All In One Favicon - Version 4.7

Version Description

(2018-07-23) = * Resolve XSS vulnerabilities. * Improve upload functionality and flow on settings page.

Download this release

Release Info

Developer grimmdude
Plugin Icon 128x128 All In One Favicon
Version 4.7
Comparing to
See all releases

Code changes from version 4.6 to 4.7

Files changed (7) hide show
  1. README.md +6 -2
  2. all-in-one-favicon.php +2 -2
  3. includes/settings-page.php +1 -1
  4. includes/settings-page/sp-plugin-favicon-settings.php +2 -2
  5. js/aiofavicon-min.js +1 -1
  6. js/aiofavicon.js +16 -8
  7. readme.txt +6 -2
README.md CHANGED
@@ -3,8 +3,8 @@ Contributors: techotronic
3
  Donate link: http://www.techotronic.de/donate/
4
  Tags: theme, favicon, admin, blog, wordpress, image, images, graphic, graphics, icon, iphone, multisite
5
  Requires at least: 2.8
6
- Tested up to: 4.6.1
7
- Stable tag: 4.5
8
 
9
  Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).
10
 
@@ -96,6 +96,10 @@ Go to the settings page and and upload your Favicon(s) or add the path/URL to al
96
 
97
  ## Changelog ##
98
 
 
 
 
 
99
  ### 4.5 (2016-11-06) ###
100
  * Some style tweaks to the settings page.
101
  * Fix unexpected output on plugin activation.
3
  Donate link: http://www.techotronic.de/donate/
4
  Tags: theme, favicon, admin, blog, wordpress, image, images, graphic, graphics, icon, iphone, multisite
5
  Requires at least: 2.8
6
+ Tested up to: 4.9
7
+ Stable tag: 4.7
8
 
9
  Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).
10
 
96
 
97
  ## Changelog ##
98
 
99
+ ### 4.7 (2018-07-23) ###
100
+ * Resolve XSS vulnerabilities.
101
+ * Improve upload functionality and flow on settings page.
102
+
103
  ### 4.5 (2016-11-06) ###
104
  * Some style tweaks to the settings page.
105
  * Fix unexpected output on plugin activation.
all-in-one-favicon.php CHANGED
@@ -6,7 +6,7 @@
6
  * Plugin Name: All in one Favicon
7
  * Plugin URI: http://www.techotronic.de/plugins/all-in-one-favicon/
8
  * Description: All in one Favicon management. Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif)
9
- * Version: 4.6
10
  * Author: Arne Franken
11
  * Author URI: http://www.techotronic.de/
12
  * License: GPL
@@ -23,7 +23,7 @@ require_once (dirname (__FILE__) . '/includes/donationloader.php');
23
  require_once (dirname (__FILE__) . '/includes/debugger.php');
24
 
25
  // define constants
26
- define('AIOFAVICON_VERSION', '4.5');
27
 
28
  if (!defined('AIOFAVICON_PLUGIN_BASENAME')) {
29
  //all-in-one-favicon/all-in-one-favicon.php
6
  * Plugin Name: All in one Favicon
7
  * Plugin URI: http://www.techotronic.de/plugins/all-in-one-favicon/
8
  * Description: All in one Favicon management. Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif)
9
+ * Version: 4.7
10
  * Author: Arne Franken
11
  * Author URI: http://www.techotronic.de/
12
  * License: GPL
23
  require_once (dirname (__FILE__) . '/includes/debugger.php');
24
 
25
  // define constants
26
+ define('AIOFAVICON_VERSION', '4.7');
27
 
28
  if (!defined('AIOFAVICON_PLUGIN_BASENAME')) {
29
  //all-in-one-favicon/all-in-one-favicon.php
includes/settings-page.php CHANGED
@@ -31,7 +31,7 @@
31
  <h1><?php echo AIOFAVICON_NAME . ' ' . __('Settings', AIOFAVICON_TEXTDOMAIN); ?></h1>
32
  <br class="clear"/>
33
 
34
- <div class="updated" id="javascriptWarning" style="background-color:#f66;">
35
  <p><?php _e("Please enable JavaScript. Upload-functionality on this page relies on JavaScript and will not work if it's not enabled.", AIOFAVICON_TEXTDOMAIN) ?></p>
36
  </div>
37
 
31
  <h1><?php echo AIOFAVICON_NAME . ' ' . __('Settings', AIOFAVICON_TEXTDOMAIN); ?></h1>
32
  <br class="clear"/>
33
 
