Instagram Slider Widget - Version 2.0.6

Version Description

  • Fix security issues
Download this release

Release Info

Developer webtemyk
Plugin Icon 128x128 Instagram Slider Widget
Version 2.0.6
Comparing to
See all releases

Code changes from version 2.0.4 to 2.0.6

Files changed (22) hide show
  1. admin/pages/feeds.php +11 -3
  2. admin/pages/profiles.php +6 -5
  3. admin/views/page-manual.php +11 -11
  4. admin/views/page-widgets.php +7 -7
  5. components/facebook/html_templates/form-feed.php +165 -152
  6. components/facebook/html_templates/masonry.php +20 -20
  7. components/facebook/html_templates/popup.php +11 -11
  8. components/facebook/includes/class-facebook-profiles.php +1 -1
  9. components/facebook/load.php +1 -1
  10. components/instagram/html_templates/form-feed.php +18 -17
  11. components/instagram/includes/class-instagram-feed.php +13 -13
  12. components/instagram/includes/class-instagram-profiles.php +69 -60
  13. components/youtube/html_templates/accounts.php +78 -75
  14. components/youtube/html_templates/default.php +8 -8
  15. components/youtube/html_templates/feed_header_template.php +1 -1
  16. components/youtube/html_templates/form-feed.php +14 -13
  17. components/youtube/html_templates/widget_settings.php +5 -5
  18. components/youtube/includes/class-youtube-feed.php +1 -1
  19. components/youtube/includes/class-youtube-profiles.php +9 -2
  20. includes/class-feed.php +2 -8
  21. instaram_slider.php +1 -1
  22. readme.txt +7 -0
admin/pages/feeds.php CHANGED
@@ -93,6 +93,10 @@ class WIS_FeedsPage extends WIS_Page {
93
  * @inerhitDoc
94
  */
95
  public function showPageContent() {
 
 
 
 
96
  if ( isset( $_GET['action'] ) && isset( $_GET['social'] ) ) {
97
  $social = sanitize_text_field( $_GET['social'] );
98
 
@@ -221,6 +225,8 @@ class WIS_FeedsPage extends WIS_Page {
221
  if ( isset( $_POST['wis-feed-save-action'] ) ) {
222
  unset( $_POST['wis-feed-save-action'] );
223
 
 
 
224
  $feed = $this->getSocialClass( $social, $_POST );
225
 
226
  if ( $feed_id ) {
@@ -229,7 +235,7 @@ class WIS_FeedsPage extends WIS_Page {
229
  //$_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'feed' ));
230
  } else {
231
  $feeds->add_feed( $feed );
232
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'action' ));
233
  }
234
 
235
  //wp_redirect( $_SERVER['REQUEST_URI'] );
@@ -251,12 +257,14 @@ class WIS_FeedsPage extends WIS_Page {
251
  public function delete_action( $social, $feed_id = 0 ) {
252
  $feeds = new WIS_Feeds( $social );
253
 
 
 
254
  if ( $feed_id ) {
255
  $feeds->delete_feed( $feed_id );
256
  }
257
 
258
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'action' ));
259
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'feed' ));
260
  wp_safe_redirect( $_SERVER['REQUEST_URI'] );
261
  }
262
 
93
  * @inerhitDoc
94
  */
95
  public function showPageContent() {
96
+ if ( ! current_user_can( 'manage_options' ) ) {
97
+ wp_die( 'Access denied' );
98
+ }
99
+
100
  if ( isset( $_GET['action'] ) && isset( $_GET['social'] ) ) {
101
  $social = sanitize_text_field( $_GET['social'] );
102
 
225
  if ( isset( $_POST['wis-feed-save-action'] ) ) {
226
  unset( $_POST['wis-feed-save-action'] );
227
 
228
+ check_admin_referer( 'wis_edit_feed', 'csrf_check' );
229
+
230
  $feed = $this->getSocialClass( $social, $_POST );
231
 
232
  if ( $feed_id ) {
235
  //$_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'feed' ));
236
  } else {
237
  $feeds->add_feed( $feed );
238
+ $_SERVER['REQUEST_URI'] = esc_url( remove_query_arg( 'action' ) );
239
  }
240
 
241
  //wp_redirect( $_SERVER['REQUEST_URI'] );
257
  public function delete_action( $social, $feed_id = 0 ) {
258
  $feeds = new WIS_Feeds( $social );
259
 
260
+ check_admin_referer( 'wis_edit_feed', 'csrf_check' );
261
+
262
  if ( $feed_id ) {
263
  $feeds->delete_feed( $feed_id );
264
  }
265
 
266
+ $_SERVER['REQUEST_URI'] = esc_url( remove_query_arg( 'action' ) );
267
+ $_SERVER['REQUEST_URI'] = esc_url( remove_query_arg( 'feed' ) );
268
  wp_safe_redirect( $_SERVER['REQUEST_URI'] );
269
  }
270
 
admin/pages/profiles.php CHANGED
@@ -220,11 +220,12 @@ class WIS_ProfilesPage extends WIS_Page {
220
  break;
221
  }
222
 
223
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'action' ));
224
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'account' ));
225
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'social' ));
226
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'business' ));
227
- wp_redirect( $_SERVER['REQUEST_URI'] );
 
228
  }
229
 
230
  }
220
  break;
221
  }
222
 
223
+ $_SERVER['REQUEST_URI'] = esc_url( remove_query_arg( 'action' ) );
224
+ $_SERVER['REQUEST_URI'] = esc_url( remove_query_arg( 'account' ) );
225
+ $_SERVER['REQUEST_URI'] = esc_url( remove_query_arg( 'social' ) );
226
+ $_SERVER['REQUEST_URI'] = esc_url( remove_query_arg( 'business' ) );
227
+
228
+ wp_safe_redirect( $_SERVER['REQUEST_URI'] );
229
  }
230
 
231
  }
admin/views/page-manual.php CHANGED
@@ -10,7 +10,7 @@
10
  1. You should follow this <a href="https://console.developers.google.com/apis/dashboard" target="_blank">link</a> and select the project from the top of the page in the drop-down menu
11
  </div>
12
  <div class="wyt-step-img">
13
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/1.png") ?>" class="wyt-manual-img" alt="">
14
  </div>
15
  </div>
16
  <div class="wyt-step">
@@ -18,7 +18,7 @@
18
  2. Click on the "Create project" button
19
  </div>
20
  <div class="wyt-step-img">
21
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/2.png") ?>" class="wyt-manual-img" alt="">
22
  </div>
23
  </div>
24
  <div class="wyt-step">
@@ -26,7 +26,7 @@
26
  3. Fill in the "Project name" field and click the "Create" button
27
  </div>
28
  <div class="wyt-step-img">
29
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/3.png") ?>" class="wyt-manual-img" alt="">
30
 
31
  </div>
32
  </div>
@@ -35,7 +35,7 @@
35
  4. At the top of the page, in the drop-down list, select the newly created project and click the "ENABLE APIS AND SERVICES" button
36
  </div>
37
  <div class="wyt-step-img">
38
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/4.png") ?>" class="wyt-manual-img" alt="">
39
 
40
  </div>
41
  </div>
@@ -44,7 +44,7 @@
44
  5. Type "Youtube" in the search bar
45
  </div>
46
  <div class="wyt-step-img">
47
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/5.png") ?>" class="wyt-manual-img" alt="">
48
 
49
  </div>
50
  </div>
@@ -53,7 +53,7 @@
53
  6. In the list of results, select "YouTube Data API v3"
54
  </div>
55
  <div class="wyt-step-img">
56
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/6.png") ?>" class="wyt-manual-img" alt="">
57
 
58
  </div>
59
  </div>
@@ -62,7 +62,7 @@
62
  7. Click the "ENABLE" button
63
  </div>
64
  <div class="wyt-step-img">
65
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/7.png") ?>" class="wyt-manual-img" alt="">
66
 
67
  </div>
68
  </div>
@@ -71,7 +71,7 @@
71
  8. Click the "CREATE CREDENTIALS" button
72
  </div>
73
  <div class="wyt-step-img">
74
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/8.png") ?>" class="wyt-manual-img" alt="">
75
 
76
  </div>
77
  </div>
@@ -80,7 +80,7 @@
80
  9. Fill in all the fields as shown in the picture and click the "What credentials do I need?"
81
  </div>
82
  <div class="wyt-step-img">
83
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/9.png") ?>" class="wyt-manual-img" alt="">
84
 
85
  </div>
86
  </div>
@@ -89,7 +89,7 @@
89
  10. Copy your API key and click the "Done" button
90
  </div>
91
  <div class="wyt-step-img">
92
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/10.png") ?>" class="wyt-manual-img" alt="">
93
 
94
  </div>
95
  </div>
@@ -98,7 +98,7 @@
98
  11. Paste your API key to the field and click "SAVE" button
99
  </div>
100
  <div class="wyt-step-img">
101
- <img src="<?= WYT_COMPONENT_URL . ("/admin/assets/img/manual/11.png") ?>" class="wyt-manual-img" alt="">
102
  </div>
103
  </div>
104
  </div>
10
  1. You should follow this <a href="https://console.developers.google.com/apis/dashboard" target="_blank">link</a> and select the project from the top of the page in the drop-down menu
11
  </div>
12
  <div class="wyt-step-img">
13
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/1.png") ?>" class="wyt-manual-img" alt="">
14
  </div>
15
  </div>
16
  <div class="wyt-step">
18
  2. Click on the "Create project" button
19
  </div>
20
  <div class="wyt-step-img">
21
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/2.png") ?>" class="wyt-manual-img" alt="">
22
  </div>
23
  </div>
24
  <div class="wyt-step">
26
  3. Fill in the "Project name" field and click the "Create" button
27
  </div>
28
  <div class="wyt-step-img">
29
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/3.png") ?>" class="wyt-manual-img" alt="">
30
 
31
  </div>
32
  </div>
35
  4. At the top of the page, in the drop-down list, select the newly created project and click the "ENABLE APIS AND SERVICES" button
36
  </div>
37
  <div class="wyt-step-img">
38
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/4.png") ?>" class="wyt-manual-img" alt="">
39
 
40
  </div>
41
  </div>
44
  5. Type "Youtube" in the search bar
45
  </div>
46
  <div class="wyt-step-img">
47
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/5.png") ?>" class="wyt-manual-img" alt="">
48
 
49
  </div>
50
  </div>
53
  6. In the list of results, select "YouTube Data API v3"
54
  </div>
55
  <div class="wyt-step-img">
56
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/6.png") ?>" class="wyt-manual-img" alt="">
57
 
58
  </div>
59
  </div>
62
  7. Click the "ENABLE" button
63
  </div>
64
  <div class="wyt-step-img">
65
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/7.png") ?>" class="wyt-manual-img" alt="">
66
 
67
  </div>
68
  </div>
71
  8. Click the "CREATE CREDENTIALS" button
72
  </div>
73
  <div class="wyt-step-img">
74
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/8.png") ?>" class="wyt-manual-img" alt="">
75
 
76
  </div>
77
  </div>
80
  9. Fill in all the fields as shown in the picture and click the "What credentials do I need?"
81
  </div>
82
  <div class="wyt-step-img">
83
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/9.png") ?>" class="wyt-manual-img" alt="">
84
 
85
  </div>
86
  </div>
89
  10. Copy your API key and click the "Done" button
90
  </div>
91
  <div class="wyt-step-img">
92
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/10.png") ?>" class="wyt-manual-img" alt="">
93
 
