Custom Post Type UI - Version 1.7.4

Version Description

  • 2020-03-17 =
  • Added: Nonce admin verification for import functionality.
  • Added: Extra escaping of markup and output for "Get Code" areas.
Download this release

Release Info

Developer tw2113
Plugin Icon 128x128 Custom Post Type UI
Version 1.7.4
Comparing to
See all releases

Code changes from version 1.7.3 to 1.7.4

Files changed (7) hide show
  1. changelog.txt +0 -182
  2. custom-post-type-ui.php +3 -3
  3. inc/post-types.php +2 -2
  4. inc/taxonomies.php +1 -1
  5. inc/tools.php +16 -10
  6. inc/utility.php +7 -0
  7. readme.txt +9 -1
changelog.txt DELETED
@@ -1,182 +0,0 @@
1
- = 1.3.5 - 2016-6-3 =
2
- * Removed undefined index error for publicly_queryable in "Get Code" area. That parameter is targeted for 1.4.0 release.
3
-
4
- = 1.3.4 - 2016-5-4 =
5
- * Fixed: moved WDS-based services "ads" to within the plugin itself. Will not request remote resources.
6
- * Fixed: Better output formatting if WDS/Pluginize "ads" failed to load images.
7
- * Fixed: undefined variable error in cptui.js
8
- * Added: Newsletter subscription form to stay uptodate with Custom Post Type UI & Custom Post Type UI Extended news.
9
- * Added: Support page/FAQ info regarding Pluginize and recent sidebar developments.
10
-
11
- = 1.3.3 - 2016-4-5 =
12
- * Revert Changes for ajax/heartbeat API requests before post type registration. 3rd party or other plugins were breaking because post types were not registered.
13
-
14
- = 1.3.2 - 2016-4-5 =
15
- * Fixed: Logic issue with cptui js files loading where they weren't meant to.
16
- * Fixed: Required markers missing on required post type fields.
17
- * Fixed: Removed excess labels that are not used by WordPress core.
18
- * Added: New contributors to readme file. Welcome John and Ryan.
19
- * Updated: New screenshot from 1.3.0 release. Moved to assets folder so users will no longer download as part of CPTUI.
20
- * Updated: Better prevention of running our code during ajax/heartbeat api requests.
21
-
22
- = 1.3.1 - 2016-3-25 =
23
- * Fixed: Logic issue for default values of `public` parameter for taxonomies added in 1.3.0.
24
-
25
- = 1.3.0 =
26
- * Added: "CPTUI_VERSION" constant and deprecated "CPT_VERSION".
27
- * Added: "Public" parameter for taxonomies
28
- * Added: "View Post Types" and "View Taxonomies" tabs at top of add/edit screens.
29
- * Added: Better prevention of potential duplicate slugs in new post types and taxonomies.
30
- * Added: Current theme's textdomain as output in get code textareas.
31
- * Added: Fill in singular and plural label fields if none provided. WordPress does not auto-fill these.
32
- * Added: For developers: plenty of extra hooks all over for customization needs.
33
- * Added: Javascript-based prevention of spaces and special characters for post type and taxonomy slugs.
34
- * Added: Legend tag support to admin UI class.
35
- * Added: Minified copies of our JavaScript and CSS. Define SCRIPT_DEBUG to true to use non-minified versions.
36
- * Added: New post type and taxonomy labels provided by WordPress 4.3 and 4.4 releases.
37
- * See: https://make.wordpress.org/core/2015/12/11/additional-labels-for-custom-post-types-and-custom-taxonomies/
38
- * Added: Notes to post type and taxonomy edit screens about WordPress core's post types and taxonomies.
39
- * Added: Taxonomy slug update ability with preserved term association.
40
- * Added: Title, Editor, and Featured Image now checked by default for new post types.
41
- * Added: "Show in Quick Edit" taxonomy parameter available in WP 4.2
42
- * Added: Promo spots on add/edit screens for other products from WebDevStudios.
43
- * Fixed: Need to visit permalinks page to flush rewrite rules after creating new post type or taxonomy.
44
- * Fixed: Missing REST API based parameters in "Get Code" output.
45
- * Updated: Increased accessibility coverage.
46
- * Updated: Revised how tabs are added to pages so 3rd party developers can add their own tabs.
47
- * Updated: Improved string consistency in our UI helper notes. Props @GaryJ
48
- * Updated: Tested on WordPress 4.5
