Instagram Feed - Version 6.0.8

Version Description

Tweak: Added a workaround to retrieve missing images if none were returned by Instagram for a post.
Fix: Custom colors assigned to the Follow button would not apply when using a custom color palette.
Fix: Added additional plugin hardening.
Fix: A fatal error would occur with older versions of PHP and WordPress in some circumstances.

Release Info

Developer	Craig at Smash Balloon
Plugin	Instagram Feed
Version	6.0.8
Comparing to
See all releases

Code changes from version 6.0.7 to 6.0.8

Files changed (14) hide show

README.txt +8 -2
admin/SBI_Global_Settings.php +10 -10
admin/SBI_Support.php +1 -1
inc/Builder/SBI_Db.php +4 -6
inc/Builder/SBI_Feed_Builder.php +2 -0
inc/Builder/SBI_Source.php +8 -2
inc/Builder/Tabs/SBI_Customize_Tab.php +1 -1
inc/admin/actions.php +6 -3
inc/class-sb-instagram-display-elements.php +13 -2
inc/class-sb-instagram-feed-locator.php +12 -9
inc/class-sb-instagram-parse.php +11 -0
inc/class-sb-instagram-single.php +1 -1
inc/if-functions.php +1 -1
instagram-feed.php +2 -2

README.txt CHANGED Viewed

	@@ -1,9 +1,9 @@
1	=== Smash Balloon Social Photo Feed ===
2	- Contributors: smashballoon, craig-at-smash-balloon
3	Tags: Instagram, Instagram feed, Instagram photos, Instagram widget, Instagram gallery
4	Requires at least: 4.1
5	Tested up to: 6.0
6	- Stable tag: 6.0.7
7	License: GPLv2 or later
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
	@@ -331,6 +331,12 @@ We understand that sometimes you need help, have issues or just have questions.
331	* Plus more customization options added all the time!
332
333	== Changelog ==






334	= 6.0.7 =
335	* Fix: Removed legacy "disable mobile" setting support as it was causing confusion for users updating from 2.x where changes to feed columns would not have an effect.
336	* Fix: Removed the reference in the feed CSS file to an image file that didn't exist.in the feed CSS file.


1	=== Smash Balloon Social Photo Feed ===
2	+ Contributors: smashballoon, craig-at-smash-balloon, am, smub
3	Tags: Instagram, Instagram feed, Instagram photos, Instagram widget, Instagram gallery
4	Requires at least: 4.1
5	Tested up to: 6.0
6	+ Stable tag: 6.0.8
7	License: GPLv2 or later
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9

331	* Plus more customization options added all the time!
332
333	== Changelog ==
334	+ = 6.0.8 =
335	+ * Tweak: Added a workaround to retrieve missing images if none were returned by Instagram for a post.
336	+ * Fix: Custom colors assigned to the Follow button would not apply when using a custom color palette.
337	+ * Fix: Added additional plugin hardening.
338	+ * Fix: A fatal error would occur with older versions of PHP and WordPress in some circumstances.
339	+
340	= 6.0.7 =
341	* Fix: Removed legacy "disable mobile" setting support as it was causing confusion for users updating from 2.x where changes to feed columns would not have an effect.
342	* Fix: Removed the reference in the feed CSS file to an image file that didn't exist.in the feed CSS file.