34
+ <div class="updated" id="javascriptWarning" style="background-color:#f66;display:none;">
35
  <p><?php _e("Please enable JavaScript. Upload-functionality on this page relies on JavaScript and will not work if it's not enabled.", AIOFAVICON_TEXTDOMAIN) ?></p>
36
  </div>
37
 
includes/settings-page/sp-plugin-favicon-settings.php CHANGED
@@ -25,7 +25,7 @@
25
  </td>
26
  <td>
27
  <!-- text input field so URLs may be copy'n'pasted -->
28
- <input id="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>-text" type="text" name="<?php echo AIOFAVICON_SETTINGSNAME . '[' . $iconName ?>-text]" size="60" maxlength="100000" value="<?php echo array_key_exists($iconName, $this->aioFaviconSettings) ? $this->aioFaviconSettings[$iconName] : ''; ?>"/>
29
  <!-- label for file input, is displayed as upload button. All browsers then trigger file upload but Mozilla, see aiofavicon.js for workaround. -->
30
  <label id="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>-button" name="<?php echo $iconName ?>-button" class="button-secondary trigger-file-input" for="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>" ><?php _e('Upload') ?></label>
31
  <br />
@@ -34,7 +34,7 @@
34
  <input type="checkbox" name="delete-<?php echo $iconName ?>"/><?php _e('Check box to delete favicon.',AIOFAVICON_TEXTDOMAIN) ?>
35
  <?php } ?>
36
  <!-- input is hidden with width:0 and opacity:0 because some browsers will not display the file upload dialog if it's hidden with display:none -->
37
- <input id="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>" type="file" name="<?php echo $iconName ?>" size="50" maxlength="100000" accept="image/*" value="<?php echo array_key_exists($iconName, $this->aioFaviconSettings) ? $this->aioFaviconSettings[$iconName] : ''; ?>" style="width: 0; opacity: 0;"/>
38
  </td>
39
  </tr>
40
  <?php } ?>
25
  </td>
26
  <td>
27
  <!-- text input field so URLs may be copy'n'pasted -->
28
+ <input id="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>-text" type="text" name="<?php echo AIOFAVICON_SETTINGSNAME . '[' . $iconName ?>-text]" size="60" maxlength="100000" value="<?php echo array_key_exists($iconName, $this->aioFaviconSettings) ? esc_attr($this->aioFaviconSettings[$iconName]) : ''; ?>" />
29
  <!-- label for file input, is displayed as upload button. All browsers then trigger file upload but Mozilla, see aiofavicon.js for workaround. -->
30
  <label id="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>-button" name="<?php echo $iconName ?>-button" class="button-secondary trigger-file-input" for="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>" ><?php _e('Upload') ?></label>
31
  <br />
34
  <input type="checkbox" name="delete-<?php echo $iconName ?>"/><?php _e('Check box to delete favicon.',AIOFAVICON_TEXTDOMAIN) ?>
35
  <?php } ?>
36
  <!-- input is hidden with width:0 and opacity:0 because some browsers will not display the file upload dialog if it's hidden with display:none -->
37
+ <input id="<?php echo AIOFAVICON_SETTINGSNAME .'-'. $iconName ?>" type="file" name="<?php echo $iconName ?>" size="50" maxlength="100000" accept="image/*" value="<?php echo array_key_exists($iconName, $this->aioFaviconSettings) ? esc_attr($this->aioFaviconSettings[$iconName]) : ''; ?>" style="width: 0; opacity: 0;"/>
38
  </td>
39
  </tr>
40
  <?php } ?>
js/aiofavicon-min.js CHANGED
@@ -1 +1 @@
1
- jQuery(document).ready(function(){emulateConsoleForIE();removeWarning();loadFavicons();bindEventTriggers();bindChangeHandlers()});(function(a){emulateConsoleForIE=function(){if(!console){console={}}var b=["log","info","warn","error","debug","trace","dir","group","groupCollapsed","groupEnd","time","timeEnd","profile","profileEnd","dirxml","assert","count","markTimeline","timeStamp","clear"];for(var c=0;c<b.length;c++){if(!console[b[c]]){console[b[c]]=function(){}}}}})(jQuery);(function(a){removeWarning=function(){a("#javascriptWarning").hide()}})(jQuery);(function(a){loadFavicons=function(){a.each(Aiofavicon,function(c,d){var e='<img src="'+d+'" />';var b="#"+c+"-favicon";a(b).empty().html(e).fadeIn()})}})(jQuery);(function(a){bindEventTriggers=function(){var b=a("form#aio-favicon-settings-update");if(a.browser.mozilla){a(".trigger-file-input").click(function(){a(this).siblings('input[type="file"]').trigger("click");console.debug("fired hook on button input %s",a(this).attr("id"))})}}})(jQuery);(function(a){bindChangeHandlers=function(){var c=a("form#aio-favicon-settings-update");var b=c.find('input[type="file"]');console.debug("added hook to file inputs");b.change(function(){a(this).siblings('input[type="text"]').val(a(this).val());console.debug("fired hook on file input %s",a(this).attr("id"))});b.click(function(){console.debug("click on file input %s",a(this).attr("id"))})}})(jQuery);
1
+ jQuery(document).ready(function(){emulateConsoleForIE(),removeWarning(),loadFavicons(),bindEventTriggers(),bindChangeHandlers()}),jQuery,emulateConsoleForIE=function(){console||(console={});for(var n=["log","info","warn","error","debug","trace","dir","group","groupCollapsed","groupEnd","time","timeEnd","profile","profileEnd","dirxml","assert","count","markTimeline","timeStamp","clear"],i=0;i<n.length;i++)console[n[i]]||(console[n[i]]=function(){})},function(n){removeWarning=function(){n("#javascriptWarning").hide()}}(jQuery),function(n){loadFavicons=function(){n.each(Aiofavicon,function(i,e){var o=n("<img />",{src:e});o.css({maxWidth:100}),n("#"+i+"-favicon").empty().append(o).fadeIn()})}}(jQuery),function(n){bindEventTriggers=function(){n("form#aio-favicon-settings-update");n.browser.mozilla&&n(".trigger-file-input").click(function(){n(this).siblings('input[type="file"]').trigger("click")})}}(jQuery),function(n){bindChangeHandlers=function(){var i=n("form#aio-favicon-settings-update").find('input[type="file"]');i.change(function(){this.files.length?n(this).siblings('input[type="text"]').val(this.files[0].name):n(this).siblings('input[type="text"]').val("")}),i.click(function(){})}}(jQuery);
js/aiofavicon.js CHANGED
@@ -70,9 +70,10 @@ jQuery(document).ready(function() {
70
  (function(jQuery) {
71
  loadFavicons = function() {
72
  jQuery.each(Aiofavicon, function(key, value) {
73
- var $imgTag = "<img src=\"" + value + "\" />";
 