49
- * Updated: Cleaned up admin footer area for social links.
50
- * Updated: Moved all localization work to WordPress.org Translation packs
51
-
52
- = 1.2.4 =
53
- * Added: new CPTUI_VERSION constant to match naming of other current constants.
54
- * Added: CPTUI_VERSION constant to cptui.css string for cache busting.
55
-
56
- = 1.2.3 - 2016-01-31 =
57
- * Fixed: copy/paste error with admin css. Props hinaloe.
58
-
59
- = 1.2.2 - 2016-01-30 =
60
- * Fixed: Missing admin menu icon for some browsers.
61
- * Fixed: Undefined index notices for post type screen.
62
-
63
- = 1.2.1 - 2016-01-17 =
64
- * Fixed: Undefined index notices for custom taxonomies and new fields from 1.2.0
65
-
66
- = 1.2.0 - 2016-01-15 =
67
- * Added: Support for show_in_nav_menus parameter for post types.
68
- * Added: Support for taxonomy descriptions.
69
- * Added: Message on listings page if no post types or taxonomies are available.
70
- * Added: Note regarding 'public' parameter not being true by default for WordPress but is for CPTUI.
71
- * Added: Individual post type and taxonomy output for "Get Code" area.
72
- * Added: Fallback values for post type/taxonomy select input and get code area if no plural label provided.
73
- * Added: Support for custom query_var strings for post types.
74
- * Added: Support for show_in_rest and rest_base for post types and taxonomies for the upcoming WordPress REST API.
75
- * Added: Template hierarchy files to listings tables for user reference.
76
- * Added: Form labels in more areas to help with accessibility and usability.
77
- * Added: Fieldset method to Admin UI class for easily adding fieldset output.
78
- * Added: Debugging tab for use with CPTUI support.
79
- * Updated: Minimum version required. Now WordPress 4.2.
80
- * Updated: Heading tags match accessibility changes in WordPress 4.3.
81
- * Updated: Moved page title for some pages above tabs.
82
- * Updated: Textdomain now matches WordPress.org repo slug.
83
- * Updated: Added Visual Composer questions/answers to support section.
84
- * Updated: Added question/answer regarding spaces in post type slugs
85
- * Updated: Changed help icons to a Dashicon help icon.
86
- * Fixed: Support for YARPP plugin.
87
- * Fixed: Prevent potential issues with AJAX requests and our scripts/styles
88
-
89
- = 1.1.3 - 2015-12-23 =
90
- * Bumping WordPress compatibility version only. No other changes involved.
91
-
92
- = 1.1.2 - 2015-08-11 =
93
- * Change export value to plural label for taxonomies.
94
- * Properly select a post type or taxonomy after deleting an existing value.
95
- * Updated screenshots
96
- * Added target="_blank" attribute to one of the inline help links for Menu position. Thanks @JulieKuehl
97
- * Fixed potential XSS issue.
98
-
99
- = 1.1.1 - 2015-06-15 =
100
- * Re-add post type and taxonomy select buttons and only display for non-js users.
101
-
102
- = 1.1.0 - 2015-06-12 =
103
- * Simplified UI with regards to clicking amount.
104
- * Auto selecting of first available post type or taxonomy in Edit tab.
105
- * Switch to post type or taxonomy upon selection within Edit tab.
106
- * Return of a list of CPTUI-registered post types and taxonomies.
107
- * Post type slug update capability.
108
- * Added function reference 3rd party link to support area.
109
- * New hooks in edit screen for custom content display on screen.
110
- * String updates.
111
- * UI field option for custom "Supports" parameters from other plugins. Example: Yet Another Related Posts Plugin.
112
- * Updated help/support section with another reference tool.
113
- * Trim extra spaces potentially left behind in text inputs.
114
- * Rearranged menu listing slightly to remove duplicate naming.
115
- * GitHub repo has GitHub Updater (https://github.com/afragen/github-updater) compatible copy of CPTUI version that is available on WordPress.org
116
-
117
- = 1.0.8 - 2015-05-01 =
118
- * Register taxonomies at a higher priority than post types.
119
-
120
- = 1.0.7 - 2015-04-20 =
121
- * Preventive measures for potential XSS security issues with add_query_arg()
122