admin/SBI_Global_Settings.php CHANGED Viewed

	@@ -93,7 +93,7 @@ class SBI_Global_Settings {
93	update_option( 'sbi_license_key', $sbi_license_key );
94	}
95	} else {
96	- $license_key = trim( get_option( 'sbi_license_key' ) );
97
98	if ( empty( $sbi_license_key ) && ! empty( $license_key ) ) {
99	$sbi_license_data = $this->get_license_data( $license_key, 'deactivate_license', SBI_PLUGIN_NAME );
	@@ -226,7 +226,7 @@ class SBI_Global_Settings {
226	if ( ! sbi_current_user_can( 'manage_instagram_feed_options' ) ) {
227	wp_send_json_error();
228	}
229	- $license_key = trim( get_option( 'sbi_license_key' ) );
230	$sbi_license_data = $this->get_license_data( $license_key, 'deactivate_license', SBI_PLUGIN_NAME );
231	// update the license data
232	if( !empty( $sbi_license_data ) ) {
	@@ -258,7 +258,7 @@ class SBI_Global_Settings {
258	if ( ! sbi_current_user_can( 'manage_instagram_feed_options' ) ) {
259	wp_send_json_error();
260	}
261	- $license_key = get_option( 'sbi_license_key' );
262	$sbi_api_params = array(
263	'edd_action'=> 'check_license',
264	'license' => $license_key,
	@@ -302,7 +302,7 @@ class SBI_Global_Settings {
302	wp_send_json_error();
303	}
304	// Do the form validation
305	- $license_key = isset( $_POST['license_key'] ) ? ~~sanitize_text_field~~( $_POST['license_key'] ) : '';
306	$item_name = isset( $_POST['item_name'] ) ? sanitize_text_field( $_POST['item_name'] ) : '';
307	$option_name = isset( $_POST['option_name'] ) ? sanitize_text_field( $_POST['option_name'] ) : '';
308	if ( empty( $license_key ) \|\| empty( $item_name ) ) {
	@@ -666,11 +666,11 @@ class SBI_Global_Settings {
666
667	$license_key = null;
668	if ( get_option('sbi_license_key') ) {
669	- $license_key = get_option('sbi_license_key');
670	}
671
672	$upgrade_url = sprintf('https://smashballoon.com/instagram-feed/pricing/?license_key=%s&upgrade=true&utm_campaign=instagram-free&utm_source=settings&utm_medium=upgrade-license', $license_key);
673	- $renew_url = sprintf('https://smashballoon.com/checkout/?license_key=%s&download_id=%s&utm_campaign=instagram-free&utm_source=settings&utm_medium=upgrade-license&utm_content=renew-license', $license_key, $sbi_download_id);
674	$learn_more_url = 'https://smashballoon.com/doc/my-license-key-wont-activate/?utm_campaign=instagram-free&utm_source=settings&utm_medium=license&utm_content=learn-more';
675
676	// Check if the license key reached max site installations
	@@ -775,7 +775,7 @@ class SBI_Global_Settings {
775	);
776	}
777	$licenseErrorMsg = null;
778	- $license_key = trim( get_option( 'sbi_license_key' ) );
779	if ( $license_key ) {
780	$license_last_check = get_option( 'sbi_license_last_check_timestamp' );
781	$date = time() - (DAY_IN_SECONDS * 90);
	@@ -813,7 +813,7 @@ class SBI_Global_Settings {
813
814	$license_key = null;
815	if ( get_option('sbi_license_key') ) {
816	- $license_key = get_option('sbi_license_key');
817	}
818
819	$has_license_error = false;
	@@ -1104,7 +1104,7 @@ class SBI_Global_Settings {
1104	public static function get_links_with_utm() {
1105	$license_key = null;
1106	if ( get_option('sbi_license_key') ) {
1107	- $license_key = get_option('sbi_license_key');
1108	}
1109	$all_access_bundle_popup = sprintf('https://smashballoon.com/all-access/?license_key=%s&upgrade=true&utm_campaign=instagram-free&utm_source=balloon&utm_medium=all-access', $license_key);
1110
	@@ -1146,7 +1146,7 @@ class SBI_Global_Settings {
1146	'cronAmPm' => $sbi_cache_cron_am_pm,
1147	'gdpr' => $sbi_settings['gdpr'],
1148	'gdprPlugin' => $active_gdpr_plugin,
1149	- 'customCSS' => isset( $sbi_settings['sb_instagram_custom_css'] ) ? stripslashes( $sbi_settings['sb_instagram_custom_css'] ) : '',
1150	'customJS' => isset( $sbi_settings['sb_instagram_custom_js'] ) ? stripslashes( $sbi_settings['sb_instagram_custom_js'] ) : '',
1151	),
1152	'advanced' => array(