94
  </div>
95
  </div>
98
  11. Paste your API key to the field and click "SAVE" button
99
  </div>
100
  <div class="wyt-step-img">
101
+ <img src="<?php echo WYT_COMPONENT_URL . ("/admin/assets/img/manual/11.png") ?>" class="wyt-manual-img" alt="">
102
  </div>
103
  </div>
104
  </div>
admin/views/page-widgets.php CHANGED
@@ -11,7 +11,7 @@
11
  <div class="wisw-container">
12
  <div class="wisw-social-content">
13
  <div class="wis-widgets-container">
14
- <h2><?= __( 'Recommended widget templates', 'instagram-slider-widget' ); ?></h2>
15
  <div class="wis-demo-widgets">
16
  <?php if ( is_array( $insta_widgets ) && ! empty( $insta_widgets ) ): ?>
17
  <div class="wis-row">
@@ -31,13 +31,13 @@
31
  alt=""></p>
32
  </div>
33
  <div class="wis-demo-shortcode">
34
- <p><?= __( 'Shortcode for this widget', 'instagram-slider-widget' ); ?><span
35
- class="<?= $wis_demo_pro; ?>"></span></p>
36
  <input id="wis_insta_shortcode"
37
  onclick="this.setSelectionRange(0, this.value.length)"
38
- type="text" class="wis-demo-widefat" value="<?= $shortcode; ?>"
39
  readonly="readonly">
40
- <p><?= $insta_widget['title']; ?></p>
41
  </div>
42
  </div>
43
  <?php
@@ -48,13 +48,13 @@
48
  <?php
49
  $account = $this->get_current_account();
50
  if ( ! isset( $demo_id ) && ! empty( $account ) ) { ?>
51
- <a class="button button-primary" href="<?php echo add_query_arg( [ 'do' => 'add_demo' ] ); ?>">Add
52
  demo
53
  widgets</a>
54
  <?php } else if ( ! isset( $demo_id ) && empty( $account ) ) { ?>
55
  <a class="button button-primary" disabled="disabled" href="#">Add demo
56
  widgets</a>
57
- <div style="display: inline-block; line-height: 30px;"><?= __( 'Add instagram account in plugin settings', 'instagram-slider-widget' ); ?></div>
58
  <?php } ?>
59
  </div>
60
 
11
  <div class="wisw-container">
12
  <div class="wisw-social-content">
13
  <div class="wis-widgets-container">
14
+ <h2><?php echo __( 'Recommended widget templates', 'instagram-slider-widget' ); ?></h2>
15
  <div class="wis-demo-widgets">
16
  <?php if ( is_array( $insta_widgets ) && ! empty( $insta_widgets ) ): ?>
17
  <div class="wis-row">
31
  alt=""></p>
32
  </div>
33
  <div class="wis-demo-shortcode">
34
+ <p><?php echo __( 'Shortcode for this widget', 'instagram-slider-widget' ); ?><span
35
+ class="<?php echo $wis_demo_pro; ?>"></span></p>
36
  <input id="wis_insta_shortcode"
37
  onclick="this.setSelectionRange(0, this.value.length)"
38
+ type="text" class="wis-demo-widefat" value="<?php echo $shortcode; ?>"
39
  readonly="readonly">
40
+ <p><?php echo $insta_widget['title']; ?></p>
41
  </div>
42
  </div>
43
  <?php
48
  <?php
49
  $account = $this->get_current_account();
50
  if ( ! isset( $demo_id ) && ! empty( $account ) ) { ?>
51
+ <a class="button button-primary" href="<?php echo esc_url_raw(add_query_arg( [ 'do' => 'add_demo' ] )); ?>">Add
52
  demo
53
  widgets</a>
54
  <?php } else if ( ! isset( $demo_id ) && empty( $account ) ) { ?>
55
  <a class="button button-primary" disabled="disabled" href="#">Add demo
56
  widgets</a>
57
+ <div style="display: inline-block; line-height: 30px;"><?php echo __( 'Add instagram account in plugin settings', 'instagram-slider-widget' ); ?></div>
58
  <?php } ?>
59
  </div>
60
 
components/facebook/html_templates/form-feed.php CHANGED
@@ -10,134 +10,144 @@ $is_update = $args['is_update'];
10
  $feed_id = $args['instance']['id'] ?? '';
11
  ?>
12
  <div class="wisw-social-content">
13
- <h2>
14
  <?php if ( $is_update ) {
15
  _e( 'Edit feed', 'instagram-slider-widget' );
16
  } else {
17
  _e( 'Add feed', 'instagram-slider-widget' );
18
  } ?>
19
- </h2>
20
- <form action="" method="post" name="wis-feed-add-form" id="wis-feed-add-form">
21
- <div class="jr-container">
22
- <div class="isw-common-settings">
23
- <div class="wis-flex-content">
24
- <div class="wis-flex-content-column">
25
- <div class="form-group">
26
- <label for="title" class="form-label"><?php _e( 'Title:', 'instagram-slider-widget' ); ?></label>
27
- <input class="form-input" id="title"
28
- name="title"
29
- value="<?php echo $instance['title']; ?>"/>
30
- </div>
31
- <div class="form-group" id="wis-feed-account">
 
 
32
  <?php
33
  if ( count( $accounts ) ) {
34
  ?>
35
- <label class="form-label" for="account"><?php _e( 'Account', 'instagram-slider-widget' ); ?></label>
36
- <select id="account" class="form-select" name="account">
 
37
  <?php
38
  foreach ( $accounts as $acc ) {
39
  $selected = $instance['account'] == $acc['name'] ? "selected='selected'" : "";
40
  echo "<option value='{$acc['name']}' {$selected}>{$acc['name']}</option>";
41
  }
42
  ?>
43
- </select>
44
  <?php
45
  } else {
46
  ?>
47
- <label class="form-label"><?php _e( 'Account', 'instagram-slider-widget' ); ?></label>
48
- <a href="<?php echo admin_url( 'admin.php?page=settings-wisw' ); ?>"><?php _e( 'Add account in settings', 'instagram-slider-widget' ); ?></a>
49
  <?php
50
  }
51
  ?>
52
- </div>
53
- <div class="form-group">
54
- <div class="input-group">
55
- <label class="form-label form-inline"
56
- for="refresh_hour"><?php _e( 'Check for new images every:', 'instagram-slider-widget' ); ?></label>
57
- <div class="input-group">
58
- <input class="form-input" type="number" min="1" max="200" id="refresh_hour" name="refresh_hour"
59
- value="<?php echo $instance['refresh_hour']; ?>"/>
60
- <span class="input-group-addon"><?php _e( 'hours', 'instagram-slider-widget' ); ?></span>
61
- </div>
62
- </div>
63
- </div>
64
- </div>
65
- <div class="wis-flex-content-column">
 
66
  <?php if ( $feed_id ) : ?>
67
- <div id="wis-field-jr_insta_shortcode" class="form-group">
68
- <label class="form-label" for="jr_insta_shortcode">
69
  <?php _e( 'Shortcode of this feed:', 'instagram-slider-widget' ); ?>
70
- </label>
71
- <input id="jr_insta_shortcode" onclick="this.setSelectionRange(0, this.value.length)" type="text" class="form-input"
72
- value="[cm_facebook_feed id=&quot;<?php echo $feed_id ?>&quot;]"
73
- readonly="readonly" style="border:none; color:black; font-family:monospace;">
74
- <div class="jr-description"><?php _e( 'Use this shortcode in any page or post to display images with this widget configuration!', 'instagram-slider-widget' ) ?></div>
75
- </div>
 
76
  <?php endif; ?>
77
- </div>
78
- </div>
79
- </div>
80
 
81
- <div class="isw-tabs">
82
- <ul>
83
- <li class="desk_tab active" id="desk_tab_<?= $feed_id ?>" data-tab-id="<?= $feed_id ?>"><?php _e( 'Desktop', 'instagram-slider-widget' ); ?></li>
84
- <li class="mob_tab" id="mob_tab_<?= $feed_id ?>" data-tab-id="<?= $feed_id ?>"><?php _e( 'Mobile', 'instagram-slider-widget' ); ?></li>
85
- </ul>
86
- </div>
 
 
87
 
88
- <div class="isw-tabs-content" id="widget_tabs_<?= $feed_id ?>" data-widget-id="<?= $feed_id ?>">
89
- <div id="desk_tab_content_<?= $feed_id ?>" class="desk_settings">
90
- <h3 style="width: 100%; text-align: center"><?php _e( 'Desktop settings', 'instagram-slider-widget' ); ?></h3>
91
 
92
- <div class="wis-flex-content">
93
- <div class="wis-flex-content-column">
94
- <div id="wis-field-images_number" class="form-group">
95
- <div class="input-group">
96
- <label class="form-label form-inline"
97
- for="images_number"><?php _e( 'Count of images to show:', 'instagram-slider-widget' ); ?>
98
- </label>
99
- <div class="input-group">
100
- <input class="form-input" type="number" min="1" max="" id="images_number" name="images_number"
101
- value="<?php echo $instance['images_number']; ?>"/>
102
- <span class="input-group-addon"><?php _e( 'pcs', 'instagram-slider-widget' ); ?></span>
103
- </div>
104
- </div>
105
- <div class="jr-description">
 
106
  <?php if ( ! $this->plugin->is_premium() ) {
107
  _e( 'Maximum 20 images in free version.', 'instagram-slider-widget' );
108
  echo " " . sprintf( __( "More in <a href='%s'>PRO version</a>", 'instagram-slider-widget' ), $this->plugin->get_support()->get_pricing_url( true, "wis_widget_settings" ) );
109
  }
110
  ?>
111
- </div>
112
 
113
- </div>
114
- <div id="wis-field-words_in_caption" class="form-group">
115
- <div class="input-group">
116
- <label class="form-label form-inline" for="title_words">
117
  <?php _e( 'Number of words in caption:', 'instagram-slider-widget' ); ?>
118
- </label>
119
- <div class="input-group">
120
- <input class="form-input" type="number" min="0" max="" id="title_words" name="title_words"
121
- value="<?php echo $instance['title_words']; ?>"/>
122
- <span class="input-group-addon"><?php _e( 'pcs', 'instagram-slider-widget' ); ?></span>
123
- </div>
124
- </div>
125
- </div>
126
- <div id="wis-field-orderby" class="form-group">
127
- <label class="form-label" for="orderby"><?php _e( 'Order by', 'instagram-slider-widget' ); ?></label>
128
- <select class="form-select" name="orderby" id="orderby">
129
- <option value="date-ASC" <?php selected( $instance['orderby'], 'date-ASC', true ); ?>><?php _e( 'Date - Ascending', 'instagram-slider-widget' ); ?></option>
130
- <option value="date-DESC" <?php selected( $instance['orderby'], 'date-DESC', true ); ?>><?php _e( 'Date - Descending', 'instagram-slider-widget' ); ?></option>
131
- <option value="popular-ASC" <?php selected( $instance['orderby'], 'popular-ASC', true ); ?>><?php _e( 'Popularity - Ascending', 'instagram-slider-widget' ); ?></option>
132
- <option value="popular-DESC" <?php selected( $instance['orderby'], 'popular-DESC', true ); ?>><?php _e( 'Popularity - Descending', 'instagram-slider-widget' ); ?></option>
133
- <option value="rand" <?php selected( $instance['orderby'], 'rand', true ); ?>><?php _e( 'Random', 'instagram-slider-widget' ); ?></option>
134
- </select>
135
- </div>
136
- <div id="wis-field-images_link" class="form-group">
137
- <label class="form-label" for="fbimages_link">
 
