Changeset 3213041

Timestamp:

12/25/2024 04:27:08 PM (15 months ago)

Author:

premila

Message:

Fixed reviewer issues.

Location:

gutensee

Files:

• tags/1.0.4 (added)
• tags/1.0.4/assets (added)
• tags/1.0.4/assets/css (added)
• tags/1.0.4/assets/css/all.css (added)
• tags/1.0.4/assets/css/all.min.css (added)
• tags/1.0.4/assets/css/animate.css (added)
• tags/1.0.4/assets/css/editor.css (added)
• tags/1.0.4/assets/css/font-awesome (added)
• tags/1.0.4/assets/css/font-awesome/FontAwesome.otf (added)
• tags/1.0.4/assets/css/font-awesome/css (added)
• tags/1.0.4/assets/css/font-awesome/css/all.css (added)
• tags/1.0.4/assets/css/font-awesome/css/all.min.css (added)
• tags/1.0.4/assets/css/font-awesome/css/brands.css (added)
• tags/1.0.4/assets/css/font-awesome/css/brands.min.css (added)
• tags/1.0.4/assets/css/font-awesome/css/fontawesome.css (added)
• tags/1.0.4/assets/css/font-awesome/css/fontawesome.min.css (added)
• tags/1.0.4/assets/css/font-awesome/css/regular.css (added)
• tags/1.0.4/assets/css/font-awesome/css/regular.min.css (added)
• tags/1.0.4/assets/css/font-awesome/css/solid.css (added)
• tags/1.0.4/assets/css/font-awesome/css/solid.min.css (added)
• tags/1.0.4/assets/css/font-awesome/css/svg-with-js.css (added)
• tags/1.0.4/assets/css/font-awesome/css/svg-with-js.min.css (added)
• tags/1.0.4/assets/css/font-awesome/css/v4-shims.css (added)
• tags/1.0.4/assets/css/font-awesome/css/v4-shims.min.css (added)
• tags/1.0.4/assets/css/font-awesome/fontawesome-webfont.eot (added)
• tags/1.0.4/assets/css/font-awesome/fontawesome-webfont.svg (added)
• tags/1.0.4/assets/css/font-awesome/fontawesome-webfont.ttf (added)
• tags/1.0.4/assets/css/font-awesome/fontawesome-webfont.woff (added)
• tags/1.0.4/assets/css/font-awesome/fontawesome-webfont.woff2 (added)
• tags/1.0.4/assets/css/font-awesome/webfonts (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-brands-400.eot (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-brands-400.svg (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-brands-400.ttf (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-brands-400.woff (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-brands-400.woff2 (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-regular-400.eot (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-regular-400.svg (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-regular-400.ttf (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-regular-400.woff (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-regular-400.woff2 (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-solid-900.eot (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-solid-900.svg (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-solid-900.ttf (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-solid-900.woff (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-solid-900.woff2 (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-v4compatibility.ttf (added)
• tags/1.0.4/assets/css/font-awesome/webfonts/fa-v4compatibility.woff2 (added)
• tags/1.0.4/assets/css/menu.css (added)
• tags/1.0.4/assets/css/slick-theme.css (added)
• tags/1.0.4/assets/css/slick.css (added)
• tags/1.0.4/assets/css/style.css (added)
• tags/1.0.4/assets/images (added)
• tags/1.0.4/assets/images/dummy-image.png (added)
• tags/1.0.4/assets/js (added)
• tags/1.0.4/assets/js/editor.js (added)
• tags/1.0.4/assets/js/font-awesome (added)
• tags/1.0.4/assets/js/font-awesome/js (added)
• tags/1.0.4/assets/js/font-awesome/js/brands.js (added)
• tags/1.0.4/assets/js/font-awesome/js/brands.min.js (added)
• tags/1.0.4/assets/js/font-awesome/webfonts (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-brands-400.ttf (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-brands-400.woff2 (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-regular-400.ttf (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-regular-400.woff2 (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-solid-900.ttf (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-solid-900.woff2 (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-v4compatibility.ttf (added)
• tags/1.0.4/assets/js/font-awesome/webfonts/fa-v4compatibility.woff2 (added)
• tags/1.0.4/assets/js/slick.js (added)
• tags/1.0.4/assets/js/slick.min.js (added)
• tags/1.0.4/build (added)
• tags/1.0.4/build/index.asset.php (added)
• tags/1.0.4/build/index.js (added)
• tags/1.0.4/gutensee.php (added)
• tags/1.0.4/inc (added)
• tags/1.0.4/inc/blocks (added)
• tags/1.0.4/inc/blocks/breadcrumbs.php (added)
• tags/1.0.4/inc/blocks/contact-us.php (added)
• tags/1.0.4/inc/blocks/latest-post.php (added)
• tags/1.0.4/inc/blocks/navbar.php (added)
• tags/1.0.4/inc/blocks/post-query.php (added)
• tags/1.0.4/inc/blocks/topbar.php (added)
• tags/1.0.4/inc/script.php (added)
• tags/1.0.4/inc/templates (added)
• tags/1.0.4/inc/templates/gutensee-template.html (added)
• tags/1.0.4/inc/templates/gutensee-template.php (added)
• tags/1.0.4/inc/templates/template.php (added)
• tags/1.0.4/lang (added)
• tags/1.0.4/lang/gutensee.pot (added)
• tags/1.0.4/package-lock.json (added)
• tags/1.0.4/package.json (added)
• tags/1.0.4/readme.txt (added)
• trunk/gutensee.php (modified) (3 diffs)
• trunk/inc/blocks/breadcrumbs.php (modified) (2 diffs)
• trunk/inc/blocks/contact-us.php (modified) (6 diffs)
• trunk/inc/blocks/latest-post.php (modified) (29 diffs)
• trunk/inc/blocks/navbar.php (modified) (11 diffs)
• trunk/inc/blocks/post-query.php (modified) (26 diffs)
• trunk/inc/blocks/topbar.php (modified) (5 diffs)
• trunk/readme.txt (modified) (2 diffs)

gutensee/trunk/gutensee.php

@@ -4 +4 @@
 * Plugin URI:
 * Description:          Gutensee Plugin
-* Version:              1.0.3
+* Version:              1.0.4
 * Requires at least:    5.3
 * Requires PHP:         5.4
@@ -15 +15 @@
 * Domain Path:          /lang
 */
-
 if( !defined( 'ABSPATH' ) ) {exit(); }
-define('GUTENSEE__VERSION', '1.0.3');
+define('GUTENSEE_VERSION', '1.0.4');
 define('GUTENSEE_PLUGIN_PATH',trailingslashit(plugin_dir_path(__FILE__)));
 define('GUTENSEE_PLUGIN_URL',trailingslashit(plugins_url('/',__FILE__)));
@@ -110 +109 @@
 }
 add_action( 'wp_head', 'gutensee_add_template' );
+
+function gutensee_save_gravatar_to_media_library($gravatar_url) {
+    // Validate Gravatar URL
+    if (empty($gravatar_url) || !filter_var($gravatar_url, FILTER_VALIDATE_URL)) {
+        return new WP_Error('invalid_url', 'The provided Gravatar URL is not valid.');
+    }
+
+    // Parse URL to get the filename
+    $parsed_url = wp_parse_url($gravatar_url);
+    $query_params = [];
+    if (!empty($parsed_url['query'])) {
+        parse_str($parsed_url['query'], $query_params);
+    }
+    $filename = sanitize_file_name(md5($gravatar_url) . '.jpg'); // Unique filename based on the URL
+
+    // Get the upload directory
+    $upload_dir = wp_upload_dir();
+    $file_path = trailingslashit($upload_dir['path']) . $filename;
+
+    // Check if the file already exists
+    if (file_exists($file_path)) {
+        $attachment_id = attachment_url_to_postid($upload_dir['url'] . '/' . $filename);
+        if ($attachment_id) {
+            return $attachment_id; // Return existing attachment ID
+        }
+    }
+
+    // Fetch the image data
+    $response = wp_remote_get($gravatar_url);
+    if (is_wp_error($response)) {
+        return new WP_Error('fetch_error', 'Failed to fetch the Gravatar image.');
+    }
+
+    $image_data = wp_remote_retrieve_body($response);
+    if (empty($image_data)) {
+        return new WP_Error('empty_image_data', 'The image data is empty.');
+    }
+
+    // Load WP_Filesystem
+    if (empty($GLOBALS['wp_filesystem'])) {
+        require_once ABSPATH . 'wp-admin/includes/file.php';
+        WP_Filesystem();
+    }
+
+    global $wp_filesystem;
+
+    // Write image data to the file
+    if (!$wp_filesystem->put_contents($file_path, $image_data, FS_CHMOD_FILE)) {
+        return new WP_Error('file_write_error', 'Failed to write the image file.');
+    }
+
+    // Check file type and prepare attachment data
+    $filetype = wp_check_filetype($filename, null);
+    $attachment_data = array(
+        'post_mime_type' => $filetype['type'],
+        'post_title'     => sanitize_file_name($filename),
+        'post_content'   => '',
+        'post_status'    => 'inherit',
+    );
+
+    // Insert attachment into the Media Library
+    $attachment_id = wp_insert_attachment($attachment_data, $file_path);
+    if (is_wp_error($attachment_id)) {
+        return $attachment_id; // Return error if failed
+    }
+
+    // Generate attachment metadata
+    require_once ABSPATH . 'wp-admin/includes/image.php';
+    $attachment_metadata = wp_generate_attachment_metadata($attachment_id, $file_path);
+    wp_update_attachment_metadata($attachment_id, $attachment_metadata);
+
+    return $attachment_id; // Return attachment ID
+}
+

gutensee/trunk/inc/blocks/breadcrumbs.php

@@ -53 +53 @@
     $homeicon=($attributes['enableicon']==true)? '<i class="fa-solid fa-house"></i>' : '';
     $home=($attributes['enablehomebreadcumb']==true)? 'Home' : '';
-    $output .= '<a class="breadcrumbs-icon" href="' . home_url() . '">'.$homeicon.'</a>';
+    $output .= '<a class="breadcrumbs-icon" href="' . home_url() . '">'.wp_kses_post($homeicon).'</a>';
     $output .= '<a href="' . home_url() . '">'.$home.'</a>';
 
