Instagram Feed - Version 1.4.7

Version Description

Fix: Fixed a security vulnerability
Tested with upcoming WordPress 4.6 update

Release Info

Developer	smashballoon
Plugin	Instagram Feed
Version	1.4.7
Comparing to
See all releases

Code changes from version 1.4.6.2 to 1.4.7

Files changed (3) hide show

README.txt +7 -3
instagram-feed-admin.php +128 -95
instagram-feed.php +3 -2

README.txt CHANGED Viewed

	@@ -1,9 +1,9 @@
1	=== Instagram Feed ===
2	Contributors: smashballoon
3	- Tags: Instagram, Instagram feed, Instagram photos, ~~Instagram plugin, Instagram stream,~~ Custom Instagram Feed, responsive Instagram, mobile Instagram, Instagram ~~posts, Instagram~~ wall, Instagram ~~account, Instagram~~ gallery, Instagram photo, Instagram post, Instagram share, Instagram customized, Instagrams, Instagram feeds, Instagram plugins, Instagram responsive, Instagram mobile feed, Instagram accounts, public Instagram feed, Instagram photography, Instagram galleries, ~~multiple~~ Instagram, ~~Instagram~~ widget, ~~Instagram clean,~~ beautiful Instagram~~, custom Instagram design~~
4	Requires at least: 3.0
5	- Tested up to: 4.~~5.3~~
6	- Stable tag: 1.4.~~6.2~~
7	License: GPLv2 or later
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
	@@ -562,6 +562,10 @@ No Waiver of Rights by Instagram: Instagram's failure to exercise or enforce any
562
563	== Changelog ==
564




565	= 1.4.6.2 =
566	* Fix: Removed a comment from the plugin's JavaScript file which was causing an issue with some optimization plugins, such as Autoptimize.
567


1	=== Instagram Feed ===
2	Contributors: smashballoon
3	+ Tags: Instagram, Instagram feed, Instagram photos, Custom Instagram Feed, responsive Instagram, mobile Instagram, Instagram wall, Instagram gallery, Instagram galleries, Instagram widget, beautiful Instagram
4	Requires at least: 3.0
5	+ Tested up to: 4.6
6	+ Stable tag: 1.4.7
7	License: GPLv2 or later
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9

562
563	== Changelog ==
564
565	+ = 1.4.7 =
566	+ * Fix: Fixed a security vulnerability
567	+ * Tested with upcoming WordPress 4.6 update
568	+
569	= 1.4.6.2 =
570	* Fix: Removed a comment from the plugin's JavaScript file which was causing an issue with some optimization plugins, such as Autoptimize.
571