-
123
- = 1.0.6 - 2015-04-14 =
124
- * Change priority of post type registration function that was causing rewrite issues for many.
125
- * Fix issues with help text spots not showing up for some post type fields. Props pedro-mendonca.
126
- * Fix logic issue with PHP's empty() function and CPTUI 0.9.x saved settings.
127
-
128
- = 1.0.5 - 2015-03-20 =
129
- * Explicitly set the post type and taxonomy rewrite slugs as the registered slug if no custom ones provided.
130
- * Prevent cptui.js from loading where it is not needed.
131
- * Fixed undefined index notice for post type rewrite_withfront.
132
- * Repopulated labels when none provided and post type or taxonomy mentioned in default label.
133
- * Fix for import/export get code tab and hierarchical taxonomies
134
-
135
- = 1.0.4 - 2015-03-05 =
136
- * Fixed incorrect boolean order for hierarchical taxonomies and default value.
137
- * Fixed missing closing div tags.
138
- * Default menu position to null instead of empty string.
139
- * Undefined index notice cleanup.
140
- * Remove unnecessary hook.
141
-
142
- = 1.0.3 - Unknown =
143
- * Fix logic error regarding string "0" evaluating to false when checked for not empty.
144
- * Fix for taxonomy with_front boolean value not evaluating correctly.
145
- * Fix for taxonomy hierarchical boolean value not evaluating correctly.
146
- * Fix for post type has_archive.
147
- * German translation updates. If you speak/read German, myself and the translator would LOVE to have feedback on this.
148
- * Internationalization string changes after feedback from German translation work.
149
- * Minor issue with link html being stripped from UI field explanation.
150
- * Better apostrophe/single quote support in label fields.
151
-
152
- = 1.0.2 - 2015-02-12 =
153
- * Fix issue with checked checkboxes for post type associations for taxonomies.
154
- * Fix "Get Code" spot related to post type associations for taxonomies.
155
- * Update some text strings after localization feedback.
156
- * Fix typos in textdomain for two spots.
157
- * Updating progressing translation files.
158
- * Fix value for with_front parameter.
159
- * Fix error in boolean type for map_meta_cap.
160
- * Fix missing use of query_var slug if present for taxonomies.
161
-
162
- = 1.0.1 - 2015-02-11 =
163
- * Fix issues with taxonomy transfer and registration.
164
- * Fix issue with taxonomy "show admin column" evaluating to true regardless of setting.
165
- * Prefix our "help" class to prevent conflict with other plugins that use just "help".
166
- * Fix issue with menu position values not being obeyed.
167
- * Fix hook names inside taxonomy update function.
168
- * Fix potentially empty parameter with taxonomies and "Get Code" output.
169
- * Added PHP "undefined index" notice prevention for some parameters.
170
-
171
- = 1.0.0 - 2015-02-09 =
172
- * CPTUI has been given a new UI!
173
- * Separated out post type and taxonomy creation to their own screens.
174
- * Added import/export ability for post type and taxonomy settings.
175
- * Added a Help/Support Screen.
176
- * Added/Updated available parameters for post types and parameters.
177
- * Updated i18n and translation files.
178
- * Added Confirmation prompts before deleting post types and taxonomies.
179
- * Added actions and filters for 3rd party customization.
180
- * Added function that automatically converts 0.8.x and down settings to new setting arrangement.
181
- * Changed how settings are stored so that post types and taxonomies are in named array indexes.
182
- * Bug fixes not mentioned above.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
custom-post-type-ui.php CHANGED
@@ -16,7 +16,7 @@
16
  * Plugin URI: https://github.com/WebDevStudios/custom-post-type-ui/
17
  * Description: Admin panel for creating custom post types and custom taxonomies in WordPress
18
  * Author: WebDevStudios
19
- * Version: 1.7.3
20
  * Author URI: https://webdevstudios.com/
21
  * Text Domain: custom-post-type-ui
22
  * Domain Path: /languages
@@ -30,8 +30,8 @@ if ( ! defined( 'ABSPATH' ) ) {
30
  exit;
31
  }
32
 