93	update_option( 'sbi_license_key', $sbi_license_key );
94	}
95	} else {
96	+ $license_key = sanitize_key( trim( get_option( 'sbi_license_key', '' ) ) );
97
98	if ( empty( $sbi_license_key ) && ! empty( $license_key ) ) {
99	$sbi_license_data = $this->get_license_data( $license_key, 'deactivate_license', SBI_PLUGIN_NAME );

226	if ( ! sbi_current_user_can( 'manage_instagram_feed_options' ) ) {
227	wp_send_json_error();
228	}
229	+ $license_key = sanitize_key( trim( get_option( 'sbi_license_key', '' ) ) );
230	$sbi_license_data = $this->get_license_data( $license_key, 'deactivate_license', SBI_PLUGIN_NAME );
231	// update the license data
232	if( !empty( $sbi_license_data ) ) {

258	if ( ! sbi_current_user_can( 'manage_instagram_feed_options' ) ) {
259	wp_send_json_error();
260	}
261	+ $license_key = sanitize_key( get_option( 'sbi_license_key', '' ) );
262	$sbi_api_params = array(
263	'edd_action'=> 'check_license',
264	'license' => $license_key,

302	wp_send_json_error();
303	}
304	// Do the form validation
305	+ $license_key = isset( $_POST['license_key'] ) ? sanitize_key( $_POST['license_key'] ) : '';
306	$item_name = isset( $_POST['item_name'] ) ? sanitize_text_field( $_POST['item_name'] ) : '';
307	$option_name = isset( $_POST['option_name'] ) ? sanitize_text_field( $_POST['option_name'] ) : '';
308	if ( empty( $license_key ) \|\| empty( $item_name ) ) {

666
667	$license_key = null;
668	if ( get_option('sbi_license_key') ) {
669	+ $license_key = sanitize_key( get_option('sbi_license_key') );
670	}
671
672	$upgrade_url = sprintf('https://smashballoon.com/instagram-feed/pricing/?license_key=%s&upgrade=true&utm_campaign=instagram-free&utm_source=settings&utm_medium=upgrade-license', $license_key);
673	+ $renew_url = sprintf('https://smashballoon.com/checkout/?license_key=%s&download_id=%s&utm_campaign=instagram-free&utm_source=settings&utm_medium=upgrade-license&utm_content=renew-license', $license_key, sanitize_key( $sbi_download_id ) );
674	$learn_more_url = 'https://smashballoon.com/doc/my-license-key-wont-activate/?utm_campaign=instagram-free&utm_source=settings&utm_medium=license&utm_content=learn-more';
675
676	// Check if the license key reached max site installations

775	);
776	}
777	$licenseErrorMsg = null;
778	+ $license_key = sanitize_key( trim( get_option( 'sbi_license_key', '' ) ) );
779	if ( $license_key ) {
780	$license_last_check = get_option( 'sbi_license_last_check_timestamp' );
781	$date = time() - (DAY_IN_SECONDS * 90);

813
814	$license_key = null;
815	if ( get_option('sbi_license_key') ) {
816	+ $license_key = sanitize_key( get_option('sbi_license_key') );
817	}
818
819	$has_license_error = false;

1104	public static function get_links_with_utm() {
1105	$license_key = null;
1106	if ( get_option('sbi_license_key') ) {
1107	+ $license_key = sanitize_key( get_option('sbi_license_key') );
1108	}
1109	$all_access_bundle_popup = sprintf('https://smashballoon.com/all-access/?license_key=%s&upgrade=true&utm_campaign=instagram-free&utm_source=balloon&utm_medium=all-access', $license_key);
1110

1146	'cronAmPm' => $sbi_cache_cron_am_pm,
1147	'gdpr' => $sbi_settings['gdpr'],
1148	'gdprPlugin' => $active_gdpr_plugin,
1149	+ 'customCSS' => isset( $sbi_settings['sb_instagram_custom_css'] ) ? wp_strip_all_tags( stripslashes( $sbi_settings['sb_instagram_custom_css'] ) ) : '',
1150	'customJS' => isset( $sbi_settings['sb_instagram_custom_js'] ) ? stripslashes( $sbi_settings['sb_instagram_custom_js'] ) : '',
1151	),
1152	'advanced' => array(