instagram-feed-admin.php CHANGED Viewed

	@@ -1,4 +1,5 @@
1	<?php

2
3	function sb_instagram_menu() {
4	add_menu_page(
	@@ -101,92 +102,123 @@ function sb_instagram_settings_page() {
101	$sb_instagram_custom_js = $options[ 'sb_instagram_custom_js' ];
102	$sb_instagram_disable_awesome = $options[ 'sb_instagram_disable_awesome' ];
103
104	- ~~// See if the user has posted us some information. If they did, this hidden field will be set to 'Y'.~~
105	- ~~if(~~ ~~isset($_POST[~~ ~~$sb_instagram_settings_hidden_field~~ ]) ~~&& $_POST[ $sb_instagram_settings_hidden_field ] == 'Y' ) {~~
106	-
107	- ~~if(~~ ~~isset($_POST[~~ ~~$sb_instagram_configure_hidden_field~~ ~~]) && $_POST[ $sb_instagram_configure_hidden_field ] == 'Y' ) {~~
108	- ~~$sb_instagram_at~~ = ~~$_POST[ 'sb_instagram_at' ];~~
109	- ~~$sb_instagram_user_id~~ = ~~$_POST[~~ '~~sb_instagram_user_id~~' ];
110	- isset($_POST[ ~~'sb_instagram_preserve_settings'~~ ]) ? $~~sb_instagram_preserve_settings = $~~_POST[ ~~'sb_instagram_preserve_settings'~~ ] : ~~$sb_instagram_preserve_settings~~ = ~~'';~~
111	- ~~isset($_POST[ 'sb_instagram_ajax_theme' ]) ? $sb_instagram_ajax_theme = $_POST[ 'sb_instagram_ajax_theme' ] : $sb_instagram_ajax_theme = '';~~
112	-
113	- ~~$options[ 'sb_instagram_at' ] = $sb_instagram_at;~~
114	- $~~options~~[ '~~sb_instagram_user_id~~' ] ~~= $sb_instagram_user_id~~;
115	- $~~options~~[ '~~sb_instagram_preserve_settings~~' ] ~~= $sb_instagram_preserve_settings~~;
116	- ~~$options[ 'sb_instagram_ajax_theme' ] = $sb_instagram_ajax_theme;~~
117	- } ~~//End~~ ~~config~~ ~~tab~~ ~~post~~
118	-
119	- ~~if( isset($_POST[ $sb_instagram_customize_hidden_field ]) && $_POST[ $sb_instagram_customize_hidden_field ] == 'Y' ) {~~
120	- $~~sb_instagram_width = $_POST~~[ '~~sb_instagram_width~~' ];
121	- $~~sb_instagram_width_unit = $_POST~~[ '~~sb_instagram_width_unit~~' ];
122	- ~~isset(~~$~~_POST~~[ '~~sb_instagram_feed_width_resp~~' ]) ~~? $sb_instagram_feed_width_resp~~ = $~~_POST[ 'sb_instagram_feed_width_resp' ] : $sb_instagram_feed_width_resp = ''~~;
123	-
124	- ~~$sb_instagram_height~~ = ~~$_POST[~~ ~~'sb_instagram_height'~~ ];
125	- ~~$sb_instagram_height_unit = $_POST[ 'sb_instagram_height_unit' ];~~
126	- $~~sb_instagram_num~~ = $_POST[ '~~sb_instagram_num~~' ];
127	- ~~$sb_instagram_cols = $_POST[ 'sb_instagram_cols' ];~~
128	- ~~isset($_POST[~~ ~~'sb_instagram_disable_mobile'~~ ]) ? ~~$sb_instagram_disable_mobile = $_POST[ 'sb_instagram_disable_mobile' ] : $sb_instagram_disable_mobile = '';~~
129	-
130	- $~~sb_instagram_image_padding~~ = $~~_POST[~~ '~~sb_instagram_image_padding~~' ];
131	- $~~sb_instagram_image_padding_unit~~ = $~~_POST[~~ ~~'sb_instagram_image_padding_unit'~~ ];
132	- $~~sb_instagram_sort~~ = $~~_POST[ 'sb_instagram_sort' ]~~;
133	- ~~$sb_instagram_background = $_POST[ 'sb_instagram_background' ];~~
134	- ~~isset(~~$~~_POST[~~ ~~'sb_instagram_show_btn'~~ ]) ? $~~sb_instagram_show_btn = $~~_POST[ '~~sb_instagram_show_btn~~' ] ~~: $sb_instagram_show_btn = ''~~;
135	- $~~sb_instagram_btn_background~~ = $_POST[ '~~sb_instagram_btn_background~~' ];
136	- ~~$sb_instagram_btn_text_color = $_POST[ 'sb_instagram_btn_text_color' ];~~
137	- ~~$sb_instagram_btn_text~~ = ~~$_POST[~~ ~~'sb_instagram_btn_text'~~ ];
138	- $~~sb_instagram_image_res~~ = $_POST[ '~~sb_instagram_image_res~~' ];
139	- ~~//Header~~