 
138
  <?php _e( 'Link to', 'instagram-slider-widget' ); ?>
139
- </label>
140
- <select class="form-select" name="fbimages_link" id="fbimages_link">
141
  <?php
142
  if ( count( $options_linkto ) ) {
143
  foreach ( $options_linkto as $key => $option ) {
@@ -146,24 +156,24 @@ $feed_id = $args['instance']['id'] ?? '';
146
  }
147
  }
148
  ?>
149
- </select>
150
- </div>
151
- <div id="wis-field-show_feed_header" class="form-group">
152
- <label class="form-switch" for="show_feed_header">
153
- <input class="form-input" id="show_feed_header"
154
- name="show_feed_header" type="checkbox"
155
- value="1" <?php checked( '1', $instance['show_feed_header'] ); ?> />
156
- <i class="form-icon"></i>
157
  <?php _e( 'Show feed header', 'instagram-slider-widget' ); ?>
158
- </label>
159
- </div>
160
- </div>
161
- <div class="wis-flex-content-column">
162
- <div id="wis-field-template" class="form-group">
163
- <label class="form-label" for="template">
164
  <?php _e( 'Template', 'instagram-slider-widget' ); ?>
165
- </label>
166
- <select class="form-select" name="template" id="template">
167
  <?php
168
  if ( count( $sliders ) ) {
169
  foreach ( $sliders as $key => $slider ) {
@@ -172,55 +182,58 @@ $feed_id = $args['instance']['id'] ?? '';
172
  }
173
  }
174
  ?>
175
- </select>
176
- <div id="masonry_notice"
177
- class="masonry_notice jr-description <?php if ( 'masonry' != $instance['template'] ) {
178
  echo 'hidden';
179
  } ?>">
180
  <?php _e( "Not recommended for <strong>sidebar</strong>" ) ?></div>
181
- </div>
182
- <div class="masonry_settings" <?php echo 'masonry' != $instance['template'] ? 'style="display:none;"' : ''; ?>>
183
- <div id="wis-field-gutter" class="form-group">
184
- <div class="input-group">
185
- <label class="form-label form-inline" for="gutter">
186
  <?php _e( 'Vertical space between item elements:', 'instagram-slider-widget' ); ?>
187
- </label>
188
- <div class="input-group">
189
- <input class="form-input" id="gutter" name="gutter" type="number" min="0" max=""
190
- value="<?php echo $instance['gutter']; ?>"/>
191
- <span class="input-group-addon"><?php _e( 'px', 'instagram-slider-widget' ); ?></span>
192
- </div>
193
- </div>
194
- </div>
195
- <div id="wis-field-masonry_image_width" class="form-group">
196
- <div class="input-group">
197
- <label class="form-label form-inline" for="masonry_post_width">
 
198
  <?php _e( 'Post width:', 'instagram-slider-widget' ); ?>
199
- </label>
200
- <div class="input-group">
201
- <input class="form-input" id="masonry_post_width" name="masonry_post_width" type="number" min="0" max=""
202
- value="<?php echo $instance['masonry_post_width']; ?>"/>
203
- <span class="input-group-addon"> <?php _e( 'px', 'instagram-slider-widget' ); ?> </span>
204
- </div>
205
- </div>
206
- </div>
207
- </div>
208
- </div>
209
- </div>
210
- </div>
 
211
 
212
- <div id="mob_tab_content_<?= $feed_id ?>" class="mob_settings" style="display: none;">
213
- <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings', 'instagram-slider-widget' ); ?></h3>
214
- <?php if ( defined( 'WISP_PLUGIN_ACTIVE' ) && $this->plugin->is_premium() ) :
215
  echo apply_filters( 'wis/facebook/mob_settings', '', $this, $instance, $sliders, $options_linkto, $feed_id );
216
  else: ?>
217
- <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings available only in premium version', 'instagram-slider-widget' ); ?></h3>
218
  <?php endif; ?>
219
- </div>
220
- </div>
221
- </div>
222
- <div class="wis-feed-save-button-container">
223
- <input name="wis-feed-save-action" class="wbcr-factory-button wbcr-save-button" type="submit" value="<?php _e( 'Save', 'instagram-slider-widget' ); ?>">
224
- </div>
225
- </form>
 
226
  </div>
10
  $feed_id = $args['instance']['id'] ?? '';
11
  ?>
12
  <div class="wisw-social-content">
13
+ <h2>
14
  <?php if ( $is_update ) {
15
  _e( 'Edit feed', 'instagram-slider-widget' );
16
  } else {
17
  _e( 'Add feed', 'instagram-slider-widget' );
18
  } ?>
19
+ </h2>
20
+ <form action="" method="post" name="wis-feed-add-form" id="wis-feed-add-form">
21
+ <?php wp_nonce_field( 'wis_edit_feed', 'csrf_check' ); ?>
22
+ <div class="jr-container">
23
+ <div class="isw-common-settings">
24
+ <div class="wis-flex-content">
25
+ <div class="wis-flex-content-column">
26
+ <div class="form-group">
27
+ <label for="title"
28
+ class="form-label"><?php _e( 'Title:', 'instagram-slider-widget' ); ?></label>
29
+ <input class="form-input" id="title"
30
+ name="title"
31
+ value="<?php echo esc_attr( $instance['title'] ); ?>"/>
32
+ </div>
33
+ <div class="form-group" id="wis-feed-account">
34
  <?php
35
  if ( count( $accounts ) ) {
36
  ?>
37
+ <label class="form-label"
38
+ for="account"><?php _e( 'Account', 'instagram-slider-widget' ); ?></label>
39
+ <select id="account" class="form-select" name="account">
40
  <?php
41
  foreach ( $accounts as $acc ) {
42
  $selected = $instance['account'] == $acc['name'] ? "selected='selected'" : "";
43
  echo "<option value='{$acc['name']}' {$selected}>{$acc['name']}</option>";
44
  }
45
  ?>
46
+ </select>
47
  <?php
48
  } else {
49
  ?>
50
+ <label class="form-label"><?php _e( 'Account', 'instagram-slider-widget' ); ?></label>
51
+ <a href="<?php echo admin_url( 'admin.php?page=settings-wisw' ); ?>"><?php _e( 'Add account in settings', 'instagram-slider-widget' ); ?></a>
52
  <?php
53
  }
54
  ?>
55
+ </div>
56
+ <div class="form-group">
57
+ <div class="input-group">
58
+ <label class="form-label form-inline"
59
+ for="refresh_hour"><?php _e( 'Check for new images every:', 'instagram-slider-widget' ); ?></label>
60
+ <div class="input-group">
61
+ <input class="form-input" type="number" min="1" max="200" id="refresh_hour"
62
+ name="refresh_hour"
63
+ value="<?php echo $instance['refresh_hour']; ?>"/>
64
+ <span class="input-group-addon"><?php _e( 'hours', 'instagram-slider-widget' ); ?></span>
65
+ </div>
66
+ </div>
67
+ </div>
68
+ </div>
69
+ <div class="wis-flex-content-column">
70
  <?php if ( $feed_id ) : ?>
71
+ <div id="wis-field-jr_insta_shortcode" class="form-group">
72
+ <label class="form-label" for="jr_insta_shortcode">
73
  <?php _e( 'Shortcode of this feed:', 'instagram-slider-widget' ); ?>
74
+ </label>
75
+ <input id="jr_insta_shortcode" onclick="this.setSelectionRange(0, this.value.length)"
76
+ type="text" class="form-input"
77
+ value="[cm_facebook_feed id=&quot;<?php echo $feed_id ?>&quot;]"
78
+ readonly="readonly" style="border:none; color:black; font-family:monospace;">
79
+ <div class="jr-description"><?php _e( 'Use this shortcode in any page or post to display images with this widget configuration!', 'instagram-slider-widget' ) ?></div>
80
+ </div>
81
  <?php endif; ?>
82
+ </div>
83
+ </div>
84
+ </div>
85
 
86
+ <div class="isw-tabs">
87
+ <ul>
88
+ <li class="desk_tab active" id="desk_tab_<?php echo $feed_id ?>"
89
+ data-tab-id="<?php echo $feed_id ?>"><?php _e( 'Desktop', 'instagram-slider-widget' ); ?></li>
90
+ <li class="mob_tab" id="mob_tab_<?php echo $feed_id ?>"
91
+ data-tab-id="<?php echo $feed_id ?>"><?php _e( 'Mobile', 'instagram-slider-widget' ); ?></li>
92
+ </ul>
93
+ </div>
94
 
95
+ <div class="isw-tabs-content" id="widget_tabs_<?php echo $feed_id ?>" data-widget-id="<?php echo $feed_id ?>">
96
+ <div id="desk_tab_content_<?php echo $feed_id ?>" class="desk_settings">
97
+ <h3 style="width: 100%; text-align: center"><?php _e( 'Desktop settings', 'instagram-slider-widget' ); ?></h3>
98
 
99
+ <div class="wis-flex-content">
100
+ <div class="wis-flex-content-column">
101
+ <div id="wis-field-images_number" class="form-group">
102
+ <div class="input-group">
103
+ <label class="form-label form-inline"
104
+ for="images_number"><?php _e( 'Count of images to show:', 'instagram-slider-widget' ); ?>
105
+ </label>
106
+ <div class="input-group">
107
+ <input class="form-input" type="number" min="1" max="" id="images_number"
108
+ name="images_number"
109
+ value="<?php echo $instance['images_number']; ?>"/>
110
+ <span class="input-group-addon"><?php _e( 'pcs', 'instagram-slider-widget' ); ?></span>
111
+ </div>
112
+ </div>
113
+ <div class="jr-description">
114
  <?php if ( ! $this->plugin->is_premium() ) {
115
  _e( 'Maximum 20 images in free version.', 'instagram-slider-widget' );
116
  echo " " . sprintf( __( "More in <a href='%s'>PRO version</a>", 'instagram-slider-widget' ), $this->plugin->get_support()->get_pricing_url( true, "wis_widget_settings" ) );
117
  }
118
  ?>
119
+ </div>
120
 