admin/SBI_Support.php CHANGED Viewed

	@@ -396,7 +396,7 @@ class SBI_Support {
396	$output .= isset( $sbi_settings['gdpr'] ) ? $sbi_settings['gdpr'] : ' Not setup';
397	$output .= '</br>';
398	$output .= 'Custom CSS: ';
399	- $output .= isset( $sbi_settings['sb_instagram_custom_css'] ) && ! empty( $sbi_settings['sb_instagram_custom_css'] ) ? $sbi_settings['sb_instagram_custom_css'] : 'Empty';
400	$output .= '</br>';
401	$output .= 'Custom JS: ';
402	$output .= isset( $sbi_settings['sb_instagram_custom_js'] ) && ! empty( $sbi_settings['sb_instagram_custom_js'] ) ? $sbi_settings['sb_instagram_custom_js'] : 'Empty';


396	$output .= isset( $sbi_settings['gdpr'] ) ? $sbi_settings['gdpr'] : ' Not setup';
397	$output .= '</br>';
398	$output .= 'Custom CSS: ';
399	+ $output .= isset( $sbi_settings['sb_instagram_custom_css'] ) && ! empty( $sbi_settings['sb_instagram_custom_css'] ) ? wp_strip_all_tags( $sbi_settings['sb_instagram_custom_css'] ) : 'Empty';
400	$output .= '</br>';
401	$output .= 'Custom JS: ';
402	$output .= isset( $sbi_settings['sb_instagram_custom_js'] ) && ! empty( $sbi_settings['sb_instagram_custom_js'] ) ? $sbi_settings['sb_instagram_custom_js'] : 'Empty';

inc/Builder/SBI_Db.php CHANGED Viewed

	@@ -55,15 +55,13 @@ class SBI_Db {
55	$i = 0;
56	foreach ( $results as $result ) {
57	if ( (int) $result['used_in'] > 0 ) {
58	- $~~account_id~~ = ~~sanitize_key( $result~~['~~account_id~~'] );
59	- ~~$sql =~~ "SELECT *
60	FROM $feeds_table_name
61	- WHERE settings LIKE CONCAT('%', ~~$account_id~~, '%')
62	GROUP BY id
63	LIMIT 100;
64	- ";
65	-
66	- $results[ $i ]['instances'] = $wpdb->get_results( $sql, ARRAY_A );
67	}
68	$i++;
69	}


55	$i = 0;
56	foreach ( $results as $result ) {
57	if ( (int) $result['used_in'] > 0 ) {
58	+ $results[ $i ]['instances'] = $wpdb->get_results( $wpdb->prepare(
59	+ "SELECT *
60	FROM $feeds_table_name
61	+ WHERE settings LIKE CONCAT('%', %s, '%')
62	GROUP BY id
63	LIMIT 100;
64	+ ", $result['account_id'] ), ARRAY_A );


65	}
66	$i++;
67	}

inc/Builder/SBI_Feed_Builder.php CHANGED Viewed

	@@ -2011,6 +2011,8 @@ class SBI_Feed_Builder {
2011	* @since 6.0
2012	*/
2013	public static function after_dismiss_onboarding() {


2014	$cap = current_user_can( 'manage_instagram_feed_options' ) ? 'manage_instagram_feed_options' : 'manage_options';
2015	$cap = apply_filters( 'sbi_settings_pages_capability', $cap );
2016


2011	* @since 6.0
2012	*/
2013	public static function after_dismiss_onboarding() {
2014	+ check_ajax_referer( 'sbi-admin', 'nonce' );
2015	+
2016	$cap = current_user_can( 'manage_instagram_feed_options' ) ? 'manage_instagram_feed_options' : 'manage_options';
2017	$cap = apply_filters( 'sbi_settings_pages_capability', $cap );
2018

inc/Builder/SBI_Source.php CHANGED Viewed

	@@ -228,14 +228,16 @@ class SBI_Source {
228	public static function get_connection_urls( $is_settings = false ) {
229	$urls = array();
230	$admin_url_state = $is_settings ? admin_url( 'admin.php?page=sbi-settings' ) : admin_url( 'admin.php?page=sbi-feed-builder' );