@@ -122 +122 @@
     $output .= '</div>';
     $output .= '</div></div>';
-    $output .=$attributes['addjs'];
+    $output .=esc_html($attributes['addjs']);
     return $output;
 }

gutensee/trunk/inc/blocks/contact-us.php

@@ -19 +19 @@
                     <div class="custom-contact-name">
                         <div class="contact-form-field">
-                            <?php if($attributes['enablelabel']==true){?><label for="name"><?php echo esc_html($attributes['namelabel'],'gutensee'); ?></label><?php } ?>
-                            <input type="text" id="name" name="name" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['nameholder'],'gutensee'); ?>"<?php } ?> class="contact-form-input-field name" required><br>
+                            <?php if($attributes['enablelabel']==true){?><label for="name"><?php echo esc_html($attributes['namelabel']); ?></label><?php } ?>
+                            <input type="text" id="name" name="name" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['nameholder']); ?>"<?php } ?> class="contact-form-input-field name" required><br>
                         </div>
                     </div>
@@ -28 +28 @@
                     <div class="custom-contact-email">
                         <div class="contact-form-field">
-                            <?php if($attributes['enablelabel']==true){?><label for="email"><?php echo esc_html($attributes['emaillabel'],'gutensee'); ?></label><?php } ?>
-                            <input type="email" id="email" name="email" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['nameholder'],'gutensee'); ?>"<?php } ?> class="contact-form-input-field email " required><br>
+                            <?php if($attributes['enablelabel']==true){?><label for="email"><?php echo esc_html($attributes['emaillabel']); ?></label><?php } ?>
+                            <input type="email" id="email" name="email" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['nameholder']); ?>"<?php } ?> class="contact-form-input-field email " required><br>
                         </div>
                     </div>
@@ -37 +37 @@
                     <div class="custom-contact-subject">
                         <div class="contact-form-field">
-                          <?php if($attributes['enablelabel']==true){?><label for="subject"><?php echo esc_html($attributes['subjectlabel'],'gutensee'); ?></label><?php } ?>
-                          <input type="text" id="subject" name="subject" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['subjectholder'],'gutensee'); ?>"<?php } ?> class="contact-form-input-field subject" required><br>
+                          <?php if($attributes['enablelabel']==true){?><label for="subject"><?php echo esc_html($attributes['subjectlabel']); ?></label><?php } ?>
+                          <input type="text" id="subject" name="subject" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['subjectholder']); ?>"<?php } ?> class="contact-form-input-field subject" required><br>
                         </div>
                     </div>
@@ -47 +47 @@
                         <div class="contact-form-field">
                           <?php if($attributes['enablelabel']==true){?><label for="subject"><?php echo esc_html($attributes['mobilelabel'],'gutensee'); ?></label><?php } ?>
-                          <input type="text" id="mobile" name="mobile" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['mobileholder'],'gutensee'); ?>"<?php } ?> class="contact-form-input-field mobile" required><br>
+                          <input type="text" id="mobile" name="mobile" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['mobileholder']); ?>"<?php } ?> class="contact-form-input-field mobile" required><br>
                         </div>
                     </div>
@@ -55 +55 @@
                     <div class="custom-contact-message">
                         <div class="contact-form-field">
-                          <?php if($attributes['enablelabel']==true){?><label for="message"><?php echo esc_html($attributes['mesglabel'],'gutensee'); ?></label><?php } ?>
-                          <textarea rows="4" id="message" name="message" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['mesgholder'],'gutensee'); ?>"<?php } ?> class="contact-form-input-field message" required></textarea><br>
+                          <?php if($attributes['enablelabel']==true){?><label for="message"><?php echo esc_html($attributes['mesglabel']); ?></label><?php } ?>
+                          <textarea rows="4" id="message" name="message" <?php if($attributes['enableplaceholder']==true){?>placeholder="<?php echo esc_attr($attributes['mesgholder']); ?>"<?php } ?> class="contact-form-input-field message" required></textarea><br>
                         </div>
                     </div>
                 <?php } ?>
                 <div class="custom-contact-button">
-                    <button type="submit" class="contact-form-button"><?php echo esc_html($attributes['btnlabel'],'gutensee'); ?></button>
+                    <button type="submit" class="contact-form-button"><?php echo esc_html($attributes['btnlabel']); ?></button>
                 </div>
            </div>
@@ -133 +133 @@
 
     // Email details
-    $to = get_option('admin_email');
+    $to = esc_html(get_option('admin_email'));
     $headers = array('Content-Type: text/html; charset=UTF-8');
-    $mail_subject = "New Contact Message from $name";
+    $mail_subject = "New Contact Message from ".esc_html($name)."";
 
     // Create the message body with correct labels
-    $mail_body = "<strong>Name:</strong> $name <br/>";
-    $mail_body .= "<strong>Email:</strong> $email <br/>";
-    $mail_body .= "<strong>Subject:</strong> $subject <br/>";
-    $mail_body .= "<strong>Mobile:</strong> $mobile <br/>";
-    $mail_body .= "<strong>Message:</strong> $message <br/>";
+    $mail_body = "<strong>Name:</strong>".esc_html($name)."<br/>";
+    $mail_body .= "<strong>Email:</strong>".esc_html($email)."<br/>";
+    $mail_body .= "<strong>Subject:</strong>".esc_html($subject)."<br/>";
+    $mail_body .= "<strong>Mobile:</strong>".esc_html($mobile)."<br/>";
+    $mail_body .= "<strong>Message:</strong>".esc_html($message)."<br/>";
 
     // Send the mail

gutensee/trunk/inc/blocks/latest-post.php

@@ -80 +80 @@
     }
 
-
-    $bordertop=(!empty($attributes['border']['top'])) ? $attributes['border']['top']['width'].' '. $attributes['border']['top']['style'].' '. $attributes['border']['top']['color'] : null;
-    $borderright=(!empty($attributes['border']['right'])) ? $attributes['border']['right']['width'].' '. $attributes['border']['right']['style'].' '. $attributes['border']['right']['color'] : null;
-    $borderbottom=(!empty($attributes['border']['bottom'])) ? $attributes['border']['bottom']['width'].' '. $attributes['border']['bottom']['style'].' '. $attributes['border']['bottom']['color'] : null;
-    $borderleft=(!empty($attributes['border']['left'] )) ? $attributes['border']['left']['width'].' '. $attributes['border']['left']['style'].' '. $attributes['border']['left']['color'] : null;
-
-    $navbordertop=(!empty($attributes['navborder']['top'])) ? $attributes['navborder']['top']['width'].' '. $attributes['navborder']['top']['style'].' '. $attributes['navborder']['top']['color'] : null;
-    $navborderright=(!empty($attributes['navborder']['right'])) ? $attributes['navborder']['right']['width'].' '. $attributes['navborder']['right']['style'].' '. $attributes['navborder']['right']['color'] : null;
-    $navborderbottom=(!empty($attributes['navborder']['bottom'])) ? $attributes['navborder']['bottom']['width'].' '. $attributes['navborder']['bottom']['style'].' '. $attributes['navborder']['bottom']['color'] : null;
-    $navborderleft=(!empty($attributes['navborder']['left'] )) ? $attributes['navborder']['left']['width'].' '. $attributes['navborder']['left']['style'].' '. $attributes['navborder']['left']['color'] : null;
-
-    $dotsbordertop=(!empty($attributes['dotsborder']['top'])) ? $attributes['dotsborder']['top']['width'].' '. $attributes['dotsborder']['top']['style'].' '. $attributes['dotsborder']['top']['color'] : null;
-    $dotsborderright=(!empty($attributes['dotsborder']['right'])) ? $attributes['dotsborder']['right']['width'].' '. $attributes['dotsborder']['right']['style'].' '. $attributes['dotsborder']['right']['color'] : null;
-    $dotsborderbottom=(!empty($attributes['dotsborder']['bottom'])) ? $attributes['dotsborder']['bottom']['width'].' '. $attributes['dotsborder']['bottom']['style'].' '. $attributes['dotsborder']['bottom']['color'] : null;
-    $dotsborderleft=(!empty($attributes['dotsborder']['left'] )) ? $attributes['dotsborder']['left']['width'].' '. $attributes['dotsborder']['left']['style'].' '. $attributes['dotsborder']['left']['color'] : null;
-
-    $featuredbordertop=(!empty($attributes['featuredborder']['top'])) ? $attributes['featuredborder']['top']['width'].' '. $attributes['featuredborder']['top']['style'].' '. $attributes['featuredborder']['top']['color'] : null;
-    $featuredborderright=(!empty($attributes['featuredborder']['right'])) ? $attributes['featuredborder']['right']['width'].' '. $attributes['featuredborder']['right']['style'].' '. $attributes['featuredborder']['right']['color'] : null;
-    $featuredborderbottom=(!empty($attributes['featuredborder']['bottom'])) ? $attributes['featuredborder']['bottom']['width'].' '. $attributes['featuredborder']['bottom']['style'].' '. $attributes['featuredborder']['bottom']['color'] : null;
-    $featuredborderleft=(!empty($attributes['featuredborder']['left'] )) ? $attributes['featuredborder']['left']['width'].' '. $attributes['featuredborder']['left']['style'].' '. $attributes['featuredborder']['left']['color'] : null;
-
-    $metabordertop=(!empty($attributes['metaborder']['top'])) ? $attributes['metaborder']['top']['width'].' '. $attributes['metaborder']['top']['style'].' '. $attributes['metaborder']['top']['color'] : null;
-    $metaborderright=(!empty($attributes['metaborder']['right'])) ? $attributes['metaborder']['right']['width'].' '. $attributes['metaborder']['right']['style'].' '. $attributes['metaborder']['right']['color'] : null;
-    $metaborderbottom=(!empty($attributes['metaborder']['bottom'])) ? $attributes['metaborder']['bottom']['width'].' '. $attributes['metaborder']['bottom']['style'].' '. $attributes['metaborder']['bottom']['color'] : null;
-    $metaborderleft=(!empty($attributes['metaborder']['left'] )) ? $attributes['metaborder']['left']['width'].' '. $attributes['metaborder']['left']['style'].' '. $attributes['metaborder']['left']['color'] : null;
-
-    $headingbordertop=(!empty($attributes['headingborder']['top'])) ? $attributes['headingborder']['top']['width'].' '. $attributes['headingborder']['top']['style'].' '. $attributes['headingborder']['top']['color'] : null;
-    $headingborderright=(!empty($attributes['headingborder']['right'])) ? $attributes['headingborder']['right']['width'].' '. $attributes['headingborder']['right']['style'].' '. $attributes['headingborder']['right']['color'] : null;
-    $headingborderbottom=(!empty($attributes['headingborder']['bottom'])) ? $attributes['headingborder']['bottom']['width'].' '. $attributes['headingborder']['bottom']['style'].' '. $attributes['headingborder']['bottom']['color'] : null;
-    $headingborderleft=(!empty($attributes['headingborder']['left'] )) ? $attributes['headingborder']['left']['width'].' '. $attributes['headingborder']['left']['style'].' '. $attributes['headingborder']['left']['color'] : null;    
-
-    $contentbordertop=(!empty($attributes['contentborder']['top'] )) ? $attributes['contentborder']['top']['width'].' '. $attributes['contentborder']['top']['style'].' '. $attributes['contentborder']['top']['color'] : null;
-    $contentborderright=(!empty($attributes['contentborder']['right'] )) ? $attributes['contentborder']['right']['width'].' '. $attributes['contentborder']['right']['style'].' '. $attributes['contentborder']['right']['color'] : null;
-    $contentborderbottom=(!empty($attributes['contentborder']['bottom'] )) ? $attributes['contentborder']['bottom']['width'].' '. $attributes['contentborder']['bottom']['style'].' '. $attributes['contentborder']['bottom']['color'] : null;
-    $contentborderleft=(!empty($attributes['contentborder']['left'] )) ? $attributes['contentborder']['left']['width'].' '. $attributes['contentborder']['left']['style'].' '. $attributes['contentborder']['left']['color'] : null;
-
-    $buttonbordertop=(!empty($attributes['buttonborder']['top'])) ? $attributes['buttonborder']['top']['width'].' '. $attributes['buttonborder']['top']['style'].' '. $attributes['buttonborder']['top']['color'] : null;
-    $buttonborderright=(!empty($attributes['buttonborder']['right'])) ? $attributes['buttonborder']['right']['width'].' '. $attributes['buttonborder']['right']['style'].' '. $attributes['buttonborder']['right']['color'] : null;
-    $buttonborderbottom=(!empty($attributes['buttonborder']['bottom'])) ? $attributes['buttonborder']['bottom']['width'].' '. $attributes['buttonborder']['bottom']['style'].' '. $attributes['buttonborder']['bottom']['color'] : null;
-    $buttonborderleft=(!empty($attributes['buttonborder']['left'] )) ? $attributes['buttonborder']['left']['width'].' '. $attributes['buttonborder']['left']['style'].' '. $attributes['buttonborder']['left']['color'] : null;
-
-    $borderwidth=(!empty($attributes['border']['width']))? $attributes['border']['width'] :null;
-    $borderstyle=(!empty($attributes['border']['style']))? $attributes['border']['style'] :null;
-    $bordercolor=(!empty($attributes['border']['color']))? $attributes['border']['color'] :null;
-
-    $navborderwidth=(!empty($attributes['navborder']['width']))? $attributes['navborder']['width'] :null;
-    $navborderstyle=(!empty($attributes['navborder']['style']))? $attributes['navborder']['style'] :null;
-    $navbordercolor=(!empty($attributes['navborder']['color']))? $attributes['navborder']['color'] :null;
-
-    $dotsborderwidth=(!empty($attributes['dotsborder']['width']))? $attributes['dotsborder']['width'] :null;
-    $dotsborderstyle=(!empty($attributes['dotsborder']['style']))? $attributes['dotsborder']['style'] :null;
-    $dotsbordercolor=(!empty($attributes['dotsborder']['color']))? $attributes['dotsborder']['color'] :null;
-
-    $featuredborderwidth=(!empty($attributes['featuredborder']['width']))? $attributes['featuredborder']['width'] :null;
-    $featuredborderstyle=(!empty($attributes['featuredborder']['style']))? $attributes['featuredborder']['style'] :null;
-    $featuredbordercolor=(!empty($attributes['featuredborder']['color']))? $attributes['featuredborder']['color'] :null;
-
-    $metaborderwidth=(!empty($attributes['metaborder']['width']))? $attributes['metaborder']['width'] :null;
-    $metaborderstyle=(!empty($attributes['metaborder']['style']))? $attributes['metaborder']['style'] :null;
-    $metabordercolor=(!empty($attributes['metaborder']['color']))? $attributes['metaborder']['color'] :null;
-
-    $headingborderwidth=(!empty($attributes['headingborder']['width']))? $attributes['headingborder']['width'] :null;
-    $headingborderstyle=(!empty($attributes['headingborder']['style']))? $attributes['headingborder']['style'] :null;
-    $headingbordercolor=(!empty($attributes['headingborder']['color']))? $attributes['headingborder']['color'] :null;
-
-    $contentborderwidth=(!empty($attributes['contentborder']['width']))? $attributes['contentborder']['width'] :null;
-    $contentborderstyle=(!empty($attributes['contentborder']['style']))? $attributes['contentborder']['style'] :null;
-    $contentbordercolor=(!empty($attributes['contentborder']['color']))? $attributes['contentborder']['color'] :null;
-
-    $buttonborderwidth=(!empty($attributes['buttonborder']['width']))? $attributes['buttonborder']['width'] :null;
-    $buttonborderstyle=(!empty($attributes['buttonborder']['style']))? $attributes['buttonborder']['style'] :null;
-    $buttonbordercolor=(!empty($attributes['buttonborder']['color']))? $attributes['buttonborder']['color'] :null;
-
-    $ColumnClass='';
-    $Rowclass='';
-    switch($attributes['poststyle']){
-        case 'grid-layout':
-            $ColumnClass='block-col-'.$attributes['columnNumber'];
-            $Rowclass='block-row';
-            break;
-        case 'list-layout':
-            $ColumnClass='block-col-12';
-            $Rowclass='block-row';
-            break;
-        case 'masonry-layout':
-            $ColumnClass='masonry-column';
-            $Rowclass='masonry-row masonry-layout-'.$attributes['columnNumber'];
-            break;
-        case 'cover-layout':
-            $ColumnClass='block-col-'.$attributes['columnNumber'];
-            $Rowclass='block-row';
-            break;
-        default:
-            $ColumnClass='block-col-'.$attributes['columnNumber'];
-            $Rowclass='block-row';
-            break;
-    }
-
     $list_items_markup .= $attributes['addcss'];
     $list_items_markup .= $attributes['addjs'];
 