74
  var selector = "#"+key+"-favicon";
75
- jQuery(selector).empty().html($imgTag).fadeIn();
76
  });
77
  }
78
  })(jQuery);
@@ -99,7 +100,7 @@ jQuery(document).ready(function() {
99
  jQuery(this)
100
  .siblings('input[type="file"]')
101
  .trigger('click');
102
- console.debug("fired hook on button input %s", jQuery(this).attr('id'));
103
  });
104
  }
105
 
@@ -124,16 +125,23 @@ jQuery(document).ready(function() {
124
 
125
  var fileInputs = form.find('input[type="file"]');
126
 
127
- console.debug("added hook to file inputs");
128
  fileInputs.change(function () {
 
129
  jQuery(this)
130
  .siblings('input[type="text"]')
131
- .val(jQuery(this)
132
- .val());
133
- console.debug("fired hook on file input %s", jQuery(this).attr('id'));
 
 
 
 
 
 
134
  });
135
  fileInputs.click(function() {
136
- console.debug("click on file input %s", jQuery(this).attr('id'));
137
  });
138
  }
139
  })(jQuery);
70
  (function(jQuery) {
71
  loadFavicons = function() {
72
  jQuery.each(Aiofavicon, function(key, value) {
73
+ var img = jQuery('<img />', {'src': value});
74
+ img.css({'maxWidth':100});
75
  var selector = "#"+key+"-favicon";
76
+ jQuery(selector).empty().append(img).fadeIn();
77
  });
78
  }
79
  })(jQuery);
100
  jQuery(this)
101
  .siblings('input[type="file"]')
102
  .trigger('click');
103
+ //console.debug("fired hook on button input %s", jQuery(this).attr('id'));
104
  });
105
  }
106
 
125
 
126
  var fileInputs = form.find('input[type="file"]');
127
 
128
+ //console.debug("added hook to file inputs");
129
  fileInputs.change(function () {
130
+ if (this.files.length) {
131
  jQuery(this)
132
  .siblings('input[type="text"]')
133
+ .val(this.files[0].name);
134
+ //console.debug("fired hook on file input %s", jQuery(this).attr('id'));
135
+
136
+ } else {
137
+ jQuery(this)
138
+ .siblings('input[type="text"]')
139
+ .val('');
140
+ }
141
+
142
  });
143
  fileInputs.click(function() {
144
+ //console.debug("click on file input %s", jQuery(this).attr('id'));
145
  });
146
  }
147
  })(jQuery);
readme.txt CHANGED
@@ -2,8 +2,8 @@
2
  Contributors: techotronic
3
  Tags: theme, favicon, admin, blog, wordpress, image, images, graphic, graphics, icon, iphone, multisite
4
  Requires at least: 2.8
5
- Tested up to: 4.7
6
- Stable tag: 4.6
7
 
8
  Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).
9
 
@@ -93,6 +93,10 @@ Go to the settings page and and upload your Favicon(s) or add the path/URL to al
93
 
94
  == Changelog ==
95
 
 
 
 
 
96
  = 4.6 (2017-04-08) =
97
  * Use __construct() for all class constructors.
98
 
2
  Contributors: techotronic
3
  Tags: theme, favicon, admin, blog, wordpress, image, images, graphic, graphics, icon, iphone, multisite
4
  Requires at least: 2.8
5
+ Tested up to: 4.9
6
+ Stable tag: 4.7
7
 
8
  Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).
9
 
93
 
94
  == Changelog ==
95
 
96
+ = 4.7 (2018-07-23) =
97
+ * Resolve XSS vulnerabilities.
98
+ * Improve upload functionality and flow on settings page.
99
+
100
  = 4.6 (2017-04-08) =
101
  * Use __construct() for all class constructors.
102