Featured Image From URL - Version 4.0.1

Version Description

  • Enhancement: security (validation, sanitization and escaping of option values).
Download this release

Release Info

Developer marceljm
Plugin Icon 128x128 Featured Image From URL
Version 4.0.1
Comparing to
See all releases

Code changes from version 4.0.0 to 4.0.1

Files changed (6) hide show
  1. admin/api.php +4 -2
  2. admin/html/cloud.html +1 -3
  3. admin/menu.php +35 -14
  4. admin/strings.php +2 -5
  5. featured-image-from-url.php +1 -1
  6. readme.txt +8 -8
admin/api.php CHANGED
@@ -49,8 +49,10 @@ function fifu_api_sign_up(WP_REST_Request $request) {
49
  }
50
 
51
  $json = json_decode($response['http_response']->get_response_object()->body);
52
- if ($json->code <= 0)
53
  fifu_delete_credentials();
 
 
54
 
55
  $privKey = openssl_decrypt(base64_decode(get_option('fifu_su_privkey')[0]), "AES-128-ECB", $email . $site);
56
  if ($privKey) {
@@ -700,7 +702,7 @@ function fifu_api_list_all_fifu(WP_REST_Request $request) {
700
 
701
  function fifu_api_list_all_media_library(WP_REST_Request $request) {
702
  if (!fifu_su_sign_up_complete())
703
- return json_decode(array());
704
 
705
  $page = (int) $request['page'];
706
  return fifu_db_get_posts_with_internal_featured_image($page);
49
  }
50
 
51
  $json = json_decode($response['http_response']->get_response_object()->body);
52
+ if ($json->code <= 0) {
53
  fifu_delete_credentials();
54
+ return $json;
55
+ }
56
 
57
  $privKey = openssl_decrypt(base64_decode(get_option('fifu_su_privkey')[0]), "AES-128-ECB", $email . $site);
58
  if ($privKey) {
702
 
703
  function fifu_api_list_all_media_library(WP_REST_Request $request) {
704
  if (!fifu_su_sign_up_complete())
705
+ return null;
706
 
707
  $page = (int) $request['page'];
708
  return fifu_db_get_posts_with_internal_featured_image($page);
admin/html/cloud.html CHANGED
@@ -2,7 +2,7 @@
2
 
3
  <div class="header-box">
4
  <h1 style="color:white;padding-left:20px;width:98%;font-family:Ubuntu,sans-serif">
5
- <span class="dashicons dashicons-cloud-upload" style="font-size:30px"></span><span style="padding-left:20px">FIFU Cloud is coming soon... </span><span style="color:orange">already available for beta testers</span>
6
  <a href="https://gcpsignup.page.link/1J6G" target="_blank"><img class="fifu-google-cloud" src="https://storage.googleapis.com/featuredimagefromurl/power-by-gcp2.png"/></a>
7
  </h1>
8
  </div>
@@ -113,8 +113,6 @@
113
  <div class="box">
114
  <h2><i class="fa-solid fa-list-ol"></i> <?php $fifucloud['title']['getting']() ?></h2>
115
  <div class="greybox">
116
- <?php $fifucloud['getting']['beta']() ?><br>
117
- <br>
118
  <table style="text-align:left; width:100%; background-color:white;">
119
  <tr class="color">
120
  <td>
2
 
3
  <div class="header-box">
4
  <h1 style="color:white;padding-left:20px;width:98%;font-family:Ubuntu,sans-serif">
5
+ <span class="dashicons dashicons-cloud-upload" style="font-size:30px"></span><span style="padding-left:20px">FIFU Cloud</span> (<span style="color:orange">beta</span>)
6
  <a href="https://gcpsignup.page.link/1J6G" target="_blank"><img class="fifu-google-cloud" src="https://storage.googleapis.com/featuredimagefromurl/power-by-gcp2.png"/></a>
7
  </h1>
8
  </div>
113
  <div class="box">
114
  <h2><i class="fa-solid fa-list-ol"></i> <?php $fifucloud['title']['getting']() ?></h2>
115
  <div class="greybox">
 
 
116
  <table style="text-align:left; width:100%; background-color:white;">
117
  <tr class="color">
118
  <td>
admin/menu.php CHANGED
@@ -101,7 +101,7 @@ function fifu_support_data() {
101
 