140	- ~~isset~~($~~_POST[~~ ~~'sb_instagram_show_header' ]~~) ? ~~$sb_instagram_show_header~~ = $~~_POST[~~ ~~'sb_instagram_show_header'~~ ] : $~~sb_instagram_show_header~~ = '';
141	- $~~sb_instagram_header_color~~ = $~~_POST[ 'sb_instagram_header_color' ]~~;
142	- ~~//Follow button~~
143	- ~~isset(~~$~~_POST[~~ ~~'sb_instagram_show_follow_btn'~~ ]) ? $~~sb_instagram_show_follow_btn = $~~_POST[ '~~sb_instagram_show_follow_btn~~' ] ~~: $sb_instagram_show_follow_btn = ''~~;
144	- ~~$sb_instagram_folow_btn_background = $_POST[ 'sb_instagram_folow_btn_background' ];~~
145	- ~~$sb_instagram_follow_btn_text_color~~ = ~~$_POST[~~ ~~'sb_instagram_follow_btn_text_color'~~ ];
146	- $~~sb_instagram_follow_btn_text~~ = $_POST[ '~~sb_instagram_follow_btn_text~~' ];
147	- ~~//Misc~~
148	- $~~sb_instagram_custom_css~~ = $~~_POST[~~ ~~'sb_instagram_custom_css'~~ ];
149	- $~~sb_instagram_custom_js~~ = $~~_POST[ 'sb_instagram_custom_js' ]~~;
150	- ~~isset($_POST[ 'sb_instagram_disable_awesome' ]) ? $sb_instagram_disable_awesome = $_POST[ 'sb_instagram_disable_awesome' ] : $sb_instagram_disable_awesome = '';~~
151	-
152	- $~~options~~[ '~~sb_instagram_width~~' ] = $~~sb_instagram_width~~;
153	- ~~$options[ 'sb_instagram_width_unit' ] = $sb_instagram_width_unit;~~
154	- ~~$options[~~ ~~'sb_instagram_feed_width_resp'~~ ] = ~~$sb_instagram_feed_width_resp;~~
155	- $~~options~~[ '~~sb_instagram_height~~' ] = ~~$sb_instagram_height~~;
156	- $~~options[~~ ~~'sb_instagram_height_unit'~~ ] = ~~$sb_instagram_height_unit~~;
157	- $~~options[~~ ~~'sb_instagram_num'~~ ] = $~~sb_instagram_num~~;
158	- $~~options[~~ ~~'sb_instagram_cols' ]~~ = $~~sb_instagram_cols~~;
159	- ~~$options[ 'sb_instagram_disable_mobile' ] = $sb_instagram_disable_mobile;~~
160	- $~~options~~[ '~~sb_instagram_image_padding~~' ] ~~= $sb_instagram_image_padding~~;
161	- $~~options~~[ '~~sb_instagram_image_padding_unit~~' ] ~~= $sb_instagram_image_padding_unit~~;
162	- $~~options~~[ '~~sb_instagram_sort~~' ] ~~= $sb_instagram_sort~~;
163	- $~~options~~[ '~~sb_instagram_background~~' ] = $~~sb_instagram_background~~;
164	- $~~options~~[ '~~sb_instagram_show_btn~~' ] ~~= $sb_instagram_show_btn~~;
165	- $~~options~~[ '~~sb_instagram_btn_background~~' ] ~~= $sb_instagram_btn_background~~;
166	- $~~options~~[ '~~sb_instagram_btn_text_color~~' ] ~~= $sb_instagram_btn_text_color~~;
167	- $~~options~~[ '~~sb_instagram_btn_text~~' ] ~~= $sb_instagram_btn_text~~;
168	- ~~$options[ 'sb_instagram_image_res' ] = $sb_instagram_image_res;~~
169	- ~~//Header~~
170	- $~~options~~[ '~~sb_instagram_show_header~~' ] ~~= $sb_instagram_show_header~~;
171	- ~~$options[~~ ~~'sb_instagram_header_color' ] = $sb_instagram_header_color;~~
172	- ~~//Follow~~ ~~button~~
173	- $~~options~~[ '~~sb_instagram_show_follow_btn~~' ] ~~= $sb_instagram_show_follow_btn~~;
174	- $~~options~~[ '~~sb_instagram_folow_btn_background~~' ] ~~= $sb_instagram_folow_btn_background~~;
175	- $~~options~~[ '~~sb_instagram_follow_btn_text_color~~' ] ~~= $sb_instagram_follow_btn_text_color~~;
176	- ~~$options[ 'sb_instagram_follow_btn_text' ] = $sb_instagram_follow_btn_text;~~
177	- ~~//Misc~~
178	- $~~options~~[ '~~sb_instagram_custom_css~~' ] ~~= $sb_instagram_custom_css~~;
179	- $~~options~~[ '~~sb_instagram_custom_js~~' ] = $~~sb_instagram_custom_js~~;
180	- ~~$options[ 'sb_instagram_disable_awesome' ] = $sb_instagram_disable_awesome;~~































