WordPress.org
Get WordPress

Plugin Directory

Changeset 3255595


Ignore:
Timestamp:
03/13/2025 08:04:45 PM (9 months ago)
Author:
numeeja
Message:

bug fixes

Location:
audio-album
Files:
24 added
3 edited

Legend:

Unmodified
Added
Removed

  • audio-album/trunk/audio-album.php

    r2868730 r3255595  
    55Description: Provides shortcodes to format native WordPress audio players as an album of tracks with additional info
    66Author: cubecolour
    7 Version: 1.5.0
     7Version: 1.5.1
    88Text Domain: audio-album
    99Domain Path: /languages/
     
    1111License: GPLv2
    1212
    13   Copyright 2013-2023 Michael Atkins
     13  Copyright 2013-2025 Michael Atkins
    1414
    1515  [email protected]
     
    356356
    357357    if ( $args['songwriter']  !== '') {
    358         $args['songwriter'] = '<span class="songwriter">(' . $args['songwriter'] . ')</span>';
     358        $args['songwriter'] = '<span class="songwriter">(' . sanitize_text_field( $args['songwriter'] ) . ')</span>';
    359359    }
    360360
     
    396396
    397397    if ( $args['buttonlink']  !== '#') {
    398         $popupbutton = '<a href="'. $cc_siteurl .'/?p=' . esc_attr( $args['buttonlink'] ) . '&pop=yes" class="info-popup" data-width="' . esc_attr( $args['width'] ) . '" data-height="' . esc_attr( $args['height']) . '">' . esc_attr( $args['buttontext']) . '</a>';
     398        $nonce = wp_create_nonce( 'cc_audioalbum_popup' ); // Generate a nonce
     399        $popupbutton = '<a href="'. $cc_siteurl .'/?p=' . esc_attr( $args['buttonlink'] ) . '&pop=yes&_wpnonce=' . $nonce . '" class="info-popup" data-width="' . esc_attr( $args['width'] ) . '" data-height="' . esc_attr( $args['height']) . '">' . esc_attr( $args['buttontext']) . '</a>';
     400
    399401    }
    400402
     
    420422
    421423function cc_popup_audioalbum_template( $template ) {
    422     if( isset( $_GET['pop']) && 'yes' == $_GET['pop'] )
    423         $template = plugin_dir_path( __FILE__ ) . 'templates/genesis-audioalbum-popup.php';
     424if ( isset( $_GET['pop'] ) && 'yes' === $_GET['pop'] ) {
     425    if ( isset( $_GET['_wpnonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_GET['_wpnonce'] ) ), 'cc_audioalbum_popup' ) ) {
     426        $template = plugin_dir_path( __FILE__ ) . 'templates/genesis-audioalbum-popup.php';
     427    } else {
     428        wp_die( esc_html__( 'Invalid request.', 'audio-album' ) ); // Prevent unauthorized access
     429    }
     430}
    424431
    425432    return $template;

  • audio-album/trunk/includes/customizer.php

    r1419926 r3255595  
    2424            'title'             => __( 'Audio Album', 'audio-album' ),
    2525            'capability'        => 'edit_theme_options',
    26             'description'       =>  __( '', 'audio-album' ),
    2726        )
    2827    );

  • audio-album/trunk/readme.txt

    r3071795 r3255595  
    22Contributors: numeeja
    33Donate link: https://cubecolour.co.uk/wp
    4 Tags: audio, album, playlist, music, mp3, ogg, m4a, wma, wav, media
     4Tags: audio, album, playlist, music, mp3
    55Requires at least: 4.9
    6 Tested up to: 6.5
    7 Stable tag: 1.5.0
     6Tested up to: 6.7
     7Stable tag: 1.5.1
    88License: GPLv2
    99
     
    170170
    171171== Changelog ==
     172
     173= 1.5.1 =
     174* Various bugfixes
    172175
    173176= 1.5.0 =
     
    244247== Upgrade Notice ==
    245248
     249= 1.5.1 =
     250* Various bugfixes
     251
    246252= 1.5.0 =
    247253* Removed jQuery as dependency on the front end (although mediaelement still requires jQuery)
     
    270276= 1.2.0 =
    271277
    272 * improve delimiting for comments
    273 * add default value for preload shortcode param: metadata so total track time appears in player
    274 * improved parameter value sanitization
    275 * use array for shortcode parameters instead of extract
    276 * use constant for plugin version
    277 * use visibility instead of display for delaying appearance of tracks
     278* various fixes, see changelog
    278279
    279280= 1.1.0 =
Note: See TracChangeset for help on using the changeset viewer.