33
- define( 'CPT_VERSION', '1.7.3' ); // Left for legacy purposes.
34
- define( 'CPTUI_VERSION', '1.7.3' );
35
  define( 'CPTUI_WP_VERSION', get_bloginfo( 'version' ) );
36
 
37
  /**
16
  * Plugin URI: https://github.com/WebDevStudios/custom-post-type-ui/
17
  * Description: Admin panel for creating custom post types and custom taxonomies in WordPress
18
  * Author: WebDevStudios
19
+ * Version: 1.7.4
20
  * Author URI: https://webdevstudios.com/
21
  * Text Domain: custom-post-type-ui
22
  * Domain Path: /languages
30
  exit;
31
  }
32
 
33
+ define( 'CPT_VERSION', '1.7.4' ); // Left for legacy purposes.
34
+ define( 'CPTUI_VERSION', '1.7.4' );
35
  define( 'CPTUI_WP_VERSION', get_bloginfo( 'version' ) );
36
 
37
  /**
inc/post-types.php CHANGED
@@ -1421,8 +1421,8 @@ function cptui_post_types_dropdown( $post_types = [] ) {
1421
  $select['options'] = [];
1422
 
1423
  foreach ( $post_types as $type ) {
1424
- $text = ! empty( $type['label'] ) ? $type['label'] : $type['name'];
1425
- $select['options'][] = [ 'attr' => $type['name'], 'text' => $text ];
1426
  }
1427
 
1428
  $current = cptui_get_current_post_type();
1421
  $select['options'] = [];
1422
 
1423
  foreach ( $post_types as $type ) {
1424
+ $text = ! empty( $type['label'] ) ? esc_html( $type['label'] ) : esc_html( $type['name'] );
1425
+ $select['options'][] = [ 'attr' => esc_html( $type['name'] ), 'text' => $text ];
1426
  }
1427
 
1428
  $current = cptui_get_current_post_type();
inc/taxonomies.php CHANGED
@@ -1132,7 +1132,7 @@ function cptui_taxonomies_dropdown( $taxonomies = [] ) {
1132
  $select['options'] = [];
1133
 
1134
  foreach ( $taxonomies as $tax ) {
1135
- $text = ! empty( $tax['label'] ) ? $tax['label'] : $tax['name'];
1136
  $select['options'][] = [
1137
  'attr' => $tax['name'],
1138
  'text' => $text,
1132
  $select['options'] = [];
1133
 
1134
  foreach ( $taxonomies as $tax ) {
1135
+ $text = ! empty( $tax['label'] ) ? esc_html( $tax['label'] ) : esc_html( $tax['name'] );
1136
  $select['options'][] = [
1137
  'attr' => $tax['name'],
1138
  'text' => $text,
inc/tools.php CHANGED
@@ -204,16 +204,16 @@ function cptui_get_taxonomy_code( $cptui_taxonomies = [], $single = false ) {
204
  $callback = 'cptui_register_my_taxes';
205
  if ( $single ) {
206
  $key = key( $cptui_taxonomies );
207
- $callback = 'cptui_register_my_taxes_' . str_replace( '-', '_', $cptui_taxonomies[ $key ]['name'] );
208
  }
209
  ?>
210
- function <?php echo $callback; ?>() {
211
  <?php
212
  foreach ( $cptui_taxonomies as $tax ) {
213
  echo cptui_get_single_taxonomy_registery( $tax );
214
  } ?>
215
  }
216
- add_action( 'init', '<?php echo $callback; ?>' );
217
  <?php
218
  } else {
219
  esc_html_e( 'No taxonomies to display at this time', 'custom-post-type-ui' );
@@ -328,7 +328,7 @@ foreach ( $taxonomy['labels'] as $key => $label ) {
328
  "meta_box_cb" => <?php echo $meta_box_cb; ?>,
329
  <?php } ?>
330
  ];
331
- register_taxonomy( "<?php echo $taxonomy['name']; ?>", <?php echo $post_types; ?>, $args );
332
  <?php
333
  }
334
 