121
+ </div>
122
+ <div id="wis-field-words_in_caption" class="form-group">
123
+ <div class="input-group">
124
+ <label class="form-label form-inline" for="title_words">
125
  <?php _e( 'Number of words in caption:', 'instagram-slider-widget' ); ?>
126
+ </label>
127
+ <div class="input-group">
128
+ <input class="form-input" type="number" min="0" max="" id="title_words"
129
+ name="title_words"
130
+ value="<?php echo $instance['title_words']; ?>"/>
131
+ <span class="input-group-addon"><?php _e( 'pcs', 'instagram-slider-widget' ); ?></span>
132
+ </div>
133
+ </div>
134
+ </div>
135
+ <div id="wis-field-orderby" class="form-group">
136
+ <label class="form-label"
137
+ for="orderby"><?php _e( 'Order by', 'instagram-slider-widget' ); ?></label>
138
+ <select class="form-select" name="orderby" id="orderby">
139
+ <option value="date-ASC" <?php selected( $instance['orderby'], 'date-ASC', true ); ?>><?php _e( 'Date - Ascending', 'instagram-slider-widget' ); ?></option>
140
+ <option value="date-DESC" <?php selected( $instance['orderby'], 'date-DESC', true ); ?>><?php _e( 'Date - Descending', 'instagram-slider-widget' ); ?></option>
141
+ <option value="popular-ASC" <?php selected( $instance['orderby'], 'popular-ASC', true ); ?>><?php _e( 'Popularity - Ascending', 'instagram-slider-widget' ); ?></option>
142
+ <option value="popular-DESC" <?php selected( $instance['orderby'], 'popular-DESC', true ); ?>><?php _e( 'Popularity - Descending', 'instagram-slider-widget' ); ?></option>
143
+ <option value="rand" <?php selected( $instance['orderby'], 'rand', true ); ?>><?php _e( 'Random', 'instagram-slider-widget' ); ?></option>
144
+ </select>
145
+ </div>
146
+ <div id="wis-field-images_link" class="form-group">
147
+ <label class="form-label" for="fbimages_link">
148
  <?php _e( 'Link to', 'instagram-slider-widget' ); ?>
149
+ </label>
150
+ <select class="form-select" name="fbimages_link" id="fbimages_link">
151
  <?php
152
  if ( count( $options_linkto ) ) {
153
  foreach ( $options_linkto as $key => $option ) {
156
  }
157
  }
158
  ?>
159
+ </select>
160
+ </div>
161
+ <div id="wis-field-show_feed_header" class="form-group">
162
+ <label class="form-switch" for="show_feed_header">
163
+ <input class="form-input" id="show_feed_header"
164
+ name="show_feed_header" type="checkbox"
165
+ value="1" <?php checked( '1', $instance['show_feed_header'] ); ?> />
166
+ <i class="form-icon"></i>
167
  <?php _e( 'Show feed header', 'instagram-slider-widget' ); ?>
168
+ </label>
169
+ </div>
170
+ </div>
171
+ <div class="wis-flex-content-column">
172
+ <div id="wis-field-template" class="form-group">
173
+ <label class="form-label" for="template">
174
  <?php _e( 'Template', 'instagram-slider-widget' ); ?>
175
+ </label>
176
+ <select class="form-select" name="template" id="template">
177
  <?php
178
  if ( count( $sliders ) ) {
179
  foreach ( $sliders as $key => $slider ) {
182
  }
183
  }
184
  ?>
185
+ </select>
186
+ <div id="masonry_notice"
187
+ class="masonry_notice jr-description <?php if ( 'masonry' != $instance['template'] ) {
188
  echo 'hidden';
189
  } ?>">
190
  <?php _e( "Not recommended for <strong>sidebar</strong>" ) ?></div>
191
+ </div>
192
+ <div class="masonry_settings" <?php echo 'masonry' != $instance['template'] ? 'style="display:none;"' : ''; ?>>
193
+ <div id="wis-field-gutter" class="form-group">
194
+ <div class="input-group">
195
+ <label class="form-label form-inline" for="gutter">
196
  <?php _e( 'Vertical space between item elements:', 'instagram-slider-widget' ); ?>
197
+ </label>
198
+ <div class="input-group">
199
+ <input class="form-input" id="gutter" name="gutter" type="number" min="0"
200
+ max=""
201
+ value="<?php echo $instance['gutter']; ?>"/>
202
+ <span class="input-group-addon"><?php _e( 'px', 'instagram-slider-widget' ); ?></span>
203
+ </div>
204
+ </div>
205
+ </div>
206
+ <div id="wis-field-masonry_image_width" class="form-group">
207
+ <div class="input-group">
208
+ <label class="form-label form-inline" for="masonry_post_width">
209
  <?php _e( 'Post width:', 'instagram-slider-widget' ); ?>
210
+ </label>
211
+ <div class="input-group">
212
+ <input class="form-input" id="masonry_post_width" name="masonry_post_width"
213
+ type="number" min="0" max=""
214
+ value="<?php echo $instance['masonry_post_width']; ?>"/>
215
+ <span class="input-group-addon"> <?php _e( 'px', 'instagram-slider-widget' ); ?> </span>
216
+ </div>
217
+ </div>
218
+ </div>
219
+ </div>
220
+ </div>
221
+ </div>
222
+ </div>
223
 