181
182	- } //~~End~~ ~~customize~~ ~~tab~~ ~~post~~
183	-
184	- ~~//Save the settings to the settings array~~
185	- ~~update_option( 'sb_instagram_settings', $options );~~


186
187	- ?>
188	- <div class="updated"><p><strong><?php _e('Settings saved.', 'instagram-feed' ); ?></strong></p></div>
189	- <?php } ?>
190
191
192	<div id="sbi_admin" class="wrap">
	@@ -197,6 +229,7 @@ function sb_instagram_settings_page() {
197
198	<form name="form1" method="post" action="">
199	<input type="hidden" name="<?php echo $sb_instagram_settings_hidden_field; ?>" value="Y">

200
201	<?php $sbi_active_tab = isset( $_GET[ 'tab' ] ) ? $_GET[ 'tab' ] : 'configure'; ?>
202	<h2 class="nav-tab-wrapper">
	@@ -222,7 +255,7 @@ function sb_instagram_settings_page() {
222	<tr valign="top">
223	<th scope="row"><label><?php _e('Access Token', 'instagram-feed'); ?></label></th>
224	<td>
225	- <input name="sb_instagram_at" id="sb_instagram_at" type="text" value="<?php esc_attr_e( $sb_instagram_at, 'instagram-feed' ); ?>" size="60" placeholder="Click button above to get your Access Token" />
226	<a class="sbi_tooltip_link" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>
227	<p class="sbi_tooltip"><?php _e("In order to display your photos you need an Access Token from Instagram. To get yours, simply click the button above and log into Instagram. You can also use the button on <a href='https://smashballoon.com/instagram-feed/token/' target='_blank'>this page</a>.", 'instagram-feed'); ?></p>
228	</td>
	@@ -332,7 +365,7 @@ function sb_instagram_settings_page() {
332	<th scope="row"><label><?php _e('Width of Feed', 'instagram-feed'); ?></label><code class="sbi_shortcode"> width widthunit
333	Eg: width=50 widthunit=%</code></th>
334	<td>
335	- <input name="sb_instagram_width" type="text" value="<?php esc_attr_e( $sb_instagram_width, 'instagram-feed' ); ?>" id="sb_instagram_width" size="4" />
336	<select name="sb_instagram_width_unit" id="sb_instagram_width_unit">
337	<option value="px" <?php if($sb_instagram_width_unit == "px") echo 'selected="selected"' ?> ><?php _e('px', 'instagram-feed'); ?></option>
338	<option value="%" <?php if($sb_instagram_width_unit == "%") echo 'selected="selected"' ?> ><?php _e('%', 'instagram-feed'); ?></option>
	@@ -348,7 +381,7 @@ function sb_instagram_settings_page() {
348	<th scope="row"><label><?php _e('Height of Feed', 'instagram-feed'); ?></label><code class="sbi_shortcode"> height heightunit
349	Eg: height=500 heightunit=px</code></th>
350	<td>
351	- <input name="sb_instagram_height" type="text" value="<?php esc_attr_e( $sb_instagram_height, 'instagram-feed' ); ?>" size="4" />
352	<select name="sb_instagram_height_unit">
353	<option value="px" <?php if($sb_instagram_height_unit == "px") echo 'selected="selected"' ?> ><?php _e('px', 'instagram-feed'); ?></option>
354	<option value="%" <?php if($sb_instagram_height_unit == "%") echo 'selected="selected"' ?> ><?php _e('%', 'instagram-feed'); ?></option>
	@@ -396,7 +429,7 @@ function sb_instagram_settings_page() {
396	<th scope="row"><label><?php _e('Number of Photos', 'instagram-feed'); ?></label><code class="sbi_shortcode"> num
397	Eg: num=6</code></th>
398	<td>
399	- <input name="sb_instagram_num" type="text" value="<?php esc_attr_e( $sb_instagram_num, 'instagram-feed' ); ?>" size="4" />
400	<span class="sbi_note"><?php _e('Number of photos to show initially. Maximum of 33.', 'instagram-feed'); ?></span>
401	<a class="sbi_tooltip_link" href="JavaScript:void(0);"><?php _e("Using multiple IDs or hashtags?", 'instagram-feed'); ?></a>
402	<p class="sbi_tooltip"><?php _e("If you're displaying photos from multiple User IDs or hashtags then this is the number of photos which will be displayed from each.", 'instagram-feed'); ?></p>
	@@ -442,7 +475,7 @@ function sb_instagram_settings_page() {
442	<tr valign="top">
443	<th scope="row"><label><?php _e('Padding around Images', 'instagram-feed'); ?></label><code class="sbi_shortcode"> imagepadding imagepaddingunit</code></th>
444	<td>
445	- <input name="sb_instagram_image_padding" type="text" value="<?php esc_attr_e( $sb_instagram_image_padding, 'instagram-feed' ); ?>" size="4" />
446	<select name="sb_instagram_image_padding_unit">
447	<option value="px" <?php if($sb_instagram_image_padding_unit == "px") echo 'selected="selected"' ?> ><?php _e('px', 'instagram-feed'); ?></option>
448	<option value="%" <?php if($sb_instagram_image_padding_unit == "%") echo 'selected="selected"' ?> ><?php _e('%', 'instagram-feed'); ?></option>
	@@ -590,7 +623,7 @@ function sb_instagram_settings_page() {
590	<tr valign="top" class="sbi_pro">
591	<th scope="row"><label><?php _e('Remove photos containing these words or hashtags', 'instagram-feed'); ?></label></th>
592	<td>
593	- <input name="sb_instagram_exclude_words" id="sb_instagram_exclude_words" type="text" style="width: 70%;" value="" />
594	<br />
595	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate words/hashtags using commas', 'instagram-feed'); ?></span>
596	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>
	@@ -601,7 +634,7 @@ function sb_instagram_settings_page() {
601	<tr valign="top" class="sbi_pro">
602	<th scope="row"><label><?php _e('Show photos containing these words or hashtags', 'instagram-feed'); ?></label></th>
603	<td>
604	- <input name="sb_instagram_include_words" id="sb_instagram_include_words" type="text" style="width: 70%;" value="" />
605	<br />
606	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate words/hashtags using commas', 'instagram-feed'); ?></span>
607	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>
	@@ -620,7 +653,7 @@ function sb_instagram_settings_page() {
620	<tr valign="top" class="sbi_pro">
621	<th scope="row"><label><?php _e('Hide specific photos', 'instagram-feed'); ?></label></th>
622	<td>
623	- <textarea name="sb_instagram_hide_photos" id="sb_instagram_hide_photos" style="width: 70%;" rows="3"></textarea>
624	<br />
625	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate IDs using commas', 'instagram-feed'); ?></span>
626	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>
	@@ -631,7 +664,7 @@ function sb_instagram_settings_page() {
631	<tr valign="top" class="sbi_pro">
632	<th scope="row"><label><?php _e('Block users', 'instagram-feed'); ?></label></th>
633	<td>
634	- <input name="sb_instagram_block_users" id="sb_instagram_block_users" type="text" style="width: 70%;" value="" />
635	<br />
636	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate usernames using commas', 'instagram-feed'); ?></span>
637	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>
	@@ -657,7 +690,7 @@ function sb_instagram_settings_page() {
657	</tr>
658	<tr valign="top">
659	<td>
660	- <textarea name="sb_instagram_custom_css" id="sb_instagram_custom_css" style="width: 70%;" rows="7"><?php ~~esc_attr_e~~( stripslashes($sb_instagram_custom_css), 'instagram-feed' ); ?></textarea>
661	</td>
662	</tr>
663	<tr valign="top" id="customjs">
	@@ -667,7 +700,7 @@ function sb_instagram_settings_page() {
667	</tr>
668	<tr valign="top">
669	<td>
670	- <textarea name="sb_instagram_custom_js" id="sb_instagram_custom_js" style="width: 70%;" rows="7"><?php ~~esc_attr_e~~( stripslashes($sb_instagram_custom_js), 'instagram-feed' ); ?></textarea>
671	</td>
672	</tr>
673	</tbody>


