    6664
    67         // phpcs:ignore
    68         $updated_settings = $this->clean($_POST);
     65        if ( empty( $_POST[ 'action' ] ) || $_POST[ 'action' ] !== 'omgf-update' ) {
     66            return;
     67        }
     68
     69        $updated_settings = $this->clean( $_POST );
    6970
    7071        foreach ( $updated_settings as $option_name => $option_value ) {
     
    9596        /**
    9697         * Additional update actions can be added here.
    97          *
    9898         * @since v5.6.0
    9999         */
     
    113113     * Clean variables using `sanitize_text_field`.
    114114     * Arrays are cleaned recursively. Non-scalar values are ignored.
     115     * @since 5.5.7
    115116     *
    116117     * @param string|array $var Sanitize the variable.
    117      *
    118      * @since 5.5.7
    119118     *
    120119     * @return string|array
     
    133132     * @param mixed $plugin
    134133     * @param mixed $response
     134     *
    135135     * @return void
    136136     */
    137137    public function render_update_notice( $plugin, $response ) {
    138         $current_version = $plugin['Version'];
    139         $new_version     = $plugin['new_version'];
     138        $current_version = $plugin[ 'Version' ];
     139        $new_version     = $plugin[ 'new_version' ];
    140140
    141141        if ( version_compare( $current_version, $new_version, '<' ) ) {
    142             $response = wp_remote_get( 'https://daan.dev/omgf-update-notices.json?' . substr( uniqid( '', true ), -5 ) );
     142            $response = wp_remote_get( 'https://daan.dev/omgf-update-notices.json?' . substr( uniqid( '', true ), - 5 ) );
    143143
    144144            if ( is_wp_error( $response ) ) {
     
    157157            ];
    158158
    159             wp_kses( sprintf( ' <strong>' . __( 'This update includes major changes, please <a href="%s" target="_blank">read this</a> before continuing.' ) . '</strong>', $update_notices[ $new_version ]->url ), $allowed_html );
     159            wp_kses(
     160                sprintf(
     161                    ' <strong>' .
     162                    __( 'This update includes major changes, please <a href="%s" target="_blank">read this</a> before continuing.' ) .
     163                    '</strong>',
     164                    $update_notices[ $new_version ]->url
     165                ),
     166                $allowed_html
     167            );
    160168        }
    161169    }
     
    208216    /**
    209217     * Check if directory is empty.
    210      *
    211218     * This works because a new FilesystemIterator will initially point to the first file in the folder -
    212219     * if there are no files in the folder, valid() will return false
    213220     *
    214221     * @param mixed $dir
     222     *
    215223     * @return bool
    216224     */
  • host-webfonts-local/trunk/host-webfonts-local.php

    r2992194 r3008876  
    44 * Plugin URI: https://daan.dev/wordpress/omgf/
    55 * Description: Increase GDPR/DSGVO compliance and leverage browser cache by automatically self-hosting Google Fonts.
    6  * Version: 5.7.6
     6 * Version: 5.7.7
    77 * Author: Daan from Daan.dev
    88 * Author URI: https://daan.dev
  • host-webfonts-local/trunk/readme.txt

    r2992194 r3008876  
    44Requires at least: 4.6
    55Tested up to: 6.3
    6 Stable tag: 5.7.6
     6Stable tag: 5.7.7
    77Requires PHP: 7.0
    88License: GPLv2 or later
     
    7979
    8080== Changelog ==
     81
     82= 5.7.7 | December 12th, 2023 =
     83* Fixed: CSRF issue in custom Update Settings logic.
    8184
    8285= 5.7.6 | November 8th, 2023 =
  • host-webfonts-local/trunk/src/Admin/Actions.php

    r2963278 r3008876  
    2222    /**
    2323     * Execute all actions required in wp-admin.
    24      *
    2524     * @return void
    2625     */
     
    3534    /**
    3635     * Needs to run before admin_menu and admin_init.
    37      *
    3836     * @action _admin_menu
    3937     */
     
    4442    /**
    4543     * Initialize the Save & Optimize routine.
    46      *
    4744     * @return void
    4845     */
     
    5350    /**
    5451     * We use a custom update action, because we're storing multidimensional arrays upon form submit.
    55      *
    5652     * This prevents us from having to use AJAX, serialize(), stringify() and eventually having to json_decode() it, i.e.
    5753     * a lot of headaches.
    58      *
    5954     * @since v5.6.0
    6055     */
    6156    public function update_settings() {
    62         // phpcs:ignore WordPress.Security
    63         if ( empty( $_POST['action'] ) || $_POST['action'] !== 'omgf-update' ) {
     57        $action = $_GET[ 'tab' ] ?? 'omgf-optimize-settings';
     58
     59        wp_verify_nonce( $_POST[ '_wpnonce' ], $action );
     60
     61        if ( ! current_user_can( 'manage_options' ) ) {
    6462            return;
    6563        }
    6664
    67         // phpcs:ignore
    68         $updated_settings = $this->clean($_POST);
     65        if ( empty( $_POST[ 'action' ] ) || $_POST[ 'action' ] !== 'omgf-update' ) {
     66            return;
     67        }
     68
     69        $updated_settings = $this->clean( $_POST );
    6970
    7071        foreach ( $updated_settings as $option_name => $option_value ) {
     
    9596        /**
    9697         * Additional update actions can be added here.
    97          *
    9898         * @since v5.6.0
    9999         */
     
    113113     * Clean variables using `sanitize_text_field`.
    114114     * Arrays are cleaned recursively. Non-scalar values are ignored.
     115     * @since 5.5.7
    115116     *
    116117     * @param string|array $var Sanitize the variable.
    117      *
    118      * @since 5.5.7
    119118     *
    120119     * @return string|array
     
    133132     * @param mixed $plugin
    134133     * @param mixed $response
     134     *
    135135     * @return void
    136136     */
    137137    public function render_update_notice( $plugin, $response ) {
    138         $current_version = $plugin['Version'];
    139         $new_version     = $plugin['new_version'];
     138        $current_version = $plugin[ 'Version' ];
     139        $new_version     = $plugin[ 'new_version' ];
    140140
    141141        if ( version_compare( $current_version, $new_version, '<' ) ) {
    142             $response = wp_remote_get( 'https://daan.dev/omgf-update-notices.json?' . substr( uniqid( '', true ), -5 ) );
     142            $response = wp_remote_get( 'https://daan.dev/omgf-update-notices.json?' . substr( uniqid( '', true ), - 5 ) );
    143143
    144144            if ( is_wp_error( $response ) ) {
     
    157157            ];
    158158
    159             wp_kses( sprintf( ' <strong>' . __( 'This update includes major changes, please <a href="%s" target="_blank">read this</a> before continuing.' ) . '</strong>', $update_notices[ $new_version ]->url ), $allowed_html );
     159            wp_kses(
     160                sprintf(
     161                    ' <strong>' .
     162                    __( 'This update includes major changes, please <a href="%s" target="_blank">read this</a> before continuing.' ) .
     163                    '</strong>',
     164                    $update_notices[ $new_version ]->url
     165                ),
     166                $allowed_html
     167            );
    160168        }
    161169    }
     
    208216    /**
    209217     * Check if directory is empty.
    210      *
    211218     * This works because a new FilesystemIterator will initially point to the first file in the folder -
    212219     * if there are no files in the folder, valid() will return false
    213220     *
    214221     * @param mixed $dir
     222     *
    215223     * @return bool
    216224     */
Note: See TracChangeset for help on using the changeset viewer.