-    $list_items_markup .='<div id="'.$attributes['advid'].'"><div id="'.$uniqueid.'" class="post-query-loop '.$Rowclass.' single-item '.$uniqueid.' '.$attributes['addclass'].' '.$displayclass.' '. $animationclass.' '.$attributes['addclass'].'">';
+    $list_items_markup .='<div id="'.esc_attr($attributes['advid']).'"><div id="'.esc_attr($uniqueid).'" class="post-query-loop '.esc_attr($Rowclass).' single-item '.esc_attr($uniqueid).' '.esc_attr($attributes['addclass']).' '.esc_attr($displayclass).' '. esc_attr($animationclass).' '.esc_attr($attributes['addclass']).'">';
 
     foreach ( $recent_posts as $post ) {
@@ -191 +93 @@
         }
 
-        $post_content_class='';
-
-        if ( $attributes['displayFeaturedImage'] &&  has_post_thumbnail( $post ) ){ 
-            $post_content_class="post";
-        }else{ 
-            $post_content_class="post gutensee-remove-img";
-        }
         $columnno=$attributes['columnNumber'];
-        $list_items_markup .= '<div class="'.$ColumnClass.'" id="'.$attributes["addid"].'">';
+        $list_items_markup .= '<div class="'.esc_attr($ColumnClass).'" id="'.esc_attr($attributes["addid"]).'">';
 
         if($attributes['poststyle']=='grid-layout'){
@@ -243 +138 @@
                             $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                             $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                                        <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                                        '.$image_markup.'
+                                                        <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                                        '.wp_kses_post($image_markup).'
                                                     </div>';
                     }
@@ -265 +160 @@
                                 if ( ! empty( $author_display_name ) ) {
                                     if($attributes['authortype']==='image'){
-                                        $list_items_markup .= sprintf(
-                                            '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
-                                        );
+                                        $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                        if (is_wp_error($attachment_id)) {
+                                            echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                        } 
+                                        else {
+                                            // Use wp_get_attachment_image to display the image
+                                            $list_items_markup .= sprintf(
+                                                '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                esc_html($byline)
+                                            );
+                                        }                                       
                                     }else{
                                         $list_items_markup .= sprintf(
                                             '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
+                                            esc_html($byline)
                                         );
                                     }
@@ -302 +204 @@
                                 $list_items_markup .= sprintf(
                                     '<span class="comments-link"><i class="far fa-comment"></i>&nbsp;&nbsp;<a href="%2$s/#comments">Comments(%1$s)</a></span>',
-                                    $commentcounts,
+                                    esc_html($commentcounts),
                                     esc_url( $post_link )
                                 );            
@@ -324 +226 @@
                         if (  $attributes['disablebtn'] !=false &&  $attributes['displayPostContentRadio'] === 'excerpt'  ) {
                             $target=($attributes['opennewtab']) ?'_blank':'_self';
-                            $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.$target.'">'.$attributes['buttonlabel'].'<i class="fas fa-arrow-right"></i></a>';
+                            $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.$target.'">'.$attributes['buttonlabel'].'&nbsp;<i class="fas fa-arrow-right"></i></a>';
                         }
 
@@ -346 +248 @@
                             && isset( $attributes['displayPostContentRadio'] ) && 'full_post' === $attributes['displayPostContentRadio'] ) {
 
-                            $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                            $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
 
                             if ( post_password_required( $post ) ) {
@@ -404 +306 @@
                     $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                     $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                                <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                                '.$image_markup.'
+                                                <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                                '.wp_kses_post($image_markup).'
                                             </div>';
                 }
@@ -428 +330 @@
                                         if ( ! empty( $author_display_name ) ) {
                                             if($attributes['authortype']==='image'){
-                                                $list_items_markup .= sprintf(
-                                                    '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                                    $byline
-                                                );
+                                                $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                                if (is_wp_error($attachment_id)) {
+                                                    echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                                } 
+                                                else {
+                                                    // Use wp_get_attachment_image to display the image
+                                                    $list_items_markup .= sprintf(
+                                                        '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                        esc_html($byline)
+                                                    );
+                                                }  
                                             }else{
                                                 $list_items_markup .= sprintf(
                                                     '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                                    $byline
+                                                    esc_html($byline)
                                                 );
                                             }
@@ -465 +374 @@
                                         $list_items_markup .= sprintf(
                                             '<span class="comments-link"><i class="far fa-comment"></i>&nbsp;&nbsp;<a href="%2$s/#comments">Comments(%1$s)</a></span>',
-                                            $commentcounts,
+                                            esc_html($commentcounts),
                                             esc_url( $post_link )
                                         );            
@@ -478 +387 @@
                                         '<header class="post-entry-header"><h3 class="post-entry-title"><a class="wp-block-latest-posts__post-title" href="%1$s">%2$s</a></h3></header>',
                                         esc_url( $post_link ),
-                                        $title
+                                        esc_html($title)
                                     );
                                 }
@@ -487 +396 @@
                                 if (  $attributes['disablebtn'] !=false &&  $attributes['displayPostContentRadio'] === 'excerpt'  ) {
                                     $target=($attributes['opennewtab']) ?'_blank':'_self';
-                                    $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.$target.'">'.$attributes['buttonlabel'].'<i class="fas fa-arrow-right"></i></a>';
+                                    $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.esc_attr($target).'">'.esc_html($attributes['buttonlabel']).'&nbsp;<i class="fas fa-arrow-right"></i></a>';
                                 }
 