102
  $enable_social = get_option('fifu_social');
103
  $enable_social_image_only = get_option('fifu_social_image_only');
104
- $skip = get_option('fifu_skip');
105
  $enable_lazy = get_option('fifu_lazy');
106
  $enable_photon = get_option('fifu_photon');
107
  $enable_cdn_social = get_option('fifu_cdn_social');
@@ -112,8 +112,8 @@ function fifu_support_data() {
112
  $enable_content_page = get_option('fifu_content_page');
113
  $enable_content_cpt = get_option('fifu_content_cpt');
114
  $enable_fake = get_option('fifu_fake');
115
- $default_url = get_option('fifu_default_url');
116
- $default_cpt = get_option('fifu_default_cpt');
117
  $enable_default_url = get_option('fifu_enable_default_url');
118
  $max_db = get_option('fifu_spinner_db');
119
  $nth_image = get_option('fifu_spinner_nth');
@@ -161,7 +161,7 @@ function fifu_get_menu_html() {
161
 
162
  $enable_social = get_option('fifu_social');
163
  $enable_social_image_only = get_option('fifu_social_image_only');
164
- $skip = get_option('fifu_skip');
165
  $enable_lazy = get_option('fifu_lazy');
166
  $enable_photon = get_option('fifu_photon');
167
  $enable_cdn_social = get_option('fifu_cdn_social');
@@ -172,8 +172,8 @@ function fifu_get_menu_html() {
172
  $enable_content_page = get_option('fifu_content_page');
173
  $enable_content_cpt = get_option('fifu_content_cpt');
174
  $enable_fake = get_option('fifu_fake');
175
- $default_url = get_option('fifu_default_url');
176
- $default_cpt = get_option('fifu_default_cpt');
177
  $enable_default_url = get_option('fifu_enable_default_url');
178
  $max_db = get_option('fifu_spinner_db');
179
  $nth_image = get_option('fifu_spinner_nth');
@@ -405,15 +405,36 @@ function fifu_update_menu_options() {
405
  return $arr;
406
  }
407
 
408
- function fifu_update_option($input, $type) {
409
- if (isset($_POST[$input])) {
410
- if ($_POST[$input] == 'on')
411
- update_option($type, 'toggleon');
412
- else if ($_POST[$input] == 'off')
413
- update_option($type, 'toggleoff');
414
- else
415
- update_option($type, wp_strip_all_tags($_POST[$input]));
 
 
 
416
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
417
  }
418
 
419
  function fifu_enable_fake() {
101
 
102
  $enable_social = get_option('fifu_social');
103
  $enable_social_image_only = get_option('fifu_social_image_only');
104
+ $skip = esc_attr(get_option('fifu_skip'));
105
  $enable_lazy = get_option('fifu_lazy');
106
  $enable_photon = get_option('fifu_photon');
107
  $enable_cdn_social = get_option('fifu_cdn_social');
112
  $enable_content_page = get_option('fifu_content_page');
113
  $enable_content_cpt = get_option('fifu_content_cpt');
114
  $enable_fake = get_option('fifu_fake');
115
+ $default_url = esc_url(get_option('fifu_default_url'));
116
+ $default_cpt = esc_attr(get_option('fifu_default_cpt'));
117
  $enable_default_url = get_option('fifu_enable_default_url');
118
  $max_db = get_option('fifu_spinner_db');
119
  $nth_image = get_option('fifu_spinner_nth');
161
 
162
  $enable_social = get_option('fifu_social');
163
  $enable_social_image_only = get_option('fifu_social_image_only');
164
+ $skip = esc_attr(get_option('fifu_skip'));
165
  $enable_lazy = get_option('fifu_lazy');
166
  $enable_photon = get_option('fifu_photon');
167
  $enable_cdn_social = get_option('fifu_cdn_social');
172
  $enable_content_page = get_option('fifu_content_page');
173
  $enable_content_cpt = get_option('fifu_content_cpt');
174
  $enable_fake = get_option('fifu_fake');
175
+ $default_url = esc_url(get_option('fifu_default_url'));
176
+ $default_cpt = esc_attr(get_option('fifu_default_cpt'));
177
  $enable_default_url = get_option('fifu_enable_default_url');
178
  $max_db = get_option('fifu_spinner_db');
179
  $nth_image = get_option('fifu_spinner_nth');
405
  return $arr;
406
  }
407
 