231	//If the admin_url isn't returned correctly then use a fallback
232	if ( $admin_url_state === '/wp-admin/admin.php?page=sbi-feed-builder'
233	\|\| $admin_url_state === '/wp-admin/admin.php?page=sbi-feed-builder&tab=configuration' ) {
234	$admin_url_state = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
235	}
236	$sb_admin_email = get_option( 'admin_email', '' );
237	- $urls['personal'] ='https://connect.smashballoon.com/auth/ig/?wordpress_user=' . sanitize_email( $sb_admin_email ) . '&v=free&vn=' . SBIVER . '&state=';
238	- $urls['business'] = 'https://connect.smashballoon.com/auth/ig/?wordpress_user=' . sanitize_email( $sb_admin_email ) . '&v=free&vn=' . SBIVER . '&state=';
239
240
241	$urls['stateURL'] = $admin_url_state;
	@@ -253,6 +255,10 @@ class SBI_Source {
253	* @since 6.0
254	*/
255	public static function maybe_source_connection_data() {




256	if ( isset( $_GET['sbi_access_token'] ) && isset( $_GET['sbi_graph_api'] ) ) {
257	$return = self::retrieve_available_business_accounts();
258	return $return;


228	public static function get_connection_urls( $is_settings = false ) {
229	$urls = array();
230	$admin_url_state = $is_settings ? admin_url( 'admin.php?page=sbi-settings' ) : admin_url( 'admin.php?page=sbi-feed-builder' );
231	+ $nonce = wp_create_nonce( 'sbi_con' );
232	+
233	//If the admin_url isn't returned correctly then use a fallback
234	if ( $admin_url_state === '/wp-admin/admin.php?page=sbi-feed-builder'
235	\|\| $admin_url_state === '/wp-admin/admin.php?page=sbi-feed-builder&tab=configuration' ) {
236	$admin_url_state = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
237	}
238	$sb_admin_email = get_option( 'admin_email', '' );
239	+ $urls['personal'] ='https://connect.smashballoon.com/auth/ig/?wordpress_user=' . sanitize_email( $sb_admin_email ) . '&v=free&vn=' . SBIVER . '&sbi_con=' . $nonce . '&state=';
240	+ $urls['business'] = 'https://connect.smashballoon.com/auth/ig/?wordpress_user=' . sanitize_email( $sb_admin_email ) . '&v=free&vn=' . SBIVER . '&sbi_con=' . $nonce . '&state=';
241
242
243	$urls['stateURL'] = $admin_url_state;

255	* @since 6.0
256	*/
257	public static function maybe_source_connection_data() {
258	+ $nonce = ! empty( $_GET['sbi_con'] ) ? sanitize_key( $_GET['sbi_con'] ) : '';
259	+ if ( ! wp_verify_nonce( $nonce, 'sbi_con' ) ) {
260	+ return false;
261	+ }
262	if ( isset( $_GET['sbi_access_token'] ) && isset( $_GET['sbi_graph_api'] ) ) {
263	$return = self::retrieve_available_business_accounts();
264	return $return;

inc/Builder/Tabs/SBI_Customize_Tab.php CHANGED Viewed

	@@ -434,7 +434,7 @@ class SBI_Customize_Tab{
434	* @return array
435	*/
436	static function get_customize_colorscheme_controls(){
437	- $feed_id = isset($_GET['feed_id']) ? $_GET['feed_id'] : '';
438	$color_scheme_array = [
439	[
440	'type' => 'toggleset',


434	* @return array
435	*/
436	static function get_customize_colorscheme_controls(){
437	+ $feed_id = isset( $_GET['feed_id'] ) ? sanitize_key( $_GET['feed_id'] ) : '';
438	$color_scheme_array = [
439	[
440	'type' => 'toggleset',

inc/admin/actions.php CHANGED Viewed

	@@ -26,12 +26,15 @@ function sb_instagram_menu() {
26	$notice = ' <span class="update-plugins sbi-error-alert sbi-notice-alert"><span>!</span></span>';
27	}
28
29	- $~~sbi_notifications~~ = ~~new SBI_Notifications()~~;
30	- ~~$notifications~~ = ~~$sbi_notifications->get~~();