1	<?php
2	+ if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
3
4	function sb_instagram_menu() {
5	add_menu_page(

102	$sb_instagram_custom_js = $options[ 'sb_instagram_custom_js' ];
103	$sb_instagram_disable_awesome = $options[ 'sb_instagram_disable_awesome' ];
104
105	+
106	+ //Check nonce before saving data
107	+ if ( ! isset( $_POST['sb_instagram_settings_nonce'] ) \|\| ! wp_verify_nonce( $_POST['sb_instagram_settings_nonce'], 'sb_instagram_saving_settings' ) ) {
108	+ //Nonce did not verify
109	+ } else {
110	+ // See if the user has posted us some information. If they did, this hidden field will be set to 'Y'.
111	+ if( isset($_POST[ $sb_instagram_settings_hidden_field ]) && $_POST[ $sb_instagram_settings_hidden_field ] == 'Y' ) {
112	+
113	+ if( isset($_POST[ $sb_instagram_configure_hidden_field ]) && $_POST[ $sb_instagram_configure_hidden_field ] == 'Y' ) {
114	+
115	+ $sb_instagram_at = sanitize_text_field( $_POST[ 'sb_instagram_at' ] );
116	+ $sb_instagram_user_id = sanitize_text_field( $_POST[ 'sb_instagram_user_id' ] );
117	+
118	+ isset($_POST[ 'sb_instagram_preserve_settings' ]) ? $sb_instagram_preserve_settings = sanitize_text_field( $_POST[ 'sb_instagram_preserve_settings' ] ) : $sb_instagram_preserve_settings = '';
119	+ isset($_POST[ 'sb_instagram_ajax_theme' ]) ? $sb_instagram_ajax_theme = sanitize_text_field( $_POST[ 'sb_instagram_ajax_theme' ] ) : $sb_instagram_ajax_theme = '';
120	+
121	+ $options[ 'sb_instagram_at' ] = $sb_instagram_at;
122	+ $options[ 'sb_instagram_user_id' ] = $sb_instagram_user_id;
123	+ $options[ 'sb_instagram_preserve_settings' ] = $sb_instagram_preserve_settings;
124	+ $options[ 'sb_instagram_ajax_theme' ] = $sb_instagram_ajax_theme;
125	+ } //End config tab post
126	+
127	+ if( isset($_POST[ $sb_instagram_customize_hidden_field ]) && $_POST[ $sb_instagram_customize_hidden_field ] == 'Y' ) {
128	+
129	+ //Validate and sanitize width field
130	+ $safe_width = intval( sanitize_text_field( $_POST['sb_instagram_width'] ) );
131	+ if ( ! $safe_width ) $safe_width = '';
132	+ if ( strlen( $safe_width ) > 4 ) $safe_width = substr( $safe_width, 0, 4 );
133	+ $sb_instagram_width = $safe_width;
134	+
135	+ $sb_instagram_width_unit = sanitize_text_field( $_POST[ 'sb_instagram_width_unit' ] );
136	+ isset($_POST[ 'sb_instagram_feed_width_resp' ]) ? $sb_instagram_feed_width_resp = sanitize_text_field( $_POST[ 'sb_instagram_feed_width_resp' ] ) : $sb_instagram_feed_width_resp = '';
137	+
138	+ //Validate and sanitize height field
139	+ $safe_height = intval( sanitize_text_field( $_POST['sb_instagram_height'] ) );
140	+ if ( ! $safe_height ) $safe_height = '';
141	+ if ( strlen( $safe_height ) > 4 ) $safe_height = substr( $safe_height, 0, 4 );
142	+ $sb_instagram_height = $safe_height;
143	+
144	+ $sb_instagram_height_unit = sanitize_text_field( $_POST[ 'sb_instagram_height_unit' ] );
145	+
146	+ //Validate and sanitize number of photos field
147	+ $safe_num = intval( sanitize_text_field( $_POST['sb_instagram_num'] ) );
148	+ if ( ! $safe_num ) $safe_num = '';
149	+ if ( strlen( $safe_num ) > 4 ) $safe_num = substr( $safe_num, 0, 4 );
150	+ $sb_instagram_num = $safe_num;
151	+
152	+ $sb_instagram_cols = sanitize_text_field( $_POST[ 'sb_instagram_cols' ] );
153	+ isset($_POST[ 'sb_instagram_disable_mobile' ]) ? $sb_instagram_disable_mobile = sanitize_text_field( $_POST[ 'sb_instagram_disable_mobile' ] ) : $sb_instagram_disable_mobile = '';
154	+
155	+ //Validate and sanitize padding field
156	+ $safe_padding = intval( sanitize_text_field( $_POST['sb_instagram_image_padding'] ) );
157	+ if ( ! $safe_padding ) $safe_padding = '';
158	+ if ( strlen( $safe_padding ) > 4 ) $safe_padding = substr( $safe_padding, 0, 4 );
159	+ $sb_instagram_image_padding = $safe_padding;
160	+
161	+ $sb_instagram_image_padding_unit = sanitize_text_field( $_POST[ 'sb_instagram_image_padding_unit' ] );
162	+ $sb_instagram_sort = sanitize_text_field( $_POST[ 'sb_instagram_sort' ] );
163	+ $sb_instagram_background = sanitize_text_field( $_POST[ 'sb_instagram_background' ] );