224
+ <div id="mob_tab_content_<?php echo $feed_id ?>" class="mob_settings" style="display: none;">
225
+ <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings', 'instagram-slider-widget' ); ?></h3>
226
+ <?php if ( defined( 'WISP_PLUGIN_ACTIVE' ) && $this->plugin->is_premium() ) :
227
  echo apply_filters( 'wis/facebook/mob_settings', '', $this, $instance, $sliders, $options_linkto, $feed_id );
228
  else: ?>
229
+ <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings available only in premium version', 'instagram-slider-widget' ); ?></h3>
230
  <?php endif; ?>
231
+ </div>
232
+ </div>
233
+ </div>
234
+ <div class="wis-feed-save-button-container">
235
+ <input name="wis-feed-save-action" class="wbcr-factory-button wbcr-save-button" type="submit"
236
+ value="<?php _e( 'Save', 'instagram-slider-widget' ); ?>">
237
+ </div>
238
+ </form>
239
  </div>
components/facebook/html_templates/masonry.php CHANGED
@@ -13,52 +13,52 @@ $i = 1;
13
  continue;
14
  }
15
  ?>
16
- <div class="wbfb_masonry_post" style="width: <?= $args['masonry_post_width'] ?>px !important;">
17
  <?php if ( $args['show_feed_header'] ): ?>
18
  <div class="wbfb_masonry_post_header">
19
  <div class="wbfb_profile_pic">
20
- <img src="<?= $account->avatar ?>" alt="" width="50" height="50" style="border-radius: 50px">
21
  </div>
22
  <div class="wbfb_profile_data">
23
- <div class="wbfb_profile_data_name"><a href="https://facebook.com/<?= $account->id ?>"
24
- target="_blank"><?= $account->name ?></a></div>
25
- <div class="wbfb_post_data"><?= time_elapsed_string( $post->created_time ) ?></div>
26
  </div>
27
  </div>
28
  <?php endif; ?>
29
  <div class="wbfb_masonry_post_body">
30
  <div class="wbfb_masonry_post_text">
31
- <a <?= 'fb_link' == $args['fbimages_link'] ? "href='https://facebook.com/$post->id' target='_blank'" : '' ?>
32
- data-remodal-target="<?= $post->id ?>" class="wbfb_popup_link">
33
- <?= $post->message ?>
34
  </a>
35
  </div>
36
  <?php if ( ! empty( $post->attachments ) ) : ?>
37
  <?php foreach ( $post->attachments as $attachment ) : ?>
38
- <a <?= 'fb_link' == $args['fbimages_link'] ? "href='https://facebook.com/$post->id' target='_blank'" : '' ?>
39
- data-remodal-target="<?= $post->id ?>" class="wbfb_popup_link">
40
  <div class="wbfb_masonry_post_attachment">
41
  <?php if ( isset( $post->shared_post ) ): ?>
42
- <a href="<?= "https://facebook.com/" . $post->shared_post->id ?>">
43
  <div class="wbfb_masonry_repost">
44
  <?php if ( ! empty( $post->shared_post->picture ) ): ?>
45
  <div class="wbfb_repost_picture">
46
- <img src="<?= $post->shared_post->picture ?>" alt="">
47
  </div>
48
  <?php endif; ?>
49
  <?php if ( ! empty( $post->shared_post->message ) ): ?>
50
  <div class="wbfb_repost_text">
51
- <?= $post->shared_post->message ?>
52
  </div>
53
  <?php endif; ?>
54
  </div>
55
  </a>
56
  <?php elseif ( 'photo' === $attachment->type || 'gallery' === $attachment->type ): ?>
57
- <img src="<?= $post->full_picture ?>" alt="">
58
  <?php elseif ( 'video_inline' === $attachment->type || 'video_autoplay' === $attachment->type ): ?>
59
- <img src="<?= $attachment->media->image->src ?>" alt="">
60
  <?php else: ?>
61
- <img src="<?= $attachment->media->image->src ?? $post->full_picture ?>" alt="">
62
  <?php endif; ?>
63
  </div>
64
  </a>
@@ -67,7 +67,7 @@ $i = 1;
67
  </div>
68
  <div class="wbfb_masonry_post_footer">
69
  <div class="wbfb_masonry_post_share">
70
- <a href="https://facebook.com/<?= $post->id ?>" target="_blank">View on Facebook</a> | <a href="">Share</a>
71
  </div>
72
  <div class="wbfb_masonry_post_stats">
73
  <ul class="wfb-meta wfb-light">
@@ -77,14 +77,14 @@ $i = 1;
77
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
78
  <path
79
  d="M496.656 285.683C506.583 272.809 512 256 512 235.468c-.001-37.674-32.073-72.571-72.727-72.571h-70.15c8.72-17.368 20.695-38.911 20.695-69.817C389.819 34.672 366.518 0 306.91 0c-29.995 0-41.126 37.918-46.829 67.228-3.407 17.511-6.626 34.052-16.525 43.951C219.986 134.75 184 192 162.382 203.625c-2.189.922-4.986 1.648-8.032 2.223C148.577 197.484 138.931 192 128 192H32c-17.673 0-32 14.327-32 32v256c0 17.673 14.327 32 32 32h96c17.673 0 32-14.327 32-32v-8.74c32.495 0 100.687 40.747 177.455 40.726 5.505.003 37.65.03 41.013 0 59.282.014 92.255-35.887 90.335-89.793 15.127-17.727 22.539-43.337 18.225-67.105 12.456-19.526 15.126-47.07 9.628-69.405zM32 480V224h96v256H32zm424.017-203.648C472 288 472 336 450.41 347.017c13.522 22.76 1.352 53.216-15.015 61.996 8.293 52.54-18.961 70.606-57.212 70.974-3.312.03-37.247 0-40.727 0-72.929 0-134.742-40.727-177.455-40.727V235.625c37.708 0 72.305-67.939 106.183-101.818 30.545-30.545 20.363-81.454 40.727-101.817 50.909 0 50.909 35.517 50.909 61.091 0 42.189-30.545 61.09-30.545 101.817h111.999c22.73 0 40.627 20.364 40.727 40.727.099 20.363-8.001 36.375-23.984 40.727zM104 432c0 13.255-10.745 24-24 24s-24-10.745-24-24 10.745-24 24-24 24 10.745 24 24z"></path></svg><span
80
- class="wfb-count"><?= $post->likes_count ?></span>
81
  </li>
82
  <li class="wfb-shares">
83
  <span class="wfb-icon wfb-share">
84
  <svg width="24px" height="24px" role="img" aria-hidden="true" aria-label="Share" alt="Share"
85
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"><path
86
  d="M564.907 196.35L388.91 12.366C364.216-13.45 320 3.746 320 40.016v88.154C154.548 130.155 0 160.103 0 331.19c0 94.98 55.84 150.231 89.13 174.571 24.233 17.722 58.021-4.992 49.68-34.51C100.937 336.887 165.575 321.972 320 320.16V408c0 36.239 44.19 53.494 68.91 27.65l175.998-184c14.79-15.47 14.79-39.83-.001-55.3zm-23.127 33.18l-176 184c-4.933 5.16-13.78 1.73-13.78-5.53V288c-171.396 0-295.313 9.707-243.98 191.7C72 453.36 32 405.59 32 331.19 32 171.18 194.886 160 352 160V40c0-7.262 8.851-10.69 13.78-5.53l176 184a7.978 7.978 0 0 1 0 11.06z"></path></svg>
87
- <span class="wfb-count"><?= $post->shares_count ?></span>
88
  </li>
89
  <li class="wfb-comments">
90
  <span class="wfb-icon wfb-comment">
@@ -92,7 +92,7 @@ $i = 1;
92
  alt="Comment"
93
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
94
  <path d="M448 0H64C28.7 0 0 28.7 0 64v288c0 35.3 28.7 64 64 64h96v84c0 7.1 5.8 12 12 12 2.4 0 4.9-.7 7.1-2.4L304 416h144c35.3 0 64-28.7 64-64V64c0-35.3-28.7-64-64-64zm32 352c0 17.6-14.4 32-32 32H293.3l-8.5 6.4L192 460v-76H64c-17.6 0-32-14.4-32-32V64c0-17.6 14.4-32 32-32h384c17.6 0 32 14.4 32 32v288z"></path></svg>
95
- <span class="wfb-count"><?= $post->comments_count ?></span>
96
  </li>
97
  </ul>
98
  </div>
13
  continue;
14
  }
15
  ?>
16
+ <div class="wbfb_masonry_post" style="width: <?php echo $args['masonry_post_width'] ?>px !important;">
17
  <?php if ( $args['show_feed_header'] ): ?>
18
  <div class="wbfb_masonry_post_header">
19
  <div class="wbfb_profile_pic">
20
+ <img src="<?php echo $account->avatar ?>" alt="" width="50" height="50" style="border-radius: 50px">
21
  </div>
22
  <div class="wbfb_profile_data">
23
+ <div class="wbfb_profile_data_name"><a href="https://facebook.com/<?php echo $account->id ?>"
24
+ target="_blank"><?php echo $account->name ?></a></div>
25
+ <div class="wbfb_post_data"><?php echo time_elapsed_string( $post->created_time ) ?></div>
26
  </div>
27
  </div>
28
  <?php endif; ?>
29
  <div class="wbfb_masonry_post_body">
30
  <div class="wbfb_masonry_post_text">
31
+ <a <?php echo 'fb_link' == $args['fbimages_link'] ? "href='https://facebook.com/$post->id' target='_blank'" : '' ?>
32
+ data-remodal-target="<?php echo $post->id ?>" class="wbfb_popup_link">
33
+ <?php echo $post->message ?>
34
  </a>
35
  </div>
36
  <?php if ( ! empty( $post->attachments ) ) : ?>
37
  <?php foreach ( $post->attachments as $attachment ) : ?>
38
+ <a <?php echo 'fb_link' == $args['fbimages_link'] ? "href='https://facebook.com/$post->id' target='_blank'" : '' ?>
39
+ data-remodal-target="<?php echo $post->id ?>" class="wbfb_popup_link">
40
  <div class="wbfb_masonry_post_attachment">
41
  <?php if ( isset( $post->shared_post ) ): ?>
42
+ <a href="<?php echo "https://facebook.com/" . $post->shared_post->id ?>">
43
  <div class="wbfb_masonry_repost">
44
  <?php if ( ! empty( $post->shared_post->picture ) ): ?>
45
  <div class="wbfb_repost_picture">
46
+ <img src="<?php echo $post->shared_post->picture ?>" alt="">
47
  </div>
48
  <?php endif; ?>
49
  <?php if ( ! empty( $post->shared_post->message ) ): ?>
50
  <div class="wbfb_repost_text">
51
+ <?php echo $post->shared_post->message ?>
52
  </div>
53
  <?php endif; ?>
54
  </div>
55
  </a>
56
  <?php elseif ( 'photo' === $attachment->type || 'gallery' === $attachment->type ): ?>
57
+ <img src="<?php echo $post->full_picture ?>" alt="">
58
  <?php elseif ( 'video_inline' === $attachment->type || 'video_autoplay' === $attachment->type ): ?>
59
+ <img src="<?php echo $attachment->media->image->src ?>" alt="">
60
  <?php else: ?>
61
+ <img src="<?php echo $attachment->media->image->src ?? $post->full_picture ?>" alt="">
62
  <?php endif; ?>
63
  </div>
64
  </a>
67
  </div>
68
  <div class="wbfb_masonry_post_footer">
69
  <div class="wbfb_masonry_post_share">
70
+ <a href="https://facebook.com/<?php echo $post->id ?>" target="_blank">View on Facebook</a> | <a href="">Share</a>
71
  </div>
72
  <div class="wbfb_masonry_post_stats">
73
  <ul class="wfb-meta wfb-light">
77
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
78
  <path
79
  d="M496.656 285.683C506.583 272.809 512 256 512 235.468c-.001-37.674-32.073-72.571-72.727-72.571h-70.15c8.72-17.368 20.695-38.911 20.695-69.817C389.819 34.672 366.518 0 306.91 0c-29.995 0-41.126 37.918-46.829 67.228-3.407 17.511-6.626 34.052-16.525 43.951C219.986 134.75 184 192 162.382 203.625c-2.189.922-4.986 1.648-8.032 2.223C148.577 197.484 138.931 192 128 192H32c-17.673 0-32 14.327-32 32v256c0 17.673 14.327 32 32 32h96c17.673 0 32-14.327 32-32v-8.74c32.495 0 100.687 40.747 177.455 40.726 5.505.003 37.65.03 41.013 0 59.282.014 92.255-35.887 90.335-89.793 15.127-17.727 22.539-43.337 18.225-67.105 12.456-19.526 15.126-47.07 9.628-69.405zM32 480V224h96v256H32zm424.017-203.648C472 288 472 336 450.41 347.017c13.522 22.76 1.352 53.216-15.015 61.996 8.293 52.54-18.961 70.606-57.212 70.974-3.312.03-37.247 0-40.727 0-72.929 0-134.742-40.727-177.455-40.727V235.625c37.708 0 72.305-67.939 106.183-101.818 30.545-30.545 20.363-81.454 40.727-101.817 50.909 0 50.909 35.517 50.909 61.091 0 42.189-30.545 61.09-30.545 101.817h111.999c22.73 0 40.627 20.364 40.727 40.727.099 20.363-8.001 36.375-23.984 40.727zM104 432c0 13.255-10.745 24-24 24s-24-10.745-24-24 10.745-24 24-24 24 10.745 24 24z"></path></svg><span
80
+ class="wfb-count"><?php echo $post->likes_count ?></span>
81
  </li>
82
  <li class="wfb-shares">
83
  <span class="wfb-icon wfb-share">
84
  <svg width="24px" height="24px" role="img" aria-hidden="true" aria-label="Share" alt="Share"
85
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"><path
86
  d="M564.907 196.35L388.91 12.366C364.216-13.45 320 3.746 320 40.016v88.154C154.548 130.155 0 160.103 0 331.19c0 94.98 55.84 150.231 89.13 174.571 24.233 17.722 58.021-4.992 49.68-34.51C100.937 336.887 165.575 321.972 320 320.16V408c0 36.239 44.19 53.494 68.91 27.65l175.998-184c14.79-15.47 14.79-39.83-.001-55.3zm-23.127 33.18l-176 184c-4.933 5.16-13.78 1.73-13.78-5.53V288c-171.396 0-295.313 9.707-243.98 191.7C72 453.36 32 405.59 32 331.19 32 171.18 194.886 160 352 160V40c0-7.262 8.851-10.69 13.78-5.53l176 184a7.978 7.978 0 0 1 0 11.06z"></path></svg>
87
+ <span class="wfb-count"><?php echo $post->shares_count ?></span>
88
  </li>
89
  <li class="wfb-comments">
90
  <span class="wfb-icon wfb-comment">
92
  alt="Comment"
93
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
94
  <path d="M448 0H64C28.7 0 0 28.7 0 64v288c0 35.3 28.7 64 64 64h96v84c0 7.1 5.8 12 12 12 2.4 0 4.9-.7 7.1-2.4L304 416h144c35.3 0 64-28.7 64-64V64c0-35.3-28.7-64-64-64zm32 352c0 17.6-14.4 32-32 32H293.3l-8.5 6.4L192 460v-76H64c-17.6 0-32-14.4-32-32V64c0-17.6 14.4-32 32-32h384c17.6 0 32 14.4 32 32v288z"></path></svg>
95
+ <span class="wfb-count"><?php echo $post->comments_count ?></span>
96
  </li>
97
  </ul>
98
  </div>
components/facebook/html_templates/popup.php CHANGED
@@ -9,29 +9,29 @@ $account = $args['account'];
9
  <?php
10
  /** @var \WIS\Facebook\Includes\Api\WFB_Facebook_Post $post */
11
  foreach ($args['posts'] as $post): ?>
12
- <div class="remodal" data-remodal-id="<?= $post->id ?>">
13
  <div class="wfb-remodal-container">
14
  <div class="wfb-remodal-pic">
15
- <img src="<?= $post->full_picture ?>" alt="">
16
  </div>
17
  <div class="wfb-remodal-data">
18
  <div class="wfb-remodal-header">
19
  <div class="wbfb_profile_pic">
20
- <img src="<?= $account->avatar ?>" alt="" width="50" height="50" style="border-radius: 50px">
21
  </div>
22
  <div class="wbfb_profile_data">
23
- <div class="wbfb_profile_data_name"><a href="https://facebook.com/<?= $account->id ?>"
24
- target="_blank"><?= $account->name ?></a></div>
25
- <div class="wbfb_post_data"><?= time_elapsed_string($post->created_time) ?></div>
26
  </div>
27
  </div>
28
  <div class="wfb-remodal-text">
29
- <?= $post->message ?>
30
  </div>
31
  <div class="wfb-remodal-stats">
32
  <div class="wbfb_masonry_post_footer">
33
  <div class="wbfb_masonry_post_share">
34
- <a href="https://facebook.com/<?= $post->id ?>" target="_blank">View on Facebook</a> | <a href="">Share</a>
35
  </div>
36
  <div class="wbfb_masonry_post_stats">
37
  <ul class="wfb-meta wfb-light">
@@ -41,21 +41,21 @@ foreach ($args['posts'] as $post): ?>
41
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
42
  <path
43
  d="M496.656 285.683C506.583 272.809 512 256 512 235.468c-.001-37.674-32.073-72.571-72.727-72.571h-70.15c8.72-17.368 20.695-38.911 20.695-69.817C389.819 34.672 366.518 0 306.91 0c-29.995 0-41.126 37.918-46.829 67.228-3.407 17.511-6.626 34.052-16.525 43.951C219.986 134.75 184 192 162.382 203.625c-2.189.922-4.986 1.648-8.032 2.223C148.577 197.484 138.931 192 128 192H32c-17.673 0-32 14.327-32 32v256c0 17.673 14.327 32 32 32h96c17.673 0 32-14.327 32-32v-8.74c32.495 0 100.687 40.747 177.455 40.726 5.505.003 37.65.03 41.013 0 59.282.014 92.255-35.887 90.335-89.793 15.127-17.727 22.539-43.337 18.225-67.105 12.456-19.526 15.126-47.07 9.628-69.405zM32 480V224h96v256H32zm424.017-203.648C472 288 472 336 450.41 347.017c13.522 22.76 1.352 53.216-15.015 61.996 8.293 52.54-18.961 70.606-57.212 70.974-3.312.03-37.247 0-40.727 0-72.929 0-134.742-40.727-177.455-40.727V235.625c37.708 0 72.305-67.939 106.183-101.818 30.545-30.545 20.363-81.454 40.727-101.817 50.909 0 50.909 35.517 50.909 61.091 0 42.189-30.545 61.09-30.545 101.817h111.999c22.73 0 40.627 20.364 40.727 40.727.099 20.363-8.001 36.375-23.984 40.727zM104 432c0 13.255-10.745 24-24 24s-24-10.745-24-24 10.745-24 24-24 24 10.745 24 24z"></path></svg><span
44
- class="wfb-count"><?= $post->likes_count ?></span>
45
  </li>
46
  <li class="wfb-shares">
47
  <span class="wfb-icon wfb-share">
48
  <svg width="24px" height="24px" role="img" aria-hidden="true" aria-label="Share" alt="Share"
49
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"><path
50
  d="M564.907 196.35L388.91 12.366C364.216-13.45 320 3.746 320 40.016v88.154C154.548 130.155 0 160.103 0 331.19c0 94.98 55.84 150.231 89.13 174.571 24.233 17.722 58.021-4.992 49.68-34.51C100.937 336.887 165.575 321.972 320 320.16V408c0 36.239 44.19 53.494 68.91 27.65l175.998-184c14.79-15.47 14.79-39.83-.001-55.3zm-23.127 33.18l-176 184c-4.933 5.16-13.78 1.73-13.78-5.53V288c-171.396 0-295.313 9.707-243.98 191.7C72 453.36 32 405.59 32 331.19 32 171.18 194.886 160 352 160V40c0-7.262 8.851-10.69 13.78-5.53l176 184a7.978 7.978 0 0 1 0 11.06z"></path></svg>
51
- <span class="wfb-count"><?= $post->shares_count ?></span>
52
  </li>
53
  <li class="wfb-comments">
54
  <span class="wfb-icon wfb-comment">
55
  <svg width="24px" height="24px" role="img" aria-hidden="true" aria-label="Comment" alt="Comment"
56
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
57
  <path d="M448 0H64C28.7 0 0 28.7 0 64v288c0 35.3 28.7 64 64 64h96v84c0 7.1 5.8 12 12 12 2.4 0 4.9-.7 7.1-2.4L304 416h144c35.3 0 64-28.7 64-64V64c0-35.3-28.7-64-64-64zm32 352c0 17.6-14.4 32-32 32H293.3l-8.5 6.4L192 460v-76H64c-17.6 0-32-14.4-32-32V64c0-17.6 14.4-32 32-32h384c17.6 0 32 14.4 32 32v288z"></path></svg>
58
- <span class="wfb-count"><?= $post->comments_count ?></span>
59
  </li>
60
  </ul>
61
  </div>
9
  <?php
10
  /** @var \WIS\Facebook\Includes\Api\WFB_Facebook_Post $post */
11
  foreach ($args['posts'] as $post): ?>
12
+ <div class="remodal" data-remodal-id="<?php echo $post->id ?>">
13
  <div class="wfb-remodal-container">
14
  <div class="wfb-remodal-pic">
15
+ <img src="<?php echo $post->full_picture ?>" alt="">
16
  </div>
17
  <div class="wfb-remodal-data">
18
  <div class="wfb-remodal-header">
19
  <div class="wbfb_profile_pic">
20
+ <img src="<?php echo $account->avatar ?>" alt="" width="50" height="50" style="border-radius: 50px">
21
  </div>
22
  <div class="wbfb_profile_data">
23
+ <div class="wbfb_profile_data_name"><a href="https://facebook.com/<?php echo $account->id ?>"
24
+ target="_blank"><?php echo $account->name ?></a></div>
25
+ <div class="wbfb_post_data"><?php echo time_elapsed_string($post->created_time) ?></div>
26
  </div>
27
  </div>
28
  <div class="wfb-remodal-text">
29
+ <?php echo $post->message ?>
30
  </div>
31
  <div class="wfb-remodal-stats">
32
  <div class="wbfb_masonry_post_footer">
33
  <div class="wbfb_masonry_post_share">
34
+ <a href="https://facebook.com/<?php echo $post->id ?>" target="_blank">View on Facebook</a> | <a href="">Share</a>
35
  </div>
36
  <div class="wbfb_masonry_post_stats">
37
  <ul class="wfb-meta wfb-light">
41
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
42
  <path
43
  d="M496.656 285.683C506.583 272.809 512 256 512 235.468c-.001-37.674-32.073-72.571-72.727-72.571h-70.15c8.72-17.368 20.695-38.911 20.695-69.817C389.819 34.672 366.518 0 306.91 0c-29.995 0-41.126 37.918-46.829 67.228-3.407 17.511-6.626 34.052-16.525 43.951C219.986 134.75 184 192 162.382 203.625c-2.189.922-4.986 1.648-8.032 2.223C148.577 197.484 138.931 192 128 192H32c-17.673 0-32 14.327-32 32v256c0 17.673 14.327 32 32 32h96c17.673 0 32-14.327 32-32v-8.74c32.495 0 100.687 40.747 177.455 40.726 5.505.003 37.65.03 41.013 0 59.282.014 92.255-35.887 90.335-89.793 15.127-17.727 22.539-43.337 18.225-67.105 12.456-19.526 15.126-47.07 9.628-69.405zM32 480V224h96v256H32zm424.017-203.648C472 288 472 336 450.41 347.017c13.522 22.76 1.352 53.216-15.015 61.996 8.293 52.54-18.961 70.606-57.212 70.974-3.312.03-37.247 0-40.727 0-72.929 0-134.742-40.727-177.455-40.727V235.625c37.708 0 72.305-67.939 106.183-101.818 30.545-30.545 20.363-81.454 40.727-101.817 50.909 0 50.909 35.517 50.909 61.091 0 42.189-30.545 61.09-30.545 101.817h111.999c22.73 0 40.627 20.364 40.727 40.727.099 20.363-8.001 36.375-23.984 40.727zM104 432c0 13.255-10.745 24-24 24s-24-10.745-24-24 10.745-24 24-24 24 10.745 24 24z"></path></svg><span
44
+ class="wfb-count"><?php echo $post->likes_count ?></span>
45
  </li>
46
  <li class="wfb-shares">
47
  <span class="wfb-icon wfb-share">
48
  <svg width="24px" height="24px" role="img" aria-hidden="true" aria-label="Share" alt="Share"
49
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"><path
50
  d="M564.907 196.35L388.91 12.366C364.216-13.45 320 3.746 320 40.016v88.154C154.548 130.155 0 160.103 0 331.19c0 94.98 55.84 150.231 89.13 174.571 24.233 17.722 58.021-4.992 49.68-34.51C100.937 336.887 165.575 321.972 320 320.16V408c0 36.239 44.19 53.494 68.91 27.65l175.998-184c14.79-15.47 14.79-39.83-.001-55.3zm-23.127 33.18l-176 184c-4.933 5.16-13.78 1.73-13.78-5.53V288c-171.396 0-295.313 9.707-243.98 191.7C72 453.36 32 405.59 32 331.19 32 171.18 194.886 160 352 160V40c0-7.262 8.851-10.69 13.78-5.53l176 184a7.978 7.978 0 0 1 0 11.06z"></path></svg>
51
+ <span class="wfb-count"><?php echo $post->shares_count ?></span>
52
  </li>
53
  <li class="wfb-comments">
54
  <span class="wfb-icon wfb-comment">
55
  <svg width="24px" height="24px" role="img" aria-hidden="true" aria-label="Comment" alt="Comment"
56
  xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
57
  <path d="M448 0H64C28.7 0 0 28.7 0 64v288c0 35.3 28.7 64 64 64h96v84c0 7.1 5.8 12 12 12 2.4 0 4.9-.7 7.1-2.4L304 416h144c35.3 0 64-28.7 64-64V64c0-35.3-28.7-64-64-64zm32 352c0 17.6-14.4 32-32 32H293.3l-8.5 6.4L192 460v-76H64c-17.6 0-32-14.4-32-32V64c0-17.6 14.4-32 32-32h384c17.6 0 32 14.4 32 32v288z"></path></svg>
58
+ <span class="wfb-count"><?php echo $post->comments_count ?></span>
59
  </li>
60
  </ul>
61
  </div>
components/facebook/includes/class-facebook-profiles.php CHANGED
@@ -118,7 +118,7 @@ class WIS_Facebook_Profiles extends WIS_Profiles {
118
  Choose Account:
119
  </div>
120
  <div class="wis_modal_content">
121
- <?= $choose_account_html; ?>
122
  </div>
123
  </div>
124
  <div id="wis_modal_overlay" class="wis_modal_overlay"></div>
118
  Choose Account:
119
  </div>
120
  <div class="wis_modal_content">
121
+ <?php echo $choose_account_html; ?>
122
  </div>
123
  </div>
124
  <div id="wis_modal_overlay" class="wis_modal_overlay"></div>
components/facebook/load.php CHANGED
@@ -8,7 +8,7 @@ define( 'WFB_COMPONENT_VIEWS_DIR', WFB_COMPONENT_DIR . '/html_templates' );
8
 