@@ -348,11 +348,11 @@ function cptui_get_post_type_code( $cptui_post_types = [], $single = false ) {
348
  $callback = 'cptui_register_my_cpts';
349
  if ( $single ) {
350
  $key = key( $cptui_post_types );
351
- $callback = 'cptui_register_my_cpts_' . str_replace( '-', '_', $cptui_post_types[ $key ]['name'] );
352
  }
353
  ?>
354
 
355
- function <?php echo $callback; ?>() {
356
  <?php
357
  // Space before this line reflects in textarea.
358
  foreach ( $cptui_post_types as $type ) {
@@ -361,7 +361,7 @@ function <?php echo $callback; ?>() {
361
  ?>
362
  }
363
 
364
- add_action( 'init', '<?php echo $callback; ?>' );
365
  <?php
366
  } else {
367
  esc_html_e( 'No post types to display at this time', 'custom-post-type-ui' );
@@ -560,7 +560,7 @@ function cptui_get_single_post_type_registery( $post_type = [] ) {
560
  <?php } ?>
561
  ];
562
 
563
- register_post_type( "<?php echo $post_type['name']; ?>", $args );
564
  <?php
565
  }
566
 
@@ -579,6 +579,10 @@ function cptui_import_types_taxes_settings( $postdata = [] ) {
579
  return false;
580
  }
581
 
 
 
 
 
582
  $status = 'import_fail';
583
  $success = false;
584
 
@@ -750,6 +754,7 @@ function cptui_render_posttypes_taxonomies_section() {
750
  <p>
751
  <input class="button button-primary" type="submit" value="<?php esc_attr_e( 'Import', 'custom-post-type-ui' ); ?>" />
752
  </p>
 
753
  </form>
754
  </td>
755
  <td class="outer">
@@ -788,6 +793,7 @@ function cptui_render_posttypes_taxonomies_section() {
788
  <p>
789
  <input class="button button-primary" type="submit" value="<?php esc_attr_e( 'Import', 'custom-post-type-ui' ); ?>" />
790
  </p>
 