@@ -501 +410 @@
                                     $list_items_markup .= sprintf(
                                         '<div class="post-entry-content wp-block-latest-posts__post-excerpt"><p class="spbb-entry-content">%1$s</p>%2$s</div>',
-                                        $trimmed_excerpt,
-                                        $btn_markup
+                                        esc_html($trimmed_excerpt),
+                                        wp_kses_post($btn_markup)
                                     );
                                 }
@@ -509 +418 @@
                                     && isset( $attributes['displayPostContentRadio'] ) && 'full_post' === $attributes['displayPostContentRadio'] ) {
 
-                                    $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                                    $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
 
                                     if ( post_password_required( $post ) ) {
@@ -572 +481 @@
                             $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                             $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                                        <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                                        '.$image_markup.'
+                                                        <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                                        '.wp_kses_post($image_markup).'
                                                     </div>';
                     }
@@ -594 +503 @@
                                 if ( ! empty( $author_display_name ) ) {
                                     if($attributes['authortype']==='image'){
-                                        $list_items_markup .= sprintf(
-                                            '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
-                                        );
+                                        $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                        if (is_wp_error($attachment_id)) {
+                                            echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                        } 
+                                        else {
+                                            // Use wp_get_attachment_image to display the image
+                                            $list_items_markup .= sprintf(
+                                                '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                esc_html($byline)
+                                            );
+                                        }  
                                     }else{
                                         $list_items_markup .= sprintf(
                                             '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
+                                            esc_html($byline)
                                         );
                                     }
@@ -631 +547 @@
                                 $list_items_markup .= sprintf(
                                     '<span class="comments-link"><i class="far fa-comment"></i>&nbsp;&nbsp;<a href="%2$s/#comments">Comments(%1$s)</a></span>',
-                                    $commentcounts,
+                                    esc_html($commentcounts),
                                     esc_url( $post_link )
                                 );            
@@ -644 +560 @@
                                 '<header class="post-entry-header"><h3 class="post-entry-title"><a class="wp-block-latest-posts__post-title" href="%1$s">%2$s</a></h3></header>',
                                 esc_url( $post_link ),
-                                $title
+                                esc_html($title)
                             );
                         }                        
@@ -653 +569 @@
                         if (  $attributes['disablebtn'] !=false &&  $attributes['displayPostContentRadio'] === 'excerpt'  ) {
                             $target=($attributes['opennewtab']) ?'_blank':'_self';
-                            $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.$target.'">'.$attributes['buttonlabel'].'<i class="fas fa-arrow-right"></i></a>';
+                            $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.esc_attr($target).'">'.esc_html($attributes['buttonlabel']).'&nbsp;<i class="fas fa-arrow-right"></i></a>';
                         }
 
@@ -667 +583 @@
                             $list_items_markup .= sprintf(
                                 '<div class="post-entry-content wp-block-latest-posts__post-excerpt"><p class="spbb-entry-content">%1$s</p>%2$s</div>',
-                                $trimmed_excerpt,
-                                $btn_markup
+                                esc_html($trimmed_excerpt),
+                                wp_kses_post($btn_markup)
                             );
                         }
@@ -675 +591 @@
                             && isset( $attributes['displayPostContentRadio'] ) && 'full_post' === $attributes['displayPostContentRadio'] ) {
 
-                            $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                            $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
 
                             if ( post_password_required( $post ) ) {
@@ -733 +649 @@
                     $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                     $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                                <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                                '.$image_markup.'
+                                                <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                                '.wp_kses_post($image_markup).'
                                             </div>';
                 }
@@ -757 +673 @@
                                         if ( ! empty( $author_display_name ) ) {
                                             if($attributes['authortype']==='image'){
-                                                $list_items_markup .= sprintf(
-                                                    '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                                    $byline
-                                                );
+                                                $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                                if (is_wp_error($attachment_id)) {
+                                                    echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                                } 
+                                                else {
+                                                    // Use wp_get_attachment_image to display the image
+                                                    $list_items_markup .= sprintf(
+                                                        '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                        esc_html($byline)
+                                                    );
+                                                }  
                                             }else{
                                                 $list_items_markup .= sprintf(
                                                     '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                                    $byline
+                                                    esc_html($byline)
                                                 );
                                             }
@@ -794 +717 @@
                                         $list_items_markup .= sprintf(
                                             '<span class="comments-link"><i class="far fa-comment"></i>&nbsp;&nbsp;<a href="%2$s/#comments">Comments(%1$s)</a></span>',
-                                            $commentcounts,
+                                            esc_html($commentcounts),
                                             esc_url( $post_link )
                                         );            
@@ -807 +730 @@
                                         '<header class="post-entry-header"><h3 class="post-entry-title"><a class="wp-block-latest-posts__post-title" href="%1$s">%2$s</a></h3></header>',
                                         esc_url( $post_link ),
-                                        $title
+                                        esc_html($title)
                                     );
                                 }
@@ -816 +739 @@
                                 if (  $attributes['disablebtn'] !=false &&  $attributes['displayPostContentRadio'] === 'excerpt'  ) {
                                     $target=($attributes['opennewtab']) ?'_blank':'_self';
-                                    $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.$target.'">'.$attributes['buttonlabel'].'<i class="fas fa-arrow-right"></i></a>';
+                                    $btn_markup .='<a  href="'.esc_url( $post_link ).'" class="more-link" target="'.esc_attr($target).'">'.esc_html($attributes['buttonlabel']).'&nbsp;<i class="fas fa-arrow-right"></i></a>';
                                 }
 
@@ -830 +753 @@
                                     $list_items_markup .= sprintf(
                                         '<div class="post-entry-content wp-block-latest-posts__post-excerpt"><p class="spbb-entry-content">%1$s</p>%2$s</div>',
-                                        $trimmed_excerpt,
-                                        $btn_markup
+                                        esc_html($trimmed_excerpt),
+                                        wp_kses_post($btn_markup)
                                     );
                                 }
@@ -838 +761 @@
                                     && isset( $attributes['displayPostContentRadio'] ) && 'full_post' === $attributes['displayPostContentRadio'] ) {
 
-                                    $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                                    $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
 
                                     if ( post_password_required( $post ) ) {
@@ -887 +810 @@
     }
 
-    $wrapper_attributes = get_block_wrapper_attributes( array( 'class' => $class ) );
+    $wrapper_attributes = get_block_wrapper_attributes( array( 'class' => esc_attr($class) ) );
 
     $list_items_markup .='</div></div>';

gutensee/trunk/inc/blocks/navbar.php

@@ -1068 +1068 @@
         $bool = true;
         //print_r($menu_items);die();
-         $frontpage_id = get_option( 'page_on_front' );
-        $page_for_posts = get_option( 'page_for_posts' );
+         $frontpage_id = esc_html(get_option( 'page_on_front' ));
+        $page_for_posts = esc_html(get_option( 'page_for_posts' ));
         // echo 'dev-'.$page_for_posts;
         foreach( $menu_items as $menu_item ) {
@@ -1083 +1083 @@
                         $bool = true;$str2='';
                         $active=(($submenu->object_id==get_the_id() && !is_front_page()) || ($submenu->title==is_category($submenu->object_id)) || ($submenu->object_id==$frontpage_id && is_front_page()) || ($submenu->object_id==$page_for_posts && is_home())  ) ? 'active' :'';
-                        $str2 .= '<a class="' . $submenu->object_id . ' nav-link" href="' . $submenu->url . '" >' . $submenu->title; 
-                        $parents = $submenu->ID;
+                        $str2 .= '<a class="' . esc_attr($submenu->object_id) . ' nav-link" href="' . esc_url($submenu->url) . '" >' . esc_html($submenu->title); 
+                        $parents = esc_html($submenu->ID);
                         $str='';
                         $activert='';
@@ -1097 +1097 @@
                                      $active10=(($submenus1->object_id==get_the_id()) || ($submenus1->title==is_category($submenus1->object_id)) || ($submenus1->object_id==$frontpage_id && is_front_page()) || ($submenus1->object_id==$page_for_posts && is_home()) ) ? 'active' :'';
                                     if( $submenus1->menu_item_parent == $parents1 ) {
-                                        $str3 .= '<li class="3 menu-item menu-item-type-post_type menu-item-object-page '.$active10.' '. $submenus1->object_id .' '.get_the_id().'"><a class="nav-link" href="' . $submenus1->url . '" >' . $submenus1->title . '</a></li>';
+                                        $str3 .= '<li class="3 menu-item menu-item-type-post_type menu-item-object-page '.esc_attr($active10).' '. esc_attr($submenus1->object_id ).' '.get_the_id().'"><a class="nav-link" href="' .esc_url($submenus1->url) . '" >' . esc_html($submenus1->title) . '</a></li>';
                                      $activert10.=($active10==='active' ) ? 'active' :'';
                                  }
                                 }
-                                $def=($str3!='')?'<ul class="dropdown-menu 3">'.$str3.'</ul>':'';
+                                $def=($str3!='')?'<ul class="dropdown-menu 3">'.esc_html($str3).'</ul>':'';
                                 $activert.=($active1==='active' || $activert10==='active') ? 'active' :'';
                                
                                 if($def!=''){
-                                    $str .= '<li class="3 menu-item dropdown menu-item-type-post_type menu-item-object-page '.$activert10.' '.$active1.' '. $submenus->object_id .' '.get_the_id().'"><a class="nav-link" href="' . $submenus->url . '" >' . $submenus->title . '<i class="fas fa-caret-down"></i></a>'.$def.'</li>';
+                                    $str .= '<li class="3 menu-item dropdown menu-item-type-post_type menu-item-object-page '.esc_attr($activert10).' '.esc_attr($active1).' '. esc_attr($submenus->object_id) .' '.get_the_id().'"><a class="nav-link" href="' . esc_url($submenus->url) . '" >' . esc_html($submenus->title) . '<i class="fas fa-caret-down"></i></a>'.esc_html($def).'</li>';
                                 }else{
-                                    $str .= '<li class="3 menu-item menu-item-type-post_type menu-item-object-page '.$activert10.' '.$active1.' '. $submenus->object_id .' '.get_the_id().'"><a class="nav-link" href="' . $submenus->url . '" >' . $submenus->title . '</a></li>';
+                                    $str .= '<li class="3 menu-item menu-item-type-post_type menu-item-object-page '.esc_attr($activert10).' '.esc_attr($active1).' '. esc_attr($submenus->object_id).' '.get_the_id().'"><a class="nav-link" href="' . esc_url($submenus->url) . '" >' . esc_html($submenus->title) . '</a></li>';
                                 }
 