408
+ function fifu_update_option($input, $field) {
409
+ if (!isset($_POST[$input]))
410
+ return;
411
+
412
+ $value = $_POST[$input];
413
+
414
+ $arr_boolean = array('fifu_auto_alt', 'fifu_cdn_content', 'fifu_cdn_crop', 'fifu_cdn_social', 'fifu_check', 'fifu_confirm_delete_all', 'fifu_content', 'fifu_content_cpt', 'fifu_content_page', 'fifu_data_clean', 'fifu_decode', 'fifu_dynamic_alt', 'fifu_enable_default_url', 'fifu_fake', 'fifu_get_first', 'fifu_grid_category', 'fifu_hide_cpt', 'fifu_hide_page', 'fifu_hide_post', 'fifu_lazy', 'fifu_ovw_first', 'fifu_photon', 'fifu_pop_first', 'fifu_query_strings', 'fifu_reset', 'fifu_run_delete_all', 'fifu_social', 'fifu_social_image_only', 'fifu_wc_lbox', 'fifu_wc_zoom');
415
+ if (in_array($field, $arr_boolean)) {
416
+ if (in_array($value, array('on', 'off')))
417
+ update_option($field, 'toggle' . $value);
418
+ return;
419
  }
420
+
421
+ $arr_int = array('fifu_column_height', 'fifu_fake_created', 'fifu_spinner_db', 'fifu_spinner_nth');
422
+ if (in_array($field, $arr_int)) {
423
+ if (filter_var($value, FILTER_VALIDATE_INT))
424
+ update_option($field, $value);
425
+ return;
426
+ }
427
+
428
+ $arr_url = array('fifu_default_url');
429
+ if (in_array($field, $arr_url)) {
430
+ if (empty($value) || filter_var($value, FILTER_VALIDATE_URL))
431
+ update_option($field, esc_url_raw($value));
432
+ return;
433
+ }
434
+
435
+ $arr_text = array('fifu_default_cpt', 'fifu_skip');
436
+ if (in_array($field, $arr_text))
437
+ update_option($field, sanitize_text_field($value));
438
  }
439
 
440
  function fifu_enable_fake() {
admin/strings.php CHANGED
@@ -1852,7 +1852,7 @@ function fifu_get_strings_cloud() {
1852
  return _e("Pricing", FIFU_SLUG);
1853
  };
1854
  $fifu['title']['getting'] = function() {
1855
- return _e("Getting started (beta testers)", FIFU_SLUG);
1856
  };
1857
  $fifu['title']['signup'] = function() {
1858
  return _e("Sign up", FIFU_SLUG);
@@ -1958,9 +1958,6 @@ function fifu_get_strings_cloud() {
1958
  };
1959
 
1960
  // getting started
1961
- $fifu['getting']['beta'] = function() {
1962
- _e("Beta testers are going to be the ~100 first users to try FIFU Cloud. While they are using the service, we'll be monitoring the hardware usage and cloud costs generated. With this data, we'll be able to hire more or less cloud resources and offer fairer prices for everyone. If you'd like to become a beta tester, contact us at <b>cloud@fifu.app</b>");
1963
- };
1964
  $fifu['getting']['important'] = function() {
1965
  _e("Important");
1966
  };
@@ -1983,7 +1980,7 @@ function fifu_get_strings_cloud() {
1983
  _e("selected images");
1984
  };
1985
  $fifu['getting']['description'] = function() {
1986
- _e("in order to load the thumbnails in their best sizes, FIFU Settings > Performance > Lazy Load must be enabled, otherwise the images won't be displayed. If you have any issues or would like to suggest improvements, please contact us at the email address above. You'll receive priority support.");
1987
  };
1988
 
1989
  // pricing
1852
  return _e("Pricing", FIFU_SLUG);
1853
  };
1854
  $fifu['title']['getting'] = function() {
1855
+ return _e("Getting started", FIFU_SLUG);
1856
  };
1857
  $fifu['title']['signup'] = function() {
1858
  return _e("Sign up", FIFU_SLUG);
1958
  };
1959
 
1960
  // getting started
 
 
 
1961
  $fifu['getting']['important'] = function() {
1962
  _e("Important");
1963
  };
1980
  _e("selected images");
1981
  };
1982
  $fifu['getting']['description'] = function() {
1983
+ _e("in order to load the thumbnails in their best sizes, FIFU Settings > Performance > Lazy Load must be enabled, otherwise the images won't be displayed. If you have any issues or would like to suggest improvements, please contact us at <b>cloud@fifu.app</b>.");
1984
  };
1985
 