164	+ isset($_POST[ 'sb_instagram_show_btn' ]) ? $sb_instagram_show_btn = sanitize_text_field( $_POST[ 'sb_instagram_show_btn' ] ) : $sb_instagram_show_btn = '';
165	+ $sb_instagram_btn_background = sanitize_text_field( $_POST[ 'sb_instagram_btn_background' ] );
166	+ $sb_instagram_btn_text_color = sanitize_text_field( $_POST[ 'sb_instagram_btn_text_color' ] );
167	+ $sb_instagram_btn_text = sanitize_text_field( $_POST[ 'sb_instagram_btn_text' ] );
168	+ $sb_instagram_image_res = sanitize_text_field( $_POST[ 'sb_instagram_image_res' ] );
169	+ //Header
170	+ isset($_POST[ 'sb_instagram_show_header' ]) ? $sb_instagram_show_header = sanitize_text_field( $_POST[ 'sb_instagram_show_header' ] ) : $sb_instagram_show_header = '';
171	+ $sb_instagram_header_color = sanitize_text_field( $_POST[ 'sb_instagram_header_color' ] );
172	+ //Follow button
173	+ isset($_POST[ 'sb_instagram_show_follow_btn' ]) ? $sb_instagram_show_follow_btn = sanitize_text_field( $_POST[ 'sb_instagram_show_follow_btn' ] ) : $sb_instagram_show_follow_btn = '';
174	+ $sb_instagram_folow_btn_background = sanitize_text_field( $_POST[ 'sb_instagram_folow_btn_background' ] );
175	+ $sb_instagram_follow_btn_text_color = sanitize_text_field( $_POST[ 'sb_instagram_follow_btn_text_color' ] );
176	+ $sb_instagram_follow_btn_text = sanitize_text_field( $_POST[ 'sb_instagram_follow_btn_text' ] );
177	+ //Misc
178	+ $sb_instagram_custom_css = $_POST[ 'sb_instagram_custom_css' ];
179	+ $sb_instagram_custom_js = $_POST[ 'sb_instagram_custom_js' ];
180	+ isset($_POST[ 'sb_instagram_disable_awesome' ]) ? $sb_instagram_disable_awesome = sanitize_text_field( $_POST[ 'sb_instagram_disable_awesome' ] ) : $sb_instagram_disable_awesome = '';
181	+
182	+ $options[ 'sb_instagram_width' ] = $sb_instagram_width;
183	+ $options[ 'sb_instagram_width_unit' ] = $sb_instagram_width_unit;
184	+ $options[ 'sb_instagram_feed_width_resp' ] = $sb_instagram_feed_width_resp;
185	+ $options[ 'sb_instagram_height' ] = $sb_instagram_height;
186	+ $options[ 'sb_instagram_height_unit' ] = $sb_instagram_height_unit;
187	+ $options[ 'sb_instagram_num' ] = $sb_instagram_num;
188	+ $options[ 'sb_instagram_cols' ] = $sb_instagram_cols;
189	+ $options[ 'sb_instagram_disable_mobile' ] = $sb_instagram_disable_mobile;
190	+ $options[ 'sb_instagram_image_padding' ] = $sb_instagram_image_padding;
191	+ $options[ 'sb_instagram_image_padding_unit' ] = $sb_instagram_image_padding_unit;
192	+ $options[ 'sb_instagram_sort' ] = $sb_instagram_sort;
193	+ $options[ 'sb_instagram_background' ] = $sb_instagram_background;
194	+ $options[ 'sb_instagram_show_btn' ] = $sb_instagram_show_btn;
195	+ $options[ 'sb_instagram_btn_background' ] = $sb_instagram_btn_background;
196	+ $options[ 'sb_instagram_btn_text_color' ] = $sb_instagram_btn_text_color;
197	+ $options[ 'sb_instagram_btn_text' ] = $sb_instagram_btn_text;
198	+ $options[ 'sb_instagram_image_res' ] = $sb_instagram_image_res;
199	+ //Header
200	+ $options[ 'sb_instagram_show_header' ] = $sb_instagram_show_header;
201	+ $options[ 'sb_instagram_header_color' ] = $sb_instagram_header_color;
202	+ //Follow button
203	+ $options[ 'sb_instagram_show_follow_btn' ] = $sb_instagram_show_follow_btn;
204	+ $options[ 'sb_instagram_folow_btn_background' ] = $sb_instagram_folow_btn_background;
205	+ $options[ 'sb_instagram_follow_btn_text_color' ] = $sb_instagram_follow_btn_text_color;
206	+ $options[ 'sb_instagram_follow_btn_text' ] = $sb_instagram_follow_btn_text;
207	+ //Misc
208	+ $options[ 'sb_instagram_custom_css' ] = $sb_instagram_custom_css;
209	+ $options[ 'sb_instagram_custom_js' ] = $sb_instagram_custom_js;
210	+ $options[ 'sb_instagram_disable_awesome' ] = $sb_instagram_disable_awesome;
211	+
212	+ } //End customize tab post
213
214	+ //Save the settings to the settings array
215	+ update_option( 'sb_instagram_settings', $options );
216	+
217	+ ?>
218	+ <div class="updated"><p><strong><?php _e('Settings saved.', 'instagram-feed' ); ?></strong></p></div>
219	+ <?php } ?>
220
221	+ <?php } //End nonce check ?>