@@ -1113 +1113 @@
                         }
                         if($str!=null){
-                        $menu_array[] ='<li class="2 menu-item  menu-item-has-children dropdown '.$active.' '.$activert.'">';
+                        $menu_array[] ='<li class="2 menu-item  menu-item-has-children dropdown '.esc_attr($active).' '.esc_attr($activert).'">';
                         $menu_array[] .= $str2;                    
                         $menu_array[] .= '<i class="fas fa-caret-down"></i></a>';
@@ -1135 +1135 @@
                     $active2=(($menu_item->object_id==get_the_id()  && !is_front_page()) || ($menu_item->title==is_category($menu_item->object_id)) || ($menu_item->object_id==$frontpage_id && is_front_page()) || ($menu_item->object_id==$page_for_posts && is_home()) ) ? 'active' :''; 
                     $menu_list .= '<li class="1 menu-item  menu-item-has-children dropdown '.$active2.' '.$dractive.' '.$drpreactive.'">';
-                    $menu_list .= '<a class="nav-link" href="'.$menu_item->url.'">'.$menu_item->title.'<i class="fas fa-caret-down"></i></a>';
+                    $menu_list .= '<a class="nav-link" href="'.esc_url($menu_item->url).'">'.esc_html($menu_item->title).'<i class="fas fa-caret-down"></i></a>';
                      
                     $menu_list .= '<ul class="dropdown-menu">' ."\n";
@@ -1145 +1145 @@
                     $active2=(($menu_item->object_id==get_the_id()  && !is_front_page()) || ($menu_item->title==is_category($menu_item->object_id)) || ($menu_item->object_id==$frontpage_id && is_front_page()) || ($menu_item->object_id==$page_for_posts && is_home())) ? 'active' :''; 
                     $menu_list .= '<li class=" 5 menu-item menu-item-type-post_type menu-item-object-page '.$active2.' '.$dractive.'">';
-                    $menu_list .= '<a class="nav-link" href="'.$menu_item->url.'">' . $menu_item->title . '</a>';
+                    $menu_list .= '<a class="nav-link" href="'.esc_url($menu_item->url).'">' . esc_html($menu_item->title) . '</a>';
                 }
                  
@@ -1159 +1159 @@
             $menu_list .='<li class="menu-item header-button">
                             <a  class="theme-btn btn-style-one nav-link"  style="outline: none;">
-                              <span class="txt">'.$attributes['btntext'].'</span>
+                              <span class="txt">'.esc_html($attributes['btntext']).'</span>
                             </a>
                           </li>';
@@ -1181 +1181 @@
         }
     } else {
-        $menu_list = '<!-- no menu defined in location "'.$theme_location.'" -->';
+        $menu_list = '<!-- no menu defined in location "'.esc_html($theme_location).'" -->';
     }
  
@@ -1198 +1198 @@
     $displayclass=$displaydesktop.' '.$displaytablet.' '.$displaymobile;
 
-    $bordertop=(!empty($attributes['border']['top'])) ? $attributes['border']['top']['width'].' '. $attributes['border']['top']['style'].' '. $attributes['border']['top']['color'] : null;
-    $borderright=(!empty($attributes['border']['right'])) ? $attributes['border']['right']['width'].' '. $attributes['border']['right']['style'].' '. $attributes['border']['right']['color'] : null;
-    $borderbottom=(!empty($attributes['border']['bottom'])) ? $attributes['border']['bottom']['width'].' '. $attributes['border']['bottom']['style'].' '. $attributes['border']['bottom']['color'] : null;
-    $borderleft=(!empty($attributes['border']['left'] )) ? $attributes['border']['left']['width'].' '. $attributes['border']['left']['style'].' '. $attributes['border']['left']['color'] : null;
-
-    $menubordertop=(!empty($attributes['menuborder']['top'])) ? $attributes['menuborder']['top']['width'].' '. $attributes['menuborder']['top']['style'].' '. $attributes['menuborder']['top']['color'] : null;
-    $menuborderright=(!empty($attributes['menuborder']['right'])) ? $attributes['menuborder']['right']['width'].' '. $attributes['menuborder']['right']['style'].' '. $attributes['menuborder']['right']['color'] : null;
-    $menuborderbottom=(!empty($attributes['menuborder']['bottom'])) ? $attributes['menuborder']['bottom']['width'].' '. $attributes['menuborder']['bottom']['style'].' '. $attributes['menuborder']['bottom']['color'] : null;
-    $menuborderleft=(!empty($attributes['menuborder']['left'] )) ? $attributes['menuborder']['left']['width'].' '. $attributes['menuborder']['left']['style'].' '. $attributes['menuborder']['left']['color'] : null;
-
-    $ddbordertop=(!empty($attributes['ddborder']['top'])) ? $attributes['ddborder']['top']['width'].' '. $attributes['ddborder']['top']['style'].' '. $attributes['ddborder']['top']['color'] : null;
-    $ddborderright=(!empty($attributes['ddborder']['right'])) ? $attributes['ddborder']['right']['width'].' '. $attributes['ddborder']['right']['style'].' '. $attributes['ddborder']['right']['color'] : null;
-    $ddborderbottom=(!empty($attributes['ddborder']['bottom'])) ? $attributes['ddborder']['bottom']['width'].' '. $attributes['ddborder']['bottom']['style'].' '. $attributes['ddborder']['bottom']['color'] : null;
-    $ddborderleft=(!empty($attributes['ddborder']['left'] )) ? $attributes['ddborder']['left']['width'].' '. $attributes['ddborder']['left']['style'].' '. $attributes['ddborder']['left']['color'] : null;
-
-    $submenubordertop=(!empty($attributes['submenuborder']['top'])) ? $attributes['submenuborder']['top']['width'].' '. $attributes['submenuborder']['top']['style'].' '. $attributes['submenuborder']['top']['color'] : null;
-    $submenuborderright=(!empty($attributes['submenuborder']['right'])) ? $attributes['submenuborder']['right']['width'].' '. $attributes['submenuborder']['right']['style'].' '. $attributes['submenuborder']['right']['color'] : null;
-    $submenuborderbottom=(!empty($attributes['submenuborder']['bottom'])) ? $attributes['submenuborder']['bottom']['width'].' '. $attributes['submenuborder']['bottom']['style'].' '. $attributes['submenuborder']['bottom']['color'] : null;
-    $submenuborderleft=(!empty($attributes['submenuborder']['left'] )) ? $attributes['submenuborder']['left']['width'].' '. $attributes['submenuborder']['left']['style'].' '. $attributes['submenuborder']['left']['color'] : null;
-
-    $togglebordertop=(!empty($attributes['toggleborder']['top'])) ? $attributes['toggleborder']['top']['width'].' '. $attributes['toggleborder']['top']['style'].' '. $attributes['toggleborder']['top']['color'] : null;
-    $toggleborderright=(!empty($attributes['toggleborder']['right'])) ? $attributes['toggleborder']['right']['width'].' '. $attributes['toggleborder']['right']['style'].' '. $attributes['toggleborder']['right']['color'] : null;
-    $toggleborderbottom=(!empty($attributes['toggleborder']['bottom'])) ? $attributes['toggleborder']['bottom']['width'].' '. $attributes['toggleborder']['bottom']['style'].' '. $attributes['toggleborder']['bottom']['color'] : null;
-    $toggleborderleft=(!empty($attributes['toggleborder']['left'] )) ? $attributes['toggleborder']['left']['width'].' '. $attributes['toggleborder']['left']['style'].' '. $attributes['toggleborder']['left']['color'] : null;
-
-    $btnbordertop=(!empty($attributes['btnborder']['top'])) ? $attributes['btnborder']['top']['width'].' '. $attributes['btnborder']['top']['style'].' '. $attributes['btnborder']['top']['color'] : null;
-    $btnborderright=(!empty($attributes['btnborder']['right'])) ? $attributes['btnborder']['right']['width'].' '. $attributes['btnborder']['right']['style'].' '. $attributes['btnborder']['right']['color'] : null;
-    $btnborderbottom=(!empty($attributes['btnborder']['bottom'])) ? $attributes['btnborder']['btnbottom']['width'].' '. $attributes['btnborder']['bottom']['style'].' '. $attributes['btnborder']['bottom']['color'] : null;
-    $btnborderleft=(!empty($attributes['btnborder']['left'] )) ? $attributes['border']['left']['width'].' '. $attributes['border']['left']['style'].' '. $attributes['btnborder']['left']['color'] : null;
-
-    $sbtnbordertop=(!empty($attributes['sbtnborder']['top'])) ? $attributes['sbtnborder']['top']['width'].' '. $attributes['sbtnborder']['top']['style'].' '. $attributes['sbtnborder']['top']['color'] : null;
-    $sbtnborderright=(!empty($attributes['sbtnborder']['right'])) ? $attributes['sbtnborder']['right']['width'].' '. $attributes['sbtnborder']['right']['style'].' '. $attributes['sbtnborder']['right']['color'] : null;
-    $sbtnborderbottom=(!empty($attributes['sbtnborder']['bottom'])) ? $attributes['sbtnborder']['bottom']['width'].' '. $attributes['sbtnborder']['bottom']['style'].' '. $attributes['sbtnborder']['bottom']['color'] : null;
-    $sbtnborderleft=(!empty($attributes['sbtnborder']['left'] )) ? $attributes['sbtnborder']['left']['width'].' '. $attributes['sbtnborder']['left']['style'].' '. $attributes['sbtnborder']['left']['color'] : null;
-
-    $sformbordertop=(!empty($attributes['sformborder']['top'])) ? $attributes['sformborder']['top']['width'].' '. $attributes['sformborder']['top']['style'].' '. $attributes['sformborder']['top']['color'] : null;
-    $sformborderright=(!empty($attributes['sformborder']['right'])) ? $attributes['sformborder']['right']['width'].' '. $attributes['sformborder']['right']['style'].' '. $attributes['sformborder']['right']['color'] : null;
-    $sformborderbottom=(!empty($attributes['sformborder']['bottom'])) ? $attributes['sformborder']['bottom']['width'].' '. $attributes['sformborder']['bottom']['style'].' '. $attributes['sformborder']['bottom']['color'] : null;
-    $sformborderleft=(!empty($attributes['sformborder']['left'] )) ? $attributes['sformborder']['left']['width'].' '. $attributes['sformborder']['left']['style'].' '. $attributes['sformborder']['left']['color'] : null;
-
-
-    $iconbordertop=(!empty($attributes['iconborder']['top'])) ? $attributes['iconborder']['top']['width'].' '. $attributes['border']['top']['style'].' '. $attributes['iconborder']['top']['color'] : null;
-    $iconborderright=(!empty($attributes['iconborder']['right'])) ? $attributes['iconborder']['right']['width'].' '. $attributes['iconborder']['right']['style'].' '. $attributes['iconborder']['right']['color'] : null;
-    $iconborderbottom=(!empty($attributes['iconborder']['bottom'])) ? $attributes['iconborder']['bottom']['width'].' '. $attributes['iconborder']['bottom']['style'].' '. $attributes['iconborder']['iconbottom']['color'] : null;
-    $iconborderleft=(!empty($attributes['iconborder']['left'] )) ? $attributes['iconborder']['left']['width'].' '. $attributes['iconborder']['left']['style'].' '. $attributes['iconborder']['left']['color'] : null;
-
-    $borderwidth=(!empty($attributes['border']['width']))? $attributes['border']['width'] :null;
-    $borderstyle=(!empty($attributes['border']['style']))? $attributes['border']['style'] :null;
-    $bordercolor=(!empty($attributes['border']['color']))? $attributes['border']['color'] :null;
-
-    $menuboxshadow=($attributes['boxshadow'] === true) ? ''.$attributes['vshadow'].'px '.$attributes['hshadow'].'px '.$attributes['blurshadow'].'px '.$attributes['shadowColor'].'' : '';
-    $smenuboxshadow=($attributes['sboxshadow'] === true) ? ''.$attributes['svshadow'].'px '.$attributes['shshadow'].'px '.$attributes['sblurshadow'].'px '.$attributes['sshadowColor'].'' : '';
-    $sbmenuboxshadow=($attributes['sbboxshadow'] === true) ? ''.$attributes['sbvshadow'].'px '.$attributes['sbhshadow'].'px '.$attributes['sbblurshadow'].'px '.$attributes['sbshadowColor'].'' : '';
-
-    $list_items_markup .= $attributes['addcss'];
+    $list_items_markup .= wp_kses_post($attributes['addcss']);
 