31
32	$notice_bubble = '';
33	if ( empty( $notice ) && ! empty( $notifications ) && is_array( $notifications ) ) {
34	- $notice_bubble = ' <span class="sbi-notice-alert"><span>'.count( $notifications ).'</span></span>';
35	}
36
37	add_menu_page(


26	$notice = ' <span class="update-plugins sbi-error-alert sbi-notice-alert"><span>!</span></span>';
27	}
28
29	+ $notifications = false;
30	+ if ( class_exists( '\SBI_Notifications' ) ) {
31	+ $sbi_notifications = new \SBI_Notifications();
32	+ $notifications = $sbi_notifications->get();
33	+ }
34
35	$notice_bubble = '';
36	if ( empty( $notice ) && ! empty( $notifications ) && is_array( $notifications ) ) {
37	+ $notice_bubble = ' <span class="sbi-notice-alert"><span>' . count( $notifications ) . '</span></span>';
38	}
39
40	add_menu_page(

inc/class-sb-instagram-display-elements.php CHANGED Viewed

	@@ -386,7 +386,7 @@ class SB_Instagram_Display_Elements {
386	public static function get_follow_styles( $settings ) {
387	$styles = '';
388
389	- if ( ( ~~empty~~( $settings~~['colorpalette']~~ ) ~~\|\| $settings['colorpalette'] === 'inherit' )~~ && ( ! empty( $settings['followcolor'] ) \|\| ! empty( $settings['followtextcolor'] ) ) ) {
390	$styles = ' style="';
391	if ( ! empty( $settings['followcolor'] ) ) {
392	$styles .= 'background: rgb(' . esc_attr( sbi_hextorgb( $settings['followcolor'] ) ) . ');';
	@@ -399,6 +399,17 @@ class SB_Instagram_Display_Elements {
399	return $styles;
400	}
401











402	public static function get_follow_hover_color( $settings ) {
403	if ( ! empty( $settings['followhovercolor'] ) && $settings['followhovercolor'] !== '#359dff' ) {
404	return $settings['followhovercolor'];
	@@ -502,7 +513,7 @@ class SB_Instagram_Display_Elements {
502	$palette_class = self::get_palette_class( $settings );
503
504	if ( $customizer ) {
505	- return ' :class="\'sbi \' + ' . $mobilecols_class . ' + \' \' + ' . $tabletcols_class . ' + \' sbi_col_\' + ' . $cols_setting . ' + \' \' + ' . $palette_class . ' + \' \' + ' . $additional_customizer_classes . '" ';
506	} else {
507	$classes = 'sbi' . esc_attr( $mobilecols_class ) . esc_attr( $tabletcols_class ) . ' sbi_col_' . esc_attr( $cols_setting ) . esc_attr( $additional_classes ) . esc_attr( $palette_class );
508	$classes = ' class="' . $classes . '"';


386	public static function get_follow_styles( $settings ) {
387	$styles = '';
388
389	+ if ( ! self::doing_custom_palettes_for_button( $settings ) && ( ! empty( $settings['followcolor'] ) \|\| ! empty( $settings['followtextcolor'] ) ) ) {
390	$styles = ' style="';
391	if ( ! empty( $settings['followcolor'] ) ) {
392	$styles .= 'background: rgb(' . esc_attr( sbi_hextorgb( $settings['followcolor'] ) ) . ');';

399	return $styles;
400	}
401
402	+ public static function doing_custom_palettes_for_button( $settings ) {
403	+ if ( ( empty( $settings['colorpalette'] ) \|\| $settings['colorpalette'] === 'inherit' ) ) {
404	+ return false;
405	+ }
406	+ if ( $settings['colorpalette'] === 'custom' && ! empty( $settings['custombuttoncolor2'] ) ) {
407	+ return true;
408	+ }
409	+
410	+ return false;
411	+ }
412	+
413	public static function get_follow_hover_color( $settings ) {
414	if ( ! empty( $settings['followhovercolor'] ) && $settings['followhovercolor'] !== '#359dff' ) {
415	return $settings['followhovercolor'];