9
  define( 'WIS_FACEBOOK_ACCOUNT_PROFILES_OPTION_NAME', 'facebook_account_profiles' );
10
 
11
- define( 'WFB_FACEBOOK_SELF_URL', 'https://graph.facebook.com/' );
12
 
13
  require_once WFB_COMPONENT_DIR . "/includes/functions.php";
14
  require_once WFB_COMPONENT_DIR . "/includes/Api/facebook-account.php";
8
 
9
  define( 'WIS_FACEBOOK_ACCOUNT_PROFILES_OPTION_NAME', 'facebook_account_profiles' );
10
 
11
+ define( 'WFB_FACEBOOK_SELF_URL', 'https://graph.facebook.com/v7.0/' );
12
 
13
  require_once WFB_COMPONENT_DIR . "/includes/functions.php";
14
  require_once WFB_COMPONENT_DIR . "/includes/Api/facebook-account.php";
components/instagram/html_templates/form-feed.php CHANGED
@@ -20,6 +20,7 @@ $search_for = $instance['search_for'] ?? '';
20
  } ?>
21
  </h2>
22
  <form action="" method="post" name="wis-feed-add-form" id="wis-feed-add-form">
 
23
  <div class="jr-container">
24
  <div class="isw-common-settings">
25
  <div class="wis-flex-content">
@@ -28,7 +29,7 @@ $search_for = $instance['search_for'] ?? '';
28
  <label for="title" class="form-label"><?php _e( 'Title:', 'instagram-slider-widget' ); ?></label>
29
  <input class="form-input" id="title"
30
  name="title"
31
- value="<?php echo $instance['title']; ?>"/>
32
  </div>
33
  <div class="form-group">
34
  <label for="title"
@@ -109,7 +110,7 @@ $search_for = $instance['search_for'] ?? '';
109
  <div class="input-group">
110
  <span class="input-group-addon">instagram.com/</span>
111
  <input id="username" class="form-input" name="username"
112
- value="<?php echo $instance['username']; ?>"/>
113
  </div>
114
  </div>
115
  <div class="form-group" id="wis-feed-hashtag"
@@ -128,7 +129,7 @@ $search_for = $instance['search_for'] ?? '';
128
  <label class="form-label"
129
  for="blocked_users"><?php _e( 'Block Users', 'instagram-slider-widget' ); ?></label>
130
  <input class="form-input" id="blocked_users" name="blocked_users"
131
- value="<?php echo $instance['blocked_users']; ?>"/>
132
  <div class="jr-description"><?php _e( 'Enter words separated by commas whose images you don\'t want to show', 'instagram-slider-widget' ); ?></div>
133
  </div>
134
  <div class="form-group">
@@ -161,13 +162,13 @@ $search_for = $instance['search_for'] ?? '';
161
 
162
  <div class="isw-tabs">
163
  <ul>
164
- <li class="desk_tab active" id="desk_tab_<?= $feed_id ?>" data-tab-id="<?= $feed_id ?>"><?php _e( 'Desktop', 'instagram-slider-widget' ); ?></li>
165
- <li class="mob_tab" id="mob_tab_<?= $feed_id ?>" data-tab-id="<?= $feed_id ?>"><?php _e( 'Mobile', 'instagram-slider-widget' ); ?></li>
166
  </ul>
167
  </div>
168
 