     $alignmentClass = ($attributes['textAlignment'] != null) ? 'has-text-align-'.$attributes['textAlignment'].'' : '';
@@ -1262 +1208 @@
         $list_items_markup .= '<!-- Brand and toggle get grouped for better mobile display -->';
         $list_items_markup .= '<div class="gutensee-header">';
-        $list_items_markup .= '<button id="'.$uniqueid01.'" class="gutensee-toggle '.$uniqueid.' '.$attributes['toggleposition'].' '.$attributes['togglepositiontab'].' '.$attributes['togglepositionmob'].' '.$attributes['advclass'].'" data-toggle="collapse" type="button" aria-controls="menu" aria-expanded="false">';
+        $list_items_markup .= '<button id="'.esc_attr($uniqueid01).'" class="gutensee-toggle '.esc_attr($uniqueid).' '.esc_attr($attributes['toggleposition']).' '.esc_attr($attributes['togglepositiontab']).' '.esc_attr($attributes['togglepositionmob']).' '.esc_attr($attributes['advclass']).'" data-toggle="collapse" type="button" aria-controls="menu" aria-expanded="false">';
         $list_items_markup .= '<i class="fas fa-bars"></i>';
         $list_items_markup .= '</button></div>';
         $list_items_markup .= '<!-- Collect the nav links, forms, and other content for toggling -->';
-        $list_items_markup .= '<div class="collapse gutensee-collapse '.$uniqueid.'" id="custom-collapse">';
-        $list_items_markup .= '<div class="gutensee-blocks-menu navigation '.$alignmentClass.' '.$displayclass.' '.$attributes['addclass'].'" id="'.$uniqueid.'">';
+        $list_items_markup .= '<div class="collapse gutensee-collapse '.esc_attr($uniqueid).'" id="custom-collapse">';
+        $list_items_markup .= '<div class="gutensee-blocks-menu navigation '.esc_attr($alignmentClass).' '.esc_attr($displayclass).' '.esc_attr($attributes['addclass']).'" id="'.esc_attr($uniqueid).'">';
         $list_items_markup .= $menu_list;
         $list_items_markup .= '</div>';
@@ -1274 +1220 @@
         $list_items_markup .= '</nav></div>';
     }
-    $list_items_markup .=$attributes['addjs'];
+    $list_items_markup .=wp_kses_post($attributes['addjs']);
     return $list_items_markup;     
 }

gutensee/trunk/inc/blocks/post-query.php

@@ -63 +63 @@
 
     $animationclass='wow animated '.$attributes['durations'].' '.$attributes['animation'];
-
-
-    $bordertop=(!empty($attributes['border']['top'])) ? $attributes['border']['top']['width'].' '. $attributes['border']['top']['style'].' '. $attributes['border']['top']['color'] : null;
-    $borderright=(!empty($attributes['border']['right'])) ? $attributes['border']['right']['width'].' '. $attributes['border']['right']['style'].' '. $attributes['border']['right']['color'] : null;
-    $borderbottom=(!empty($attributes['border']['bottom'])) ? $attributes['border']['bottom']['width'].' '. $attributes['border']['bottom']['style'].' '. $attributes['border']['bottom']['color'] : null;
-    $borderleft=(!empty($attributes['border']['left'] )) ? $attributes['border']['left']['width'].' '. $attributes['border']['left']['style'].' '. $attributes['border']['left']['color'] : null;
-
-    $navbordertop=(!empty($attributes['navborder']['top'])) ? $attributes['navborder']['top']['width'].' '. $attributes['navborder']['top']['style'].' '. $attributes['navborder']['top']['color'] : null;
-    $navborderright=(!empty($attributes['navborder']['right'])) ? $attributes['navborder']['right']['width'].' '. $attributes['navborder']['right']['style'].' '. $attributes['navborder']['right']['color'] : null;
-    $navborderbottom=(!empty($attributes['navborder']['bottom'])) ? $attributes['navborder']['bottom']['width'].' '. $attributes['navborder']['bottom']['style'].' '. $attributes['navborder']['bottom']['color'] : null;
-    $navborderleft=(!empty($attributes['navborder']['left'] )) ? $attributes['navborder']['left']['width'].' '. $attributes['navborder']['left']['style'].' '. $attributes['navborder']['left']['color'] : null;
-
-    $dotsbordertop=(!empty($attributes['dotsborder']['top'])) ? $attributes['dotsborder']['top']['width'].' '. $attributes['dotsborder']['top']['style'].' '. $attributes['dotsborder']['top']['color'] : null;
-    $dotsborderright=(!empty($attributes['dotsborder']['right'])) ? $attributes['dotsborder']['right']['width'].' '. $attributes['dotsborder']['right']['style'].' '. $attributes['dotsborder']['right']['color'] : null;
-    $dotsborderbottom=(!empty($attributes['dotsborder']['bottom'])) ? $attributes['dotsborder']['bottom']['width'].' '. $attributes['dotsborder']['bottom']['style'].' '. $attributes['dotsborder']['bottom']['color'] : null;
-    $dotsborderleft=(!empty($attributes['dotsborder']['left'] )) ? $attributes['dotsborder']['left']['width'].' '. $attributes['dotsborder']['left']['style'].' '. $attributes['dotsborder']['left']['color'] : null;
-
-    $featuredbordertop=(!empty($attributes['featuredborder']['top'])) ? $attributes['featuredborder']['top']['width'].' '. $attributes['featuredborder']['top']['style'].' '. $attributes['featuredborder']['top']['color'] : null;
-    $featuredborderright=(!empty($attributes['featuredborder']['right'])) ? $attributes['featuredborder']['right']['width'].' '. $attributes['featuredborder']['right']['style'].' '. $attributes['featuredborder']['right']['color'] : null;
-    $featuredborderbottom=(!empty($attributes['featuredborder']['bottom'])) ? $attributes['featuredborder']['bottom']['width'].' '. $attributes['featuredborder']['bottom']['style'].' '. $attributes['featuredborder']['bottom']['color'] : null;
-    $featuredborderleft=(!empty($attributes['featuredborder']['left'] )) ? $attributes['featuredborder']['left']['width'].' '. $attributes['featuredborder']['left']['style'].' '. $attributes['featuredborder']['left']['color'] : null;
-
-    $metabordertop=(!empty($attributes['metaborder']['top'])) ? $attributes['metaborder']['top']['width'].' '. $attributes['metaborder']['top']['style'].' '. $attributes['metaborder']['top']['color'] : null;
-    $metaborderright=(!empty($attributes['metaborder']['right'])) ? $attributes['metaborder']['right']['width'].' '. $attributes['metaborder']['right']['style'].' '. $attributes['metaborder']['right']['color'] : null;
-    $metaborderbottom=(!empty($attributes['metaborder']['bottom'])) ? $attributes['metaborder']['bottom']['width'].' '. $attributes['metaborder']['bottom']['style'].' '. $attributes['metaborder']['bottom']['color'] : null;
-    $metaborderleft=(!empty($attributes['metaborder']['left'] )) ? $attributes['metaborder']['left']['width'].' '. $attributes['metaborder']['left']['style'].' '. $attributes['metaborder']['left']['color'] : null;
-
-    $headingbordertop=(!empty($attributes['headingborder']['top'])) ? $attributes['headingborder']['top']['width'].' '. $attributes['headingborder']['top']['style'].' '. $attributes['headingborder']['top']['color'] : null;
-    $headingborderright=(!empty($attributes['headingborder']['right'])) ? $attributes['headingborder']['right']['width'].' '. $attributes['headingborder']['right']['style'].' '. $attributes['headingborder']['right']['color'] : null;
-    $headingborderbottom=(!empty($attributes['headingborder']['bottom'])) ? $attributes['headingborder']['bottom']['width'].' '. $attributes['headingborder']['bottom']['style'].' '. $attributes['headingborder']['bottom']['color'] : null;
-    $headingborderleft=(!empty($attributes['headingborder']['left'] )) ? $attributes['headingborder']['left']['width'].' '. $attributes['headingborder']['left']['style'].' '. $attributes['headingborder']['left']['color'] : null;    
-
-    $contentbordertop=(!empty($attributes['contentborder']['top'] )) ? $attributes['contentborder']['top']['width'].' '. $attributes['contentborder']['top']['style'].' '. $attributes['contentborder']['top']['color'] : null;
-    $contentborderright=(!empty($attributes['contentborder']['right'] )) ? $attributes['contentborder']['right']['width'].' '. $attributes['contentborder']['right']['style'].' '. $attributes['contentborder']['right']['color'] : null;
-    $contentborderbottom=(!empty($attributes['contentborder']['bottom'] )) ? $attributes['contentborder']['bottom']['width'].' '. $attributes['contentborder']['bottom']['style'].' '. $attributes['contentborder']['bottom']['color'] : null;
-    $contentborderleft=(!empty($attributes['contentborder']['left'] )) ? $attributes['contentborder']['left']['width'].' '. $attributes['contentborder']['left']['style'].' '. $attributes['contentborder']['left']['color'] : null;
-
-    $buttonbordertop=(!empty($attributes['buttonborder']['top'])) ? $attributes['buttonborder']['top']['width'].' '. $attributes['buttonborder']['top']['style'].' '. $attributes['buttonborder']['top']['color'] : null;
-    $buttonborderright=(!empty($attributes['buttonborder']['right'])) ? $attributes['buttonborder']['right']['width'].' '. $attributes['buttonborder']['right']['style'].' '. $attributes['buttonborder']['right']['color'] : null;
-    $buttonborderbottom=(!empty($attributes['buttonborder']['bottom'])) ? $attributes['buttonborder']['bottom']['width'].' '. $attributes['buttonborder']['bottom']['style'].' '. $attributes['buttonborder']['bottom']['color'] : null;
-    $buttonborderleft=(!empty($attributes['buttonborder']['left'] )) ? $attributes['buttonborder']['left']['width'].' '. $attributes['buttonborder']['left']['style'].' '. $attributes['buttonborder']['left']['color'] : null;
-
-    $borderwidth=(!empty($attributes['border']['width']))? $attributes['border']['width'] :null;
-    $borderstyle=(!empty($attributes['border']['style']))? $attributes['border']['style'] :null;
-    $bordercolor=(!empty($attributes['border']['color']))? $attributes['border']['color'] :null;
-
-    $navborderwidth=(!empty($attributes['navborder']['width']))? $attributes['navborder']['width'] :null;
-    $navborderstyle=(!empty($attributes['navborder']['style']))? $attributes['navborder']['style'] :null;
-    $navbordercolor=(!empty($attributes['navborder']['color']))? $attributes['navborder']['color'] :null;
-
-    $dotsborderwidth=(!empty($attributes['dotsborder']['width']))? $attributes['dotsborder']['width'] :null;
-    $dotsborderstyle=(!empty($attributes['dotsborder']['style']))? $attributes['dotsborder']['style'] :null;
-    $dotsbordercolor=(!empty($attributes['dotsborder']['color']))? $attributes['dotsborder']['color'] :null;
-
-    $featuredborderwidth=(!empty($attributes['featuredborder']['width']))? $attributes['featuredborder']['width'] :null;
-    $featuredborderstyle=(!empty($attributes['featuredborder']['style']))? $attributes['featuredborder']['style'] :null;
-    $featuredbordercolor=(!empty($attributes['featuredborder']['color']))? $attributes['featuredborder']['color'] :null;
-
-    $metaborderwidth=(!empty($attributes['metaborder']['width']))? $attributes['metaborder']['width'] :null;
-    $metaborderstyle=(!empty($attributes['metaborder']['style']))? $attributes['metaborder']['style'] :null;
-    $metabordercolor=(!empty($attributes['metaborder']['color']))? $attributes['metaborder']['color'] :null;
-
-    $headingborderwidth=(!empty($attributes['headingborder']['width']))? $attributes['headingborder']['width'] :null;
-    $headingborderstyle=(!empty($attributes['headingborder']['style']))? $attributes['headingborder']['style'] :null;
-    $headingbordercolor=(!empty($attributes['headingborder']['color']))? $attributes['headingborder']['color'] :null;
-
-    $contentborderwidth=(!empty($attributes['contentborder']['width']))? $attributes['contentborder']['width'] :null;
-    $contentborderstyle=(!empty($attributes['contentborder']['style']))? $attributes['contentborder']['style'] :null;
-    $contentbordercolor=(!empty($attributes['contentborder']['color']))? $attributes['contentborder']['color'] :null;
-
-    $buttonborderwidth=(!empty($attributes['buttonborder']['width']))? $attributes['buttonborder']['width'] :null;
-    $buttonborderstyle=(!empty($attributes['buttonborder']['style']))? $attributes['buttonborder']['style'] :null;
-    $buttonbordercolor=(!empty($attributes['buttonborder']['color']))? $attributes['buttonborder']['color'] :null;
 