791
  </form>
792
  </td>
793
  <td class="outer">
@@ -837,7 +843,7 @@ function cptui_render_getcode_section() {
837
  ?>
838
  <h2 id="<?php echo esc_attr( $post_type['name'] ); ?>">
839
  <?php
840
- $type = ! empty( $post_type['label'] ) ? $post_type['label'] : $post_type['name'];
841
  printf( esc_html__( '%s Post Type', 'custom-post-type-ui' ), esc_html( $type ) ); ?></h2>
842
  <p><label for="cptui_post_type_get_code_<?php echo esc_attr( $post_type['name'] ); ?>"><?php esc_html_e( 'Copy/paste the code below into your functions.php file.', 'custom-post-type-ui' ); ?></label></p>
843
  <textarea name="cptui_post_type_get_code_<?php echo esc_attr( $post_type['name'] ); ?>" id="cptui_post_type_get_code_<?php echo esc_attr( $post_type['name'] ); ?>" class="large-text cptui_post_type_get_code" onclick="this.focus();this.select()" onfocus="this.focus();this.select();" readonly="readonly" aria-readonly="true"><?php cptui_get_post_type_code( [ $post_type ], true ); ?></textarea>
@@ -858,7 +864,7 @@ function cptui_render_getcode_section() {
858
  ?>
859
  <h2 id="<?php echo esc_attr( $taxonomy['name'] ); ?>">
860
  <?php
861
- $tax = ! empty( $taxonomy['label'] ) ? $taxonomy['label'] : $taxonomy['name'];
862
  printf( esc_html__( '%s Taxonomy', 'custom-post-type-ui' ), esc_html( $tax ) );
863
  ?>
864
  </h2>
204
  $callback = 'cptui_register_my_taxes';
205
  if ( $single ) {
206
  $key = key( $cptui_taxonomies );
207
+ $callback = 'cptui_register_my_taxes_' . str_replace( '-', '_', esc_html( $cptui_taxonomies[ $key ]['name'] ) );
208
  }
209
  ?>
210
+ function <?php echo esc_html( $callback ); ?>() {
211
  <?php
212
  foreach ( $cptui_taxonomies as $tax ) {
213
  echo cptui_get_single_taxonomy_registery( $tax );
214
  } ?>
215
  }
216
+ add_action( 'init', '<?php echo esc_html( $callback ); ?>' );
217
  <?php
218
  } else {
219
  esc_html_e( 'No taxonomies to display at this time', 'custom-post-type-ui' );
328
  "meta_box_cb" => <?php echo $meta_box_cb; ?>,
329
  <?php } ?>
330
  ];
331
+ register_taxonomy( "<?php echo esc_html( $taxonomy['name'] ); ?>", <?php echo $post_types; ?>, $args );
332
  <?php
333
  }
334
 
348
  $callback = 'cptui_register_my_cpts';
349
  if ( $single ) {
350
  $key = key( $cptui_post_types );
351
+ $callback = 'cptui_register_my_cpts_' . str_replace( '-', '_', esc_html( $cptui_post_types[ $key ]['name'] ) );
352
  }
353
  ?>
354
 
355
+ function <?php echo esc_html( $callback ); ?>() {
356
  <?php
357
  // Space before this line reflects in textarea.
358
  foreach ( $cptui_post_types as $type ) {
361
  ?>
362
  }
363
 
364
+ add_action( 'init', '<?php echo esc_html( $callback ); ?>' );
365
  <?php
366
  } else {
367
  esc_html_e( 'No post types to display at this time', 'custom-post-type-ui' );
560
  <?php } ?>
561
  ];
562
 
563
+ register_post_type( "<?php echo esc_html( $post_type['name'] ); ?>", $args );
564
  <?php
565
  }
566
 
579
  return false;
580
  }
581
 
582
+ if ( ! check_admin_referer( 'cptui_typetaximport_nonce_action', 'cptui_typetaximport_nonce_field' ) ) {
583
+ return 'nonce_fail';
584
+ }
585
+
586
  $status = 'import_fail';
587
  $success = false;
588
 
754
  <p>
755
  <input class="button button-primary" type="submit" value="<?php esc_attr_e( 'Import', 'custom-post-type-ui' ); ?>" />
756
  </p>
757
+ <?php wp_nonce_field( 'cptui_typetaximport_nonce_action', 'cptui_typetaximport_nonce_field' ); ?>
758
  </form>
759
  </td>
760
  <td class="outer">
793
  <p>
794
  <input class="button button-primary" type="submit" value="<?php esc_attr_e( 'Import', 'custom-post-type-ui' ); ?>" />
795
  </p>
796
+ <?php wp_nonce_field( 'cptui_typetaximport_nonce_action', 'cptui_typetaximport_nonce_field' ); ?>
797
  </form>
798
  </td>
799
  <td class="outer">
843
  ?>
844
  <h2 id="<?php echo esc_attr( $post_type['name'] ); ?>">
845
  <?php
846
+ $type = ! empty( $post_type['label'] ) ? esc_html( $post_type['label'] ) : esc_html( $post_type['name'] );
847
  printf( esc_html__( '%s Post Type', 'custom-post-type-ui' ), esc_html( $type ) ); ?></h2>
848
  <p><label for="cptui_post_type_get_code_<?php echo esc_attr( $post_type['name'] ); ?>"><?php esc_html_e( 'Copy/paste the code below into your functions.php file.', 'custom-post-type-ui' ); ?></label></p>
849
  <textarea name="cptui_post_type_get_code_<?php echo esc_attr( $post_type['name'] ); ?>" id="cptui_post_type_get_code_<?php echo esc_attr( $post_type['name'] ); ?>" class="large-text cptui_post_type_get_code" onclick="this.focus();this.select()" onfocus="this.focus();this.select();" readonly="readonly" aria-readonly="true"><?php cptui_get_post_type_code( [ $post_type ], true ); ?></textarea>
864
  ?>
865
  <h2 id="<?php echo esc_attr( $taxonomy['name'] ); ?>">
866
  <?php
867
+ $tax = ! empty( $taxonomy['label'] ) ? esc_html( $taxonomy['label'] ) : esc_html( $taxonomy['name'] );
868
  printf( esc_html__( '%s Taxonomy', 'custom-post-type-ui' ), esc_html( $tax ) );
869
  ?>
870
  </h2>
inc/utility.php CHANGED
@@ -691,6 +691,13 @@ function cptui_import_fail_admin_notice() {
691
  );
692
  }
693
 