513	$palette_class = self::get_palette_class( $settings );
514
515	if ( $customizer ) {
516	+ return ' :class="\'sbi \' + ' . esc_attr( $mobilecols_class ) . ' + \' \' + ' . esc_attr( $tabletcols_class ) . ' + \' sbi_col_\' + ' . esc_attr( $cols_setting ) . ' + \' \' + ' . esc_attr( $palette_class ) . ' + \' \' + ' . esc_attr( $additional_customizer_classes ) . '" ';
517	} else {
518	$classes = 'sbi' . esc_attr( $mobilecols_class ) . esc_attr( $tabletcols_class ) . ' sbi_col_' . esc_attr( $cols_setting ) . esc_attr( $additional_classes ) . esc_attr( $palette_class );
519	$classes = ' class="' . $classes . '"';

inc/class-sb-instagram-feed-locator.php CHANGED Viewed

	@@ -12,6 +12,7 @@ if ( ! defined( 'ABSPATH' ) ) {
12	}
13
14	class SB_Instagram_Feed_Locator {

15
16	private $feed_details;
17
	@@ -237,10 +238,7 @@ class SB_Instagram_Feed_Locator {
237	global $wpdb;
238	$feed_locator_table_name = $wpdb->prefix . SBI_INSTAGRAM_FEED_LOCATOR;
239
240	- $group_by = '';
241	- if ( isset( $args['group_by'] ) ) {
242	- $group_by = 'GROUP BY ' . esc_sql( $args['group_by'] );
243	- }
244
245	$location_string = 'content';
246	if ( isset( $args['html_location'] ) ) {
	@@ -308,10 +306,7 @@ class SB_Instagram_Feed_Locator {
308	global $wpdb;
309	$feed_locator_table_name = $wpdb->prefix . SBI_INSTAGRAM_FEED_LOCATOR;
310
311	- $group_by = '';
312	- if ( isset( $args['group_by'] ) ) {
313	- $group_by = 'GROUP BY ' . esc_sql( $args['group_by'] );
314	- }
315
316	$location_string = 'content';
317	if ( isset( $args['html_location'] ) ) {
	@@ -668,7 +663,7 @@ class SB_Instagram_Feed_Locator {
668
669	foreach ( $locations as $key => $location ) {
670	$in = implode( "', '", $location['html_locations'] );
671	- $group_by = isset( $location['group_by'] ) ? ~~'GROUP~~ ~~BY ' .~~ $location['group_by'] : '';
672	$results = $wpdb->get_results(
673	"
674	SELECT *
	@@ -692,4 +687,12 @@ class SB_Instagram_Feed_Locator {
692
693	return $locations;
694	}








695	}


12	}
13
14	class SB_Instagram_Feed_Locator {
15	+ const COLUMN_NAMES = array( 'feed_id', 'post_id', 'html_location', 'shortcode_atts', 'last_update' );
16
17	private $feed_details;
18

238	global $wpdb;
239	$feed_locator_table_name = $wpdb->prefix . SBI_INSTAGRAM_FEED_LOCATOR;
240
241	+ $group_by = isset( $args['group_by'] ) ? self::sanitize_group_by( $args['group_by'] ) : '';



242
243	$location_string = 'content';
244	if ( isset( $args['html_location'] ) ) {

306	global $wpdb;
307	$feed_locator_table_name = $wpdb->prefix . SBI_INSTAGRAM_FEED_LOCATOR;
308
309	+ $group_by = isset( $args['group_by'] ) ? self::sanitize_group_by( $args['group_by'] ) : '';



310
311	$location_string = 'content';
312	if ( isset( $args['html_location'] ) ) {

663
664	foreach ( $locations as $key => $location ) {
665	$in = implode( "', '", $location['html_locations'] );
666	+ $group_by = isset( $location['group_by'] ) ? self::sanitize_group_by( $location['group_by'] ) : '';
667	$results = $wpdb->get_results(
668	"
669	SELECT *