     $ColumnClass='';
@@ -162 +89 @@
     }
 
-    $list_items_markup .= $attributes['addcss'];
-
-    $list_items_markup .='<div id="'.$attributes['advid'].'"><div id="'.$uniqueid.'" class="post-query-loop '.$Rowclass.' single-item '.$uniqueid.' '.$attributes['addclass'].' '.$displayclass.' '. $animationclass.' '.$attributes['advclass'].'">';
+    $list_items_markup .= wp_kses_post($attributes['addcss']);
+
+    $list_items_markup .='<div id="'.esc_attr($attributes['advid']).'"><div id="'.esc_attr($uniqueid).'" class="post-query-loop '.esc_attr($Rowclass).' single-item '.esc_attr($uniqueid).' '.esc_attr($attributes['addclass']).' '.esc_attr($displayclass).' '. esc_attr($animationclass).' '.esc_attr($attributes['advclass']).'">';
 
     foreach ( $recent_posts as $post ) {
@@ -174 +101 @@
         }
 
-        $post_content_class='';
-
-        if ( $attributes['displayFeaturedImage'] &&  has_post_thumbnail( $post ) ){ 
-            $post_content_class="post";
-        }else{ 
-            $post_content_class="post gutensee-remove-img";
-        }
         $columnno=$attributes['columnNumber'];
         $list_items_markup .= '<div class="'.$ColumnClass.'" id="'.$attributes["addid"].'">';
@@ -225 +145 @@
                             $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                             $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                                        <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                                        '.$image_markup.'
+                                                        <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                                        '.wp_kses_post($image_markup).'
                                                     </div>';
                     }
@@ -247 +167 @@
                                 if ( ! empty( $author_display_name ) ) {
                                     if($attributes['authortype']==='image'){
-                                        $list_items_markup .= sprintf(
-                                            '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
-                                        );
+                                        $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                        if (is_wp_error($attachment_id)) {
+                                            echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                        } 
+                                        else {
+                                            // Use wp_get_attachment_image to display the image
+                                            $list_items_markup .= sprintf(
+                                                '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                esc_html($byline)
+                                            );
+                                        }  
                                     }else{
                                         $list_items_markup .= sprintf(
                                             '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
+                                            esc_html($byline)
                                         );
                                     }
@@ -284 +211 @@
                                 $list_items_markup .= sprintf(
                                     '<span class="comments-link"><i class="far fa-comment"></i>&nbsp;&nbsp;<a href="%2$s/#comments">Comments(%1$s)</a></span>',
-                                    $commentcounts,
+                                    esc_html($commentcounts),
                                     esc_url( $post_link )
                                 );            
@@ -297 +224 @@
                                 '<header class="post-entry-header"><h3 class="post-entry-title"><a class="wp-block-latest-posts__post-title" href="%1$s">%2$s</a></h3></header>',
                                 esc_url( $post_link ),
-                                $title
+                                esc_html($title)
                             );
                         }                        
@@ -320 +247 @@
                                 $list_items_markup .= sprintf(
                                     '<div class="post-entry-content wp-block-latest-posts__post-excerpt"><p class="spbb-entry-content 1">%1$s</p>%2$s</div>',
-                                    $trimmed_excerpt,
-                                    $btn_markup
+                                    esc_html($trimmed_excerpt),
+                                    wp_kses_post($btn_markup)
                                 );
                             }
@@ -327 +254 @@
                            else{
 
-                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
 
                                 if ( post_password_required( $post ) ) {
@@ -386 +313 @@
                 $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                 $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                            <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                            '.$image_markup.'
+                                            <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                            '.wp_kses_post($image_markup).'
                                         </div>';
             }    
@@ -410 +337 @@
                                 if ( ! empty( $author_display_name ) ) {
                                     if($attributes['authortype']==='image'){
-                                        $list_items_markup .= sprintf(
-                                            '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
-                                        );
+                                        $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                        if (is_wp_error($attachment_id)) {
+                                            echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                        } 
+                                        else {
+                                            // Use wp_get_attachment_image to display the image
+                                            $list_items_markup .= sprintf(
+                                                '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                esc_html($byline)
+                                            );
+                                        }  
                                     }else{
                                         $list_items_markup .= sprintf(
                                             '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
+                                            esc_html($byline)
                                         );
                                     }
@@ -447 +381 @@
                                 $list_items_markup .= sprintf(
                                     '<span class="comments-link"><i class="far fa-comment"></i>&nbsp;&nbsp;<a href="%2$s/#comments">Comments(%1$s)</a></span>',
-                                    $commentcounts,
+                                    esc_html($commentcounts),
                                     esc_url( $post_link )
                                 );            
@@ -483 +417 @@
                                 $list_items_markup .= sprintf(
                                     '<div class="post-entry-content wp-block-latest-posts__post-excerpt"><p class="spbb-entry-content 1">%1$s</p>%2$s</div>',
-                                    $trimmed_excerpt,
-                                    $btn_markup
+                                    esc_html($trimmed_excerpt),
+                                    wp_kses_post($btn_markup)
                                 );
                             }
@@ -490 +424 @@
                             else{
 
-                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
                                 if ( post_password_required( $post ) ) {
                                     $post_content = esc_html__( 'This content is password protected.' ,'gutensee');
@@ -551 +485 @@
                             $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                             $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                                        <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                                        '.$image_markup.'
+                                                        <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                                        '.wp_kses_post($image_markup).'
                                                     </div>';
                     }
@@ -572 +506 @@
                                 if ( ! empty( $author_display_name ) ) {
                                     if($attributes['authortype']==='image'){
-                                        $list_items_markup .= sprintf(
-                                            '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
-                                        );
+                                        $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                        if (is_wp_error($attachment_id)) {
+                                            echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                        } 
+                                        else {
+                                            // Use wp_get_attachment_image to display the image
+                                            $list_items_markup .= sprintf(
+                                                '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                esc_html($byline)
+                                            );
+                                        }  
                                     }else{
                                         $list_items_markup .= sprintf(
                                             '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
+                                            esc_html($byline)
                                         );
                                     }
@@ -622 +563 @@
                                 '<header class="post-entry-header"><h3 class="post-entry-title"><a class="wp-block-latest-posts__post-title" href="%1$s">%2$s</a></h3></header>',
                                 esc_url( $post_link ),
-                                $title
+                                esc_html($title)
                             );
                         }                        
@@ -645 +586 @@
                                 $list_items_markup .= sprintf(
                                     '<div class="post-entry-content wp-block-latest-posts__post-excerpt"><p class="spbb-entry-content 1">%1$s</p>%2$s</div>',
-                                    $trimmed_excerpt,
-                                    $btn_markup
+                                    esc_html($trimmed_excerpt),
+                                    wp_kses_post($btn_markup)
                                 );
                             }
@@ -652 +593 @@
                             else{
 