169
- <div class="isw-tabs-content" id="widget_tabs_<?= $feed_id ?>" data-widget-id="<?= $feed_id ?>">
170
- <div id="desk_tab_content_<?= $feed_id ?>" class="desk_settings">
171
  <h3 style="width: 100%; text-align: center"><?php _e( 'Desktop settings', 'instagram-slider-widget' ); ?></h3>
172
  <div class="wis-flex-content">
173
  <div class="wis-flex-content-column">
@@ -239,7 +240,7 @@ $search_for = $instance['search_for'] ?? '';
239
  </div>
240
  <div id="wis-field-custom_url" class="form-group" <?php echo 'custom_url' !== $instance['images_link'] ? 'style="display:none;' : '' ?>>
241
  <label class="form-label" for="custom_url"><?php _e( 'Custom link:', 'instagram-slider-widget' ); ?></label>
242
- <input class="form-input" id="custom_url" name="custom_url" value="<?php echo $instance['custom_url']; ?>"/>
243
  <span class="jr-description"><?php _e( '* use this field only if the above option is set to <strong>Custom Link</strong>', 'instagram-slider-widget' ); ?></span>
244
  </div>
245
  <div id="wis-field-show_feed_header" class="form-group"
@@ -284,22 +285,22 @@ $search_for = $instance['search_for'] ?? '';
284
  </label>
285
  </div>
286
  <div id="wis-field-blocked_words" class="form-group"
287
- <?php echo 'hashtag' == $search_for ? 'style="display:none;"' : ''; ?>>
288
  <label class="form-label" for="blocked_words">
289
  <?php _e( 'Block words', 'instagram-slider-widget' ); ?>
290
  </label>
291
  <input class="form-input" id="blocked_words" name="blocked_words"
292
- value="<?php echo $instance['blocked_words']; ?>"/>
293
  <div class="jr-description"><?php _e( 'Enter comma-separated words. If one of them occurs in the image description, the image will not be displayed', 'instagram-slider-widget' ); ?></div>
294
  </div>
295
  <div id="wis-field-allowed_words" class="form-group"
296
- <?php echo 'hashtag' == $search_for ? 'style="display:none;"' : ''; ?>>
297
  <label class="form-label" for="allowed_words">
298
  <?php _e( 'Allow words', 'instagram-slider-widget' ); ?>
299
  </label>
300
  <input class="form-input" id="allowed_words"
301
  name="allowed_words"
302
- value="<?php echo $instance['allowed_words']; ?>"/>
303
  <div class="jr-description"><?php _e( 'Enter comma-separated words. If one of them occurs in the image description, the image will be displayed', 'instagram-slider-widget' ); ?></div>
304
  </div>
305
  </div>
@@ -371,7 +372,7 @@ $search_for = $instance['search_for'] ?? '';
371
  </div>
372
  </div>
373
  </div>
374
- <div class="masonry_lite_settings" <?php echo 'masonry_lite' != $instance['template'] ? 'style="display:none;"' : ''; ?>>
375
  <div id="wis-field-masonry-cols" class="form-group">
376
  <div class="input-group">
377
  <label class="form-label form-inline" for="masonry_lite_cols">
@@ -402,7 +403,7 @@ $search_for = $instance['search_for'] ?? '';
402
  </div>
403
 
404
  </div>
405
- <div class="slick_settings" <?php echo 'slick_slider' != $instance['template'] ? 'style="display:none;"' : ''; ?>>
406
  <div id="wis-field-enable_control_buttons" class="form-group">
407
  <label class="form-switch" for="enable_control_buttons">
408
  <input class="form-input" id="enable_control_buttons" name="enable_control_buttons" type="checkbox" value="1"
@@ -492,7 +493,7 @@ $search_for = $instance['search_for'] ?? '';
492
  </div>
493
 
494
  </div>
495
- <div class="shopifeed_settings" <?php echo 'showcase' != $instance['template'] ? 'style="display:none;"' : ''; ?>>
496
  <div id="wis-field-shopifeed_phone" class="form-group">
497
  <label class="form-label" for="shopifeed_phone">
498
  <?php _e( 'Phone', 'instagram-slider-widget' ); ?>
@@ -567,7 +568,7 @@ $search_for = $instance['search_for'] ?? '';
567
  <label class="form-label" for="description"><?php _e( 'Slider Text Description:', 'instagram-slider-widget' ); ?></label>
568
  <select size='3' class='form-select' id="description" name="description[]" multiple="multiple">
569
  <option value='username' <?php $this_feed->selected( $instance['description'], 'username' ); ?>
570
- class="<?php echo 'hashtag' == $search_for ? 'hidden' : '' ?>"><?php _e( 'Username', 'instagram-slider-widget' ); ?></option>
571
  <option value='time'<?php $this_feed->selected( $instance['description'], 'time' ); ?>><?php _e( 'Time', 'instagram-slider-widget' ); ?></option>
572
  <option value='caption'<?php $this_feed->selected( $instance['description'], 'caption' ); ?>><?php _e( 'Caption', 'instagram-slider-widget' ); ?></option>
573
  </select>
@@ -577,7 +578,7 @@ $search_for = $instance['search_for'] ?? '';
577
  </div>
578
  </div>
579
  </div>
580
- <div id="mob_tab_content_<?= $feed_id ?>" class="mob_settings" style="display: none;">
581
  <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings', 'instagram-slider-widget' ); ?></h3>
582
  <?php if ( defined( 'WISP_PLUGIN_ACTIVE' ) && $this->plugin->is_premium() ) :
583
  echo apply_filters( 'wis/mob_settings', '', $this_feed, $instance, $sliders, $options_linkto, $feed_id );
20
  } ?>
21
  </h2>
22
  <form action="" method="post" name="wis-feed-add-form" id="wis-feed-add-form">
23
+ <?php wp_nonce_field('wis_edit_feed','csrf_check'); ?>
24
  <div class="jr-container">
25
  <div class="isw-common-settings">
26
  <div class="wis-flex-content">
29
  <label for="title" class="form-label"><?php _e( 'Title:', 'instagram-slider-widget' ); ?></label>
30
  <input class="form-input" id="title"
31
  name="title"
32
+ value="<?php echo esc_html($instance['title'] ); ?>"/>
33
  </div>
34
  <div class="form-group">
35
  <label for="title"
110
  <div class="input-group">
111
  <span class="input-group-addon">instagram.com/</span>
112
  <input id="username" class="form-input" name="username"
113
+ value="<?php echo esc_attr( $instance['username'] ); ?>"/>
114
  </div>
115
  </div>
116
  <div class="form-group" id="wis-feed-hashtag"
129
  <label class="form-label"
130
  for="blocked_users"><?php _e( 'Block Users', 'instagram-slider-widget' ); ?></label>
131
  <input class="form-input" id="blocked_users" name="blocked_users"
132
+ value="<?php echo esc_attr( $instance['blocked_users'] ); ?>"/>
133
  <div class="jr-description"><?php _e( 'Enter words separated by commas whose images you don\'t want to show', 'instagram-slider-widget' ); ?></div>
134
  </div>
135
  <div class="form-group">
162
 
163
  <div class="isw-tabs">
164
  <ul>
165
+ <li class="desk_tab active" id="desk_tab_<?php echo $feed_id ?>" data-tab-id="<?php echo $feed_id ?>"><?php _e( 'Desktop', 'instagram-slider-widget' ); ?></li>
166
+ <li class="mob_tab" id="mob_tab_<?php echo $feed_id ?>" data-tab-id="<?php echo $feed_id ?>"><?php _e( 'Mobile', 'instagram-slider-widget' ); ?></li>
167
  </ul>
168
  </div>
169
 
170
+ <div class="isw-tabs-content" id="widget_tabs_<?php echo $feed_id ?>" data-widget-id="<?php echo $feed_id ?>">
171
+ <div id="desk_tab_content_<?php echo $feed_id ?>" class="desk_settings">
172
  <h3 style="width: 100%; text-align: center"><?php _e( 'Desktop settings', 'instagram-slider-widget' ); ?></h3>
173
  <div class="wis-flex-content">
174
  <div class="wis-flex-content-column">
240
  </div>
241
  <div id="wis-field-custom_url" class="form-group" <?php echo 'custom_url' !== $instance['images_link'] ? 'style="display:none;' : '' ?>>
242
  <label class="form-label" for="custom_url"><?php _e( 'Custom link:', 'instagram-slider-widget' ); ?></label>
243
+ <input class="form-input" id="custom_url" name="custom_url" value="<?php echo esc_url_raw($instance['custom_url'] ); ?>"/>
244
  <span class="jr-description"><?php _e( '* use this field only if the above option is set to <strong>Custom Link</strong>', 'instagram-slider-widget' ); ?></span>
245
  </div>
246
  <div id="wis-field-show_feed_header" class="form-group"
285
  </label>
286
  </div>
287
  <div id="wis-field-blocked_words" class="form-group"
288
+ <?php echo 'hashtag' === $search_for ? 'style="display:none;"' : ''; ?>>
289
  <label class="form-label" for="blocked_words">
290
  <?php _e( 'Block words', 'instagram-slider-widget' ); ?>
291
  </label>
292
  <input class="form-input" id="blocked_words" name="blocked_words"
293
+ value="<?php echo esc_attr( $instance['blocked_words'] ); ?>"/>
294
  <div class="jr-description"><?php _e( 'Enter comma-separated words. If one of them occurs in the image description, the image will not be displayed', 'instagram-slider-widget' ); ?></div>
295
  </div>
296
  <div id="wis-field-allowed_words" class="form-group"
297
+ <?php echo 'hashtag' === $search_for ? 'style="display:none;"' : ''; ?>>
298
  <label class="form-label" for="allowed_words">
299
  <?php _e( 'Allow words', 'instagram-slider-widget' ); ?>
300
  </label>
301
  <input class="form-input" id="allowed_words"
302
  name="allowed_words"
303
+ value="<?php echo esc_attr( $instance['allowed_words'] ); ?>"/>
304
  <div class="jr-description"><?php _e( 'Enter comma-separated words. If one of them occurs in the image description, the image will be displayed', 'instagram-slider-widget' ); ?></div>
305
  </div>
306
  </div>
372
  </div>
373
  </div>
374
  </div>
375
+ <div class="masonry_lite_settings" <?php echo 'masonry_lite' !== $instance['template'] ? 'style="display:none;"' : ''; ?>>
376
  <div id="wis-field-masonry-cols" class="form-group">
377
  <div class="input-group">
378
  <label class="form-label form-inline" for="masonry_lite_cols">
403
  </div>
404
 
405
  </div>
406
+ <div class="slick_settings" <?php echo 'slick_slider' !== $instance['template'] ? 'style="display:none;"' : ''; ?>>
407
  <div id="wis-field-enable_control_buttons" class="form-group">
408
  <label class="form-switch" for="enable_control_buttons">
409
  <input class="form-input" id="enable_control_buttons" name="enable_control_buttons" type="checkbox" value="1"
493
  </div>
494
 
495
  </div>
496
+ <div class="shopifeed_settings" <?php echo 'showcase' !== $instance['template'] ? 'style="display:none;"' : ''; ?>>
497
  <div id="wis-field-shopifeed_phone" class="form-group">
498
  <label class="form-label" for="shopifeed_phone">
499
  <?php _e( 'Phone', 'instagram-slider-widget' ); ?>
568
  <label class="form-label" for="description"><?php _e( 'Slider Text Description:', 'instagram-slider-widget' ); ?></label>
569
  <select size='3' class='form-select' id="description" name="description[]" multiple="multiple">
570
  <option value='username' <?php $this_feed->selected( $instance['description'], 'username' ); ?>
571
+ class="<?php echo 'hashtag' === $search_for ? 'hidden' : '' ?>"><?php _e( 'Username', 'instagram-slider-widget' ); ?></option>
572
  <option value='time'<?php $this_feed->selected( $instance['description'], 'time' ); ?>><?php _e( 'Time', 'instagram-slider-widget' ); ?></option>
573
  <option value='caption'<?php $this_feed->selected( $instance['description'], 'caption' ); ?>><?php _e( 'Caption', 'instagram-slider-widget' ); ?></option>
574
  </select>
578
  </div>
579
  </div>
580
  </div>
581
+ <div id="mob_tab_content_<?php echo $feed_id ?>" class="mob_settings" style="display: none;">
582
  <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings', 'instagram-slider-widget' ); ?></h3>
583
  <?php if ( defined( 'WISP_PLUGIN_ACTIVE' ) && $this->plugin->is_premium() ) :
584
  echo apply_filters( 'wis/mob_settings', '', $this_feed, $instance, $sliders, $options_linkto, $feed_id );
components/instagram/includes/class-instagram-feed.php CHANGED
@@ -99,11 +99,11 @@ class WIS_Instagram_Feed extends WIS_Feed {
99
  */
100
  public $profiles;
101
 