1986
  // pricing
featured-image-from-url.php CHANGED
@@ -4,7 +4,7 @@
4
  * Plugin Name: Featured Image from URL (FIFU)
5
  * Plugin URI: https://fifu.app/
6
  * Description: Use an external image/video as featured image/video of a post or WooCommerce product.
7
- * Version: 4.0.0
8
  * Author: fifu.app
9
  * Author URI: https://fifu.app/
10
  * WC requires at least: 4.0
4
  * Plugin Name: Featured Image from URL (FIFU)
5
  * Plugin URI: https://fifu.app/
6
  * Description: Use an external image/video as featured image/video of a post or WooCommerce product.
7
+ * Version: 4.0.1
8
  * Author: fifu.app
9
  * Author URI: https://fifu.app/
10
  * WC requires at least: 4.0
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://donorbox.org/fifu
4
  Tags: featured, image, url, video, woocommerce
5
  Requires at least: 5.3
6
  Tested up to: 6.0
7
- Stable tag: 4.0.0
8
  License: GPLv3
9
  License URI: https://www.gnu.org/licenses/gpl-3.0.html
10
 
@@ -12,7 +12,7 @@ Use an external image/video as featured image/video of a post or WooCommerce pro
12
 
13
  == Description ==
14
 
15
- ### WordPress plugin for external featured image
16
 
17
  Since 2015 FIFU has helped thousands of websites worldwide to save money on storage, processing and copyright.
18
 
@@ -123,7 +123,7 @@ Supports videos from YouTube, Vimeo, Imgur, 9GAG, Cloudinary, Tumblr, Publitio,
123
  * **[PRO]** fifu_dev_set_category_image($term_id, $image_url)
124
  * **[PRO]** fifu_dev_set_category_video($term_id, $video_url)
125
 
126
- #### FIFU CLOUD (COMING SOON)
127
 
128
  * Cloud storage (never lose an image again)
129
  * Global CDN (images loaded much faster)
@@ -255,20 +255,20 @@ Featured Image, Figurë e Zgjedhur, Image mise en avant, Uitgelichte afbeelding,
255
 
256
  == Changelog ==
257
 
 
 
 
258
  = 4.0.0 =
259
  * FIFU Cloud: available for beta testers; enhancement: security (prevents CSRF attack); enhancement: Play Button > hide from grid (WordPress/WooCommerce); enhancement: Mute (desktop/mobile); deprecated: Related Videos.
260
 
261
  = 3.9.9 =
262
  * Fix: URLs with apostrophe character not working; fix: Lazy Load (conflict with Flickr Album Gallery plugin); deprecated: Giphy Search.
263
 
264
- = 3.9.8 =
265
- * New option: Featured Slider > vertical mode; enhancement: Save in the Media Library > proxy (supports username and password now); fix: Automatic Updates (DB operation making the process slow); deprecated: Flickr Thumbnails (by CDN + Optimized Thumbnails).
266
-
267
  = others =
268
  * [more](https://fifu.app/changelog)
269
 
270
 
271
  == Upgrade Notice ==
272
 
273
- = 4.0.0 =
274
- * FIFU Cloud: available for beta testers; enhancement: security (prevents CSRF attack); enhancement: Play Button > hide from grid (WordPress/WooCommerce); enhancement: Mute (desktop/mobile); deprecated: Related Videos.
4
  Tags: featured, image, url, video, woocommerce
5
  Requires at least: 5.3
6
  Tested up to: 6.0
7
+ Stable tag: 4.0.1
8
  License: GPLv3
9
  License URI: https://www.gnu.org/licenses/gpl-3.0.html
10
 
12
 
13
  == Description ==
14
 
15
+ ### WordPress plugin for external featured images, videos and more
16
 
17
  Since 2015 FIFU has helped thousands of websites worldwide to save money on storage, processing and copyright.
18
 
123
  * **[PRO]** fifu_dev_set_category_image($term_id, $image_url)
124
  * **[PRO]** fifu_dev_set_category_video($term_id, $video_url)
125
 
126
+ #### FIFU CLOUD (beta)
127
 
128
  * Cloud storage (never lose an image again)
129
  * Global CDN (images loaded much faster)
255
 
256
  == Changelog ==
257
 
258
+ = 4.0.1 =
259
+ * Enhancement: security (validation, sanitization and escaping of option values).
260
+
261
  = 4.0.0 =
262
  * FIFU Cloud: available for beta testers; enhancement: security (prevents CSRF attack); enhancement: Play Button > hide from grid (WordPress/WooCommerce); enhancement: Mute (desktop/mobile); deprecated: Related Videos.
263
 
264
  = 3.9.9 =
265
  * Fix: URLs with apostrophe character not working; fix: Lazy Load (conflict with Flickr Album Gallery plugin); deprecated: Giphy Search.
266
 
 
 
 
267
  = others =
268
  * [more](https://fifu.app/changelog)
269
 
270
 
271
  == Upgrade Notice ==
272
 
273
+ = 4.0.1 =
274
+ * Enhancement: security (validation, sanitization and escaping of option values).