222
223
224	<div id="sbi_admin" class="wrap">

229
230	<form name="form1" method="post" action="">
231	<input type="hidden" name="<?php echo $sb_instagram_settings_hidden_field; ?>" value="Y">
232	+ <?php wp_nonce_field( 'sb_instagram_saving_settings', 'sb_instagram_settings_nonce' ); ?>
233
234	<?php $sbi_active_tab = isset( $_GET[ 'tab' ] ) ? $_GET[ 'tab' ] : 'configure'; ?>
235	<h2 class="nav-tab-wrapper">

255	<tr valign="top">
256	<th scope="row"><label><?php _e('Access Token', 'instagram-feed'); ?></label></th>
257	<td>
258	+ <input name="sb_instagram_at" id="sb_instagram_at" type="text" value="<?php esc_attr_e( $sb_instagram_at, 'instagram-feed' ); ?>" size="60" maxlength="60" placeholder="Click button above to get your Access Token" />
259	<a class="sbi_tooltip_link" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>
260	<p class="sbi_tooltip"><?php _e("In order to display your photos you need an Access Token from Instagram. To get yours, simply click the button above and log into Instagram. You can also use the button on <a href='https://smashballoon.com/instagram-feed/token/' target='_blank'>this page</a>.", 'instagram-feed'); ?></p>
261	</td>

365	<th scope="row"><label><?php _e('Width of Feed', 'instagram-feed'); ?></label><code class="sbi_shortcode"> width widthunit
366	Eg: width=50 widthunit=%</code></th>
367	<td>
368	+ <input name="sb_instagram_width" type="text" value="<?php esc_attr_e( $sb_instagram_width, 'instagram-feed' ); ?>" id="sb_instagram_width" size="4" maxlength="4" />
369	<select name="sb_instagram_width_unit" id="sb_instagram_width_unit">
370	<option value="px" <?php if($sb_instagram_width_unit == "px") echo 'selected="selected"' ?> ><?php _e('px', 'instagram-feed'); ?></option>
371	<option value="%" <?php if($sb_instagram_width_unit == "%") echo 'selected="selected"' ?> ><?php _e('%', 'instagram-feed'); ?></option>

381	<th scope="row"><label><?php _e('Height of Feed', 'instagram-feed'); ?></label><code class="sbi_shortcode"> height heightunit
382	Eg: height=500 heightunit=px</code></th>
383	<td>
384	+ <input name="sb_instagram_height" type="text" value="<?php esc_attr_e( $sb_instagram_height, 'instagram-feed' ); ?>" size="4" maxlength="4" />
385	<select name="sb_instagram_height_unit">
386	<option value="px" <?php if($sb_instagram_height_unit == "px") echo 'selected="selected"' ?> ><?php _e('px', 'instagram-feed'); ?></option>
387	<option value="%" <?php if($sb_instagram_height_unit == "%") echo 'selected="selected"' ?> ><?php _e('%', 'instagram-feed'); ?></option>

429	<th scope="row"><label><?php _e('Number of Photos', 'instagram-feed'); ?></label><code class="sbi_shortcode"> num
430	Eg: num=6</code></th>
431	<td>
432	+ <input name="sb_instagram_num" type="text" value="<?php esc_attr_e( $sb_instagram_num, 'instagram-feed' ); ?>" size="4" maxlength="4" />
433	<span class="sbi_note"><?php _e('Number of photos to show initially. Maximum of 33.', 'instagram-feed'); ?></span>
434	<a class="sbi_tooltip_link" href="JavaScript:void(0);"><?php _e("Using multiple IDs or hashtags?", 'instagram-feed'); ?></a>
435	<p class="sbi_tooltip"><?php _e("If you're displaying photos from multiple User IDs or hashtags then this is the number of photos which will be displayed from each.", 'instagram-feed'); ?></p>