687
688	return $locations;
689	}
690	+
691	+ public static function sanitize_group_by( $group_by ) {
692	+ if ( in_array( $group_by, self::COLUMN_NAMES, true ) ) {
693	+ return 'GROUP BY ' . $group_by;
694	+ }
695	+
696	+ return '';
697	+ }
698	}

inc/class-sb-instagram-parse.php CHANGED Viewed

@@ -168,6 +168,17 @@ class SB_Instagram_Parse
             					return $post['media_url'];
+            				}
             				return trailingslashit( SBI_PLUGIN_URL ) . 'img/thumb-placeholder.png';
+            			}
+            		}


168	return $post['media_url'];
169	}
170
171	+ $permalink = self::fix_permalink( self::get_permalink( $post ) );
172	+ $single = new SB_Instagram_Single( $permalink );
173	+ $single->init();
174	+ $maybe_post = $single->get_post();
175	+
176	+ if ( isset( $maybe_post['media_url'] ) ) {
177	+ return $maybe_post['media_url'];
178	+ } elseif ( isset( $maybe_post['thumbnail_url'] ) ) {
179	+ return $maybe_post['thumbnail_url'];
180	+ }
181	+
182	return trailingslashit( SBI_PLUGIN_URL ) . 'img/thumb-placeholder.png';
183	}
184	}

inc/class-sb-instagram-single.php CHANGED Viewed

	@@ -212,7 +212,7 @@ class SB_Instagram_Single {
212	$stored_option = json_decode( $this->encryption->decrypt( $stored_option ), true );
213	}
214	$new = array( $this->permalink_id => $this->post );
215	- $stored_option = array_merge( $new, $stored_option );
216	// only latest 400 posts
217	$stored_option = array_slice( $stored_option, 0, 400 );
218


212	$stored_option = json_decode( $this->encryption->decrypt( $stored_option ), true );
213	}
214	$new = array( $this->permalink_id => $this->post );
215	+ $stored_option = array_merge( $new, (array) $stored_option );
216	// only latest 400 posts
217	$stored_option = array_slice( $stored_option, 0, 400 );
218

inc/if-functions.php CHANGED Viewed

	@@ -1359,7 +1359,7 @@ function sb_instagram_custom_css() {
1359
1360	if( !empty($sb_instagram_custom_css) ){
1361	echo "\r\n";
1362	- echo stripslashes($sb_instagram_custom_css);
1363	}
1364
1365	if( current_user_can( 'edit_posts' ) ){


1359
1360	if( !empty($sb_instagram_custom_css) ){
1361	echo "\r\n";
1362	+ echo wp_strip_all_tags( stripslashes( $sb_instagram_custom_css ) );
1363	}
1364
1365	if( current_user_can( 'edit_posts' ) ){

instagram-feed.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Smash Balloon Instagram Feed
4	Plugin URI: https://smashballoon.com/instagram-feed
5	Description: Display beautifully clean, customizable, and responsive Instagram feeds.
6	- Version: 6.0.7
7	Author: Smash Balloon
8	Author URI: https://smashballoon.com/
9	License: GPLv2 or later
	@@ -32,7 +32,7 @@ if ( ! defined( 'SBI_PLUGIN_NAME' ) ) {
32	define( 'SBI_PLUGIN_NAME', 'Instagram Feed Free' );
33	}
34	if ( ! defined( 'SBIVER' ) ) {
35	- define( 'SBIVER', '6.0.7' );
36	}
37	// Db version.
38	if ( ! defined( 'SBI_DBVERSION' ) ) {


3	Plugin Name: Smash Balloon Instagram Feed
4	Plugin URI: https://smashballoon.com/instagram-feed
5	Description: Display beautifully clean, customizable, and responsive Instagram feeds.
6	+ Version: 6.0.8
7	Author: Smash Balloon
8	Author URI: https://smashballoon.com/
9	License: GPLv2 or later

32	define( 'SBI_PLUGIN_NAME', 'Instagram Feed Free' );
33	}
34	if ( ! defined( 'SBIVER' ) ) {
35	+ define( 'SBIVER', '6.0.8' );
36	}
37	// Db version.
38	if ( ! defined( 'SBI_DBVERSION' ) ) {