 
 
 
 
 
 
 
694
  /**
695
  * Returns error message for if trying to register existing post type.
696
  *
691
  );
692
  }
693
 
694
+ function cptui_nonce_fail_admin_notice() {
695
+ echo cptui_admin_notices_helper(
696
+ esc_html__( 'Nonce failed verification', 'custom-post-type-ui' ),
697
+ false
698
+ );
699
+ }
700
+
701
  /**
702
  * Returns error message for if trying to register existing post type.
703
  *
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
4
  Tags: custom post types, CPT, CMS, post, types, post type, taxonomy, tax, custom, content types, post types
5
  Requires at least: 5.2
6
  Tested up to: 5.4.0
7
- Stable tag: 1.7.3
8
  License: GPL-2.0+
9
  Requires PHP: 5.6
10
 
@@ -31,6 +31,10 @@ Official development of Custom Post Type UI is on GitHub, with official stable r
31
 
32
  == Changelog ==
33
 
 
 
 
 
34
  = 1.7.3 - 2020-02-05 =
35
  * Updated: styles and appearance to better match WordPress core.
36
  * Updated: Change newsletter service integration. Hey, sign up for our newsletter! Props @Oceas
@@ -98,6 +102,10 @@ Official development of Custom Post Type UI is on GitHub, with official stable r
98
 
99
  == Upgrade Notice ==
100
 
 
 
 
 
101
  = 1.7.3 - 2020-02-05 =
102
  * Updated: styles and appearance to better match WordPress core.
103
  * Updated: Change newsletter service integration. Hey, sign up for our newsletter! Props @Oceas
4
  Tags: custom post types, CPT, CMS, post, types, post type, taxonomy, tax, custom, content types, post types
5
  Requires at least: 5.2
6
  Tested up to: 5.4.0
7
+ Stable tag: 1.7.4
8
  License: GPL-2.0+
9
  Requires PHP: 5.6
10
 
31
 
32
  == Changelog ==
33
 
34
+ = 1.7.4 - 2020-03-17 =
35
+ * Added: Nonce admin verification for import functionality.
36
+ * Added: Extra escaping of markup and output for "Get Code" areas.
37
+
38
  = 1.7.3 - 2020-02-05 =
39
  * Updated: styles and appearance to better match WordPress core.
40
  * Updated: Change newsletter service integration. Hey, sign up for our newsletter! Props @Oceas
102
 
103
  == Upgrade Notice ==
104
 
105
+ = 1.7.4 - 2020-03-17 =
106
+ * Added: Nonce admin verification for import functionality.
107
+ * Added: Extra escaping of markup and output for "Get Code" areas.
108
+
109
  = 1.7.3 - 2020-02-05 =
110
  * Updated: styles and appearance to better match WordPress core.
111
  * Updated: Change newsletter service integration. Hey, sign up for our newsletter! Props @Oceas