475	<tr valign="top">
476	<th scope="row"><label><?php _e('Padding around Images', 'instagram-feed'); ?></label><code class="sbi_shortcode"> imagepadding imagepaddingunit</code></th>
477	<td>
478	+ <input name="sb_instagram_image_padding" type="text" value="<?php esc_attr_e( $sb_instagram_image_padding, 'instagram-feed' ); ?>" size="4" maxlength="4" />
479	<select name="sb_instagram_image_padding_unit">
480	<option value="px" <?php if($sb_instagram_image_padding_unit == "px") echo 'selected="selected"' ?> ><?php _e('px', 'instagram-feed'); ?></option>
481	<option value="%" <?php if($sb_instagram_image_padding_unit == "%") echo 'selected="selected"' ?> ><?php _e('%', 'instagram-feed'); ?></option>

623	<tr valign="top" class="sbi_pro">
624	<th scope="row"><label><?php _e('Remove photos containing these words or hashtags', 'instagram-feed'); ?></label></th>
625	<td>
626	+ <input disabled name="sb_instagram_exclude_words" id="sb_instagram_exclude_words" type="text" style="width: 70%;" value="" />
627	<br />
628	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate words/hashtags using commas', 'instagram-feed'); ?></span>
629	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>

634	<tr valign="top" class="sbi_pro">
635	<th scope="row"><label><?php _e('Show photos containing these words or hashtags', 'instagram-feed'); ?></label></th>
636	<td>
637	+ <input disabled name="sb_instagram_include_words" id="sb_instagram_include_words" type="text" style="width: 70%;" value="" />
638	<br />
639	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate words/hashtags using commas', 'instagram-feed'); ?></span>
640	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>

653	<tr valign="top" class="sbi_pro">
654	<th scope="row"><label><?php _e('Hide specific photos', 'instagram-feed'); ?></label></th>
655	<td>
656	+ <textarea disabled name="sb_instagram_hide_photos" id="sb_instagram_hide_photos" style="width: 70%;" rows="3"></textarea>
657	<br />
658	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate IDs using commas', 'instagram-feed'); ?></span>
659	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>

664	<tr valign="top" class="sbi_pro">
665	<th scope="row"><label><?php _e('Block users', 'instagram-feed'); ?></label></th>
666	<td>
667	+ <input disabled name="sb_instagram_block_users" id="sb_instagram_block_users" type="text" style="width: 70%;" value="" />
668	<br />
669	<span class="sbi_note" style="margin-left: 0;"><?php _e('Separate usernames using commas', 'instagram-feed'); ?></span>
670	<a class="sbi_tooltip_link sbi_pro" href="JavaScript:void(0);"><?php _e("What is this?", 'instagram-feed'); ?></a>

690	</tr>
691	<tr valign="top">
692	<td>
693	+ <textarea name="sb_instagram_custom_css" id="sb_instagram_custom_css" style="width: 70%;" rows="7"><?php echo esc_textarea( stripslashes($sb_instagram_custom_css), 'instagram-feed' ); ?></textarea>
694	</td>
695	</tr>
696	<tr valign="top" id="customjs">

700	</tr>
701	<tr valign="top">
702	<td>
703	+ <textarea name="sb_instagram_custom_js" id="sb_instagram_custom_js" style="width: 70%;" rows="7"><?php echo esc_textarea( stripslashes($sb_instagram_custom_js), 'instagram-feed' ); ?></textarea>
704	</td>
705	</tr>
706	</tbody>

instagram-feed.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Instagram Feed
4	Plugin URI: http://smashballoon.com/instagram-feed
5	Description: Display beautifully clean, customizable, and responsive Instagram feeds
6	- Version: 1.4.~~6.2~~
7	Author: Smash Balloon
8	Author URI: http://smashballoon.com/
9	License: GPLv2 or later
	@@ -23,8 +23,9 @@ along with this program; if not, write to the Free Software
23	Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
24	*/
25
26	- define( 'SBIVER', '1.4.~~6.2~~' );
27

28	//Include admin
29	include dirname( __FILE__ ) .'/instagram-feed-admin.php';
30


3	Plugin Name: Instagram Feed
4	Plugin URI: http://smashballoon.com/instagram-feed
5	Description: Display beautifully clean, customizable, and responsive Instagram feeds
6	+ Version: 1.4.7
7	Author: Smash Balloon
8	Author URI: http://smashballoon.com/
9	License: GPLv2 or later

23	Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
24	*/
25
26	+ define( 'SBIVER', '1.4.7' );
27
28	+ if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
29	//Include admin
30	include dirname( __FILE__ ) .'/instagram-feed-admin.php';
31