-                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
 
                                 if ( post_password_required( $post ) ) {
@@ -711 +652 @@
                 $opacity= ($attributes['bgImageOverlay']) ? $attributes['bgOverlayOpacity'] : '';
                 $list_items_markup .= '<div class="featured-image post-thumbnail">
-                                            <div class="overlay" style="background-color:'.$backgroundColor.';opacity:'.$opacity.'"></div>
-                                            '.$image_markup.'
+                                            <div class="overlay" style="background-color:'.esc_attr($backgroundColor).';opacity:'.esc_attr($opacity).'"></div>
+                                            '.wp_kses_post($image_markup).'
                                         </div>';
             }    
@@ -735 +676 @@
                                 if ( ! empty( $author_display_name ) ) {
                                     if($attributes['authortype']==='image'){
-                                        $list_items_markup .= sprintf(
-                                            '<span class="author"><img width="1060" height="766" src="'.$author_display_url.'" class="img-fluid" alt="user-1"><a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
-                                        );
+                                        $attachment_id = gutensee_save_gravatar_to_media_library($author_display_url);
+                                        if (is_wp_error($attachment_id)) {
+                                            echo esc_html('Error: ' . $attachment_id->get_error_message(),'gutensee');
+                                        } 
+                                        else {
+                                            // Use wp_get_attachment_image to display the image
+                                            $list_items_markup .= sprintf(
+                                                '<span class="author">'.wp_get_attachment_image($attachment_id, 'thumbnail', false, array('class' => 'img-fluid', 'alt'   => esc_attr($title),'width' => '1060', 'height'=> '766',)).'<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
+                                                esc_html($byline)
+                                            );
+                                        }  
                                     }else{
                                         $list_items_markup .= sprintf(
                                             '<span class="author"><i class="fa-regular fa-user"></i>&nbsp;&nbsp;<a href="'.esc_url( $author_display_link).'">%1$s</a></span>',
-                                            $byline
+                                            esc_html($byline)
                                         );
                                     }
@@ -785 +733 @@
                                 '<header class="post-entry-header"><h3 class="post-entry-title"><a class="wp-block-latest-posts__post-title" href="%1$s">%2$s</a></h3></header>',
                                 esc_url( $post_link ),
-                                $title
+                                esc_html($title)
                             );
                         }                        
@@ -808 +756 @@
                                 $list_items_markup .= sprintf(
                                     '<div class="post-entry-content wp-block-latest-posts__post-excerpt"><p class="spbb-entry-content 1">%1$s</p>%2$s</div>',
-                                    $trimmed_excerpt,
-                                    $btn_markup
+                                    esc_html($trimmed_excerpt),
+                                    wp_kses_post($btn_markup)
                                 );
                             }
@@ -815 +763 @@
                             else{
 
-                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, get_option( 'blog_charset' ) );
+                                $post_content = html_entity_decode( $post->post_content, ENT_QUOTES, esc_html(get_option( 'blog_charset' )) );
 
                                 if ( post_password_required( $post ) ) {
@@ -849 +797 @@
         }
         $list_items_markup .= '</div>';
-    }
-
-    $navright='';
-    $navleft='';
-    if($attributes['navicon'] === 'angle'){
-      $navleft='fas fa-chevron-left';
-      $navright='fas fa-chevron-right';
-    }
-    else if($attributes['navicon'] === 'doubleangle'){
-      $navleft='fa-solid fa-angles-left';
-      $navright='fa-solid fa-angles-right';
-    }
-    else if($attributes['navicon'] === 'arrow'){
-      $navleft='fa fa-arrow-left';
-      $navright='fa fa-arrow-right';
-    }
-    else if($attributes['navicon'] === 'longarrow'){
-      $navleft='fa fa-arrow-left-long';
-      $navright='fa fa-arrow-right-long';
-    }
-
-    $navl="<button class='slide-nav nav-left ".$navleft."'></button>";
-    $navr="<button class='slide-nav nav-right ".$navright."' ></button>";
-    $infinite=($attributes['infiniteloop']===true)?'true':'false';
-    $nav=($attributes['displaynav']===true)?'true':'false';
-    $dot=($attributes['displaydots']===true)?'true':'false';
-    $autoplay=($attributes['autoplay']===true)?'true':'false';
-        
+    }        
 
     remove_filter( 'excerpt_length', 'block_core_latest_posts_get_excerpt_length__premium_only', 20 );
@@ -902 +823 @@
     $list_items_markup .='</div></div>';
 
-    $list_items_markup .=$attributes['addjs'];
+    $list_items_markup .=wp_kses_post($attributes['addjs']);
     
     return $list_items_markup;

gutensee/trunk/inc/blocks/topbar.php

@@ -11 +11 @@
     $alignmentClass = ($attributes['textAlignment'] != null) ? 'has-text-align-'.$attributes['textAlignment'] : '';
 
-    $bordertop=(!empty($attributes['border']['top'])) ? $attributes['border']['top']['width'].' '. $attributes['border']['top']['style'].' '. $attributes['border']['top']['color'] : null;
-    $borderright=(!empty($attributes['border']['right'])) ? $attributes['border']['right']['width'].' '. $attributes['border']['right']['style'].' '. $attributes['border']['right']['color'] : null;
-    $borderbottom=(!empty($attributes['border']['bottom'])) ? $attributes['border']['bottom']['width'].' '. $attributes['border']['bottom']['style'].' '. $attributes['border']['bottom']['color'] : null;
-    $borderleft=(!empty($attributes['border']['left'] )) ? $attributes['border']['left']['width'].' '. $attributes['border']['left']['style'].' '. $attributes['border']['left']['color'] : null;
-
-    $iconbordertop=(!empty($attributes['iconborder']['top'])) ? $attributes['iconborder']['top']['width'].' '. $attributes['iconborder']['top']['style'].' '. $attributes['iconborder']['top']['color'] : null;
-    $iconborderright=(!empty($attributes['iconborder']['right'])) ? $attributes['iconborder']['right']['width'].' '. $attributes['iconborder']['right']['style'].' '. $attributes['iconborder']['right']['color'] : null;
-    $iconborderbottom=(!empty($attributes['iconborder']['bottom'])) ? $attributes['iconborder']['bottom']['width'].' '. $attributes['iconborder']['bottom']['style'].' '. $attributes['iconborder']['bottom']['color'] : null;
-    $iconborderleft=(!empty($attributes['iconborder']['left'] )) ? $attributes['iconborder']['left']['width'].' '. $attributes['iconborder']['left']['style'].' '. $attributes['iconborder']['left']['color'] : null;
-
-    $textbordertop=(!empty($attributes['textborder']['top'])) ? $attributes['textborder']['top']['width'].' '. $attributes['textborder']['top']['style'].' '. $attributes['textborder']['top']['color'] : null;
-    $textborderright=(!empty($attributes['textborder']['right'])) ? $attributes['textborder']['right']['width'].' '. $attributes['textborder']['right']['style'].' '. $attributes['textborder']['right']['color'] : null;
-    $textborderbottom=(!empty($attributes['textborder']['bottom'])) ? $attributes['textborder']['bottom']['width'].' '. $attributes['textborder']['bottom']['style'].' '. $attributes['textborder']['bottom']['color'] : null;
-    $textborderleft=(!empty($attributes['textborder']['left'] )) ? $attributes['textborder']['left']['width'].' '. $attributes['textborder']['left']['style'].' '. $attributes['textborder']['left']['color'] : null;
-    
-
     $dateFormat = isset($attributes['dateFormat']) ? $attributes['dateFormat'] : 'MM/DD/YYYY';
     $timeFormat = isset($attributes['timeFormat']) ? $attributes['timeFormat'] : 'HH:mm:ss';
@@ -38 +22 @@
     $query = new WP_Query($args);
 
-    $list_items_markup .=$attributes['addcss'];
+    $list_items_markup .=wp_kses_post($attributes['addcss']);
 
     // Format the date based on selected format
@@ -80 +64 @@
     switch ($attributes['topbartypes']) {
         case 'date':
-            $content='<div><span class="date"><i class="'.$attributes['topbaricon'].'"></i>'.$displayDateValue.'</span></div>';
+            $content='<div><span class="date"><i class="'.esc_attr($attributes['topbaricon']).'"></i>'.esc_html($displayDateValue).'</span></div>';
             break;
         case 'time':
-            $content='<div><i class="'.$attributes['topbaricon'].'"></i><span class="display-time" data-time-format="'.$timeFormat.'">'.$displayTimeValue.'</span></div>';
+            $content='<div><i class="'.esc_attr($attributes['topbaricon']).'"></i><span class="display-time" data-time-format="'.$timeFormat.'">'.esc_html($displayTimeValue).'</span></div>';
             break;
         case 'post':
-            $content .='<div class="slick-slider '.$attributes['uniqueid'].'">';
+            $content .='<div class="slick-slider '.esc_attr($attributes['uniqueid']).'">';
             if ($query->have_posts()) {
                 while ($query->have_posts()) {
                     $query->the_post();
-                    $content .='<div class="slide '.$alignmentClass.'"><span class="slide-heading"><a href="'.get_the_permalink().'"><i class="'.$attributes['topbaricon'].'"}></i>'.get_the_title().'</a></span></div>';
+                    $content .='<div class="slide '.esc_attr($alignmentClass).'"><span class="slide-heading"><a href="'.esc_url(get_the_permalink()).'"><i class="'.esc_attr($attributes['topbaricon']).'"}></i>'.esc_url(get_the_title()).'</a></span></div>';
                 }
             }
@@ -97 +81 @@
             break;
         case 'custom':
-            $content='<div><span><a href="'.$attributes['textlink'].'" target="'.$topbartarget.'"><i class="'.$attributes['topbaricon'].'"></i>'.$attributes['text'].'</a></span></div>';
+            $content='<div><span><a href="'.esc_url($attributes['textlink']).'" target="'.esc_attr($topbartarget).'"><i class="'.esc_attr($attributes['topbaricon']).'"></i>'.esc_html($attributes['text']).'</a></span></div>';
             break;
         default:
@@ -104 +88 @@
     }
 
-    $list_items_markup .= '<div id="'.$attributes['advid'].'"><div class="gutensee-topbar '.$displayclass.' '.$animationclass.' '.$alignmentClass.' '.$attributes['advclass'].'" id="'.$attributes['uniqueid'].'">'.$content.'</div></div>';
+    $list_items_markup .= '<div id="'.esc_attr($attributes['advid']).'"><div class="gutensee-topbar '.esc_attr($displayclass).' '.esc_attr($animationclass).' '.esc_attr($alignmentClass).' '.esc_attr($attributes['advclass']).'" id="'.esc_attr($attributes['uniqueid']).'">'.wp_kses_post($content).'</div></div>';
 
-    $list_items_markup .=$attributes['addjs'];
+    $list_items_markup .=wp_kses_post($attributes['addjs']);
 
     return $list_items_markup;

gutensee/trunk/readme.txt

@@ -5 +5 @@
 Requires at least: 5.3
 Tested up to: 6.7.1
-Stable tag: 1.0.3
+Stable tag: 1.0.4
 Requires PHP: 5.4
 License: GPLv2 or later
@@ -48 +48 @@
 == Changelog ==
 
+@Version 1.0.4
+* Fixed reviewer issues.
+
 @Version 1.0.3
 * Fixed reviewer issues.