102
- const USERNAME_URL = 'https://www.instagram.com/{username}/';
103
- const TAG_URL = 'https://www.instagram.com/explore/tags/{tag}/?__a=1';
104
- const USERS_SELF_URL = 'https://graph.instagram.com/me';
105
  const USERS_SELF_MEDIA_URL = 'https://graph.instagram.com/';
106
- const USERS_SELF_URL_NEW = 'https://graph.facebook.com/';
107
 
108
  /**
109
  * Instagram feed constructor.
@@ -403,21 +403,21 @@ class WIS_Instagram_Feed extends WIS_Feed {
403
  }
404
 
405
  $args = [
406
- 'access_token' => $account['token'],
407
  'fields' => 'id,username,caption,comments_count,like_count,media_type,media_url,permalink,timestamp,children{media_url,media_type},owner,thumbnail_url',
 
408
  'limit' => 50,
409
  ];
410
 
411
- $url = WFB_FACEBOOK_SELF_URL . $account['id'] . '/media';
412
- $response = wp_remote_get( esc_url(add_query_arg( $args, $url )) );
413
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
414
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
415
  $results = $media['data'];
416
 
417
  $stories_url = WFB_FACEBOOK_SELF_URL . $account['id'] . '/stories';
418
  $url = add_query_arg( [
419
- 'access_token' => $account['token'],
420
  'fields' => 'media_type,media_url,permalink,timestamp',
 
421
  ], $stories_url );
422
  $stories_response = wp_remote_get( $url );
423
  if ( 200 == wp_remote_retrieve_response_code( $stories_response ) ) {
@@ -448,8 +448,8 @@ class WIS_Instagram_Feed extends WIS_Feed {
448
  'limit' => 50,
449
  'access_token' => $account['token'],
450
  ];
451
- $url = WIG_USERS_SELF_MEDIA_URL . $account['id'];
452
- $response = wp_remote_get( esc_url(add_query_arg( $args, $url )) );
453
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
454
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
455
  $results = $media['media']['data'];
@@ -473,7 +473,7 @@ class WIS_Instagram_Feed extends WIS_Feed {
473
  'q' => $search_string,
474
  ];
475
  $url = WFB_FACEBOOK_SELF_URL . 'ig_hashtag_search';
476
- $response = wp_remote_get( esc_url(add_query_arg( $args, $url )) );
477
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
478
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
479
  $args = [
@@ -484,7 +484,7 @@ class WIS_Instagram_Feed extends WIS_Feed {
484
  'limit' => 50,
485
  ];
486
  $url = WFB_FACEBOOK_SELF_URL . $media['data'][0]['id'] . '/recent_media';
487
- $response = wp_remote_get( esc_url(add_query_arg( $args, $url )) );
488
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
489
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
490
  $media['hashtag'] = true;
@@ -867,7 +867,7 @@ class WIS_Instagram_Feed extends WIS_Feed {
867
  ];
868
 
869
  $url = WIG_USERS_SELF_URL;
870
- $url = esc_url(add_query_arg( $args, $url ));
871
  $response = wp_remote_get( $url );
872
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
873
  $user = json_decode( wp_remote_retrieve_body( $response ), true );
99
  */
100
  public $profiles;
101
 
102
+ const USERNAME_URL = 'https://www.instagram.com/{username}/';
103
+ const TAG_URL = 'https://www.instagram.com/explore/tags/{tag}/?__a=1';
104
+ const USERS_SELF_URL = 'https://graph.instagram.com/me';
105
  const USERS_SELF_MEDIA_URL = 'https://graph.instagram.com/';
106
+ const USERS_SELF_URL_NEW = 'https://graph.facebook.com/';
107
 
108
  /**
109
  * Instagram feed constructor.
403
  }
404
 
405
  $args = [
 
406
  'fields' => 'id,username,caption,comments_count,like_count,media_type,media_url,permalink,timestamp,children{media_url,media_type},owner,thumbnail_url',
407
+ 'access_token' => $account['token'],
408
  'limit' => 50,
409
  ];
410
 
411
+ $url = add_query_arg( $args, WFB_FACEBOOK_SELF_URL . $account['id'] . '/media' );
412
+ $response = wp_remote_get( $url ); // phpcs:ignore
413
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
414
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
415
  $results = $media['data'];
416
 
417
  $stories_url = WFB_FACEBOOK_SELF_URL . $account['id'] . '/stories';
418
  $url = add_query_arg( [
 
419
  'fields' => 'media_type,media_url,permalink,timestamp',
420
+ 'access_token' => $account['token'],
421
  ], $stories_url );
422
  $stories_response = wp_remote_get( $url );
423
  if ( 200 == wp_remote_retrieve_response_code( $stories_response ) ) {
448
  'limit' => 50,
449
  'access_token' => $account['token'],
450
  ];
451
+ $url = add_query_arg( $args, WIG_USERS_SELF_MEDIA_URL . $account['id'] );
452
+ $response = wp_remote_get( $url ); // phpcs:ignore
453
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
454
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
455
  $results = $media['media']['data'];
473
  'q' => $search_string,
474
  ];
475
  $url = WFB_FACEBOOK_SELF_URL . 'ig_hashtag_search';
476
+ $response = wp_remote_get( esc_url_raw( add_query_arg( $args, $url ) ) );
477
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
478
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
479
  $args = [
484
  'limit' => 50,
485
  ];
486
  $url = WFB_FACEBOOK_SELF_URL . $media['data'][0]['id'] . '/recent_media';
487
+ $response = wp_remote_get( esc_url_raw( add_query_arg( $args, $url ) ) );
488
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
489
  $media = json_decode( wp_remote_retrieve_body( $response ), true );
490
  $media['hashtag'] = true;
867
  ];
868
 
869
  $url = WIG_USERS_SELF_URL;
870
+ $url = esc_url_raw( add_query_arg( $args, $url ) );
871
  $response = wp_remote_get( $url );
872
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
873
  $user = json_decode( wp_remote_retrieve_body( $response ), true );
components/instagram/includes/class-instagram-profiles.php CHANGED
@@ -46,7 +46,7 @@ class WIS_Instagram_Profiles extends WIS_Profiles {
46
  wp_verify_nonce( $_POST['_ajax_nonce'], 'addAccountByToken' );
47
 
48
  $account = json_decode( stripslashes( $_POST['account'] ), true );
49
- $user_profile = array();
50
  $user_profile = apply_filters( 'wis/account/profiles', $user_profile, true );
51
 
52
  if ( ! WIS_Plugin::app()->is_premium() && $this->count_accounts() >= 1 ) {
@@ -83,40 +83,49 @@ class WIS_Instagram_Profiles extends WIS_Profiles {
83
  if ( $is_business ) {
84
  //Получаем аккаунты привязанные к фейсбуку
85
  $args = [
86
- 'access_token' => $token,
87
- 'fields' => 'instagram_business_account',
88
- 'limit' => 200,
89
  ];
90
  $url = WFB_FACEBOOK_SELF_URL . "me/accounts";
91
- $response = wp_remote_get( esc_url(add_query_arg( $args, $url )) );
92
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
93
  $pages = json_decode( wp_remote_retrieve_body( $response ), true );
94
  //$username = $result['data'][0]['name'];
95
  $html = "";
96
  $users = [];
97
  foreach ( $pages['data'] as $key => $r ) {
98
- if ( isset( $r['instagram_business_account'] ) && isset( $r['instagram_business_account']['id'] ) ) {
99
- $args = [
100
- 'fields' => 'username,id,followers_count,follows_count,media_count,name,profile_picture_url',
101
  'access_token' => $token,
102
- ];
103
- $url = WFB_FACEBOOK_SELF_URL . $r['instagram_business_account']['id'];
104
- $response = wp_remote_get( esc_url(add_query_arg( $args, $url )) );
105
- if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
106
- $result = json_decode( wp_remote_retrieve_body( $response ), true );
107
- $result['token'] = $token;
108
- $users[] = $result;
109
- $html .= "<div class='wis-row wis-row-style' id='wis-instagram-row' data-account='" . json_encode( $result ) . "'>";
110
- $html .= "<div class='wis-col-1 wis-col1-style'><img src='{$result['profile_picture_url']}' width='50' alt='{$result['username']}'></div>";
111
- $html .= "<div class='wis-col-2 wis-col2-style'>{$result['name']}<br>@{$result['username']}</div>";
112
- $html .= "</div>";
113
- }
114
- if ( "" !== $username && $username == $result['username'] ?? '' ) {
115
- $user_profile = [];
116
- $user_profile = apply_filters( 'wis/account/profiles', $user_profile, true );
117
-
118
- $user_profile[ $result['username'] ] = $result;
119
- WIS_Plugin::app()->updateOption( WIG_BUSINESS_PROFILES_OPTION, $user_profile );
 
 
 
 
 
 
 
 
 
 
 
120
  }
121
  }
122
  }
@@ -138,12 +147,12 @@ class WIS_Instagram_Profiles extends WIS_Profiles {
138
  }
139
 
140
  $args = [
141
- 'fields' => 'id,media_count,username',
142
- 'access_token' => $token,
143
  ];
144
 
145
  $url = WIG_USERS_SELF_URL;
146
- $url = esc_url(add_query_arg( $args, $url ));
147
  $response = wp_remote_get( $url );
148
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
149
  $user = json_decode( wp_remote_retrieve_body( $response ), true );
@@ -182,12 +191,12 @@ class WIS_Instagram_Profiles extends WIS_Profiles {
182
  */
183
  public function refresh_token( $token ) {
184
  $args = [
185
- 'grant_type' => 'ig_refresh_token',
186
- 'access_token' => $token,
187
  ];
188
 
189
  $url = WIG_USERS_SELF_MEDIA_URL . 'refresh_access_token';
190
- $url = esc_url(add_query_arg( $args, $url ));
191
  $response = wp_remote_get( $url );
192
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
193
  $new = json_decode( wp_remote_retrieve_body( $response ), true );
@@ -210,23 +219,23 @@ class WIS_Instagram_Profiles extends WIS_Profiles {
210
  if ( isset( $_GET['token_error'] ) ) {
211
  $token_error = wp_strip_all_tags( $_GET['token_error'] );
212
  echo '<div class="notice notice-error"><p>' . $token_error . '</p></div>';
213
- $_SERVER['REQUEST_URI'] = str_replace( '#_', '', esc_url(remove_query_arg( 'token_error' )) );
214
  } else {
215
  if ( isset( $_GET['access_token'] ) ) {
216
  $token = $_GET['access_token'];
217
  $result = $this->update_account_profiles( $token, true );
218
- $_SERVER['REQUEST_URI'] = esc_url(remove_query_arg( 'access_token' ));
219
  ?>
220
- <div id="wis_accounts_modal" class="wis_accounts_modal">
221
- <div class="wis_modal_header">
222
- Choose Account:
223
- </div>
224
- <div class="wis_modal_content">
225
  <?php echo $result[0]; ?>
226
- </div>
227
- </div>
228
- <div id="wis_modal_overlay" class="wis_modal_overlay"></div>
229
- <span class="wis-overlay-spinner is-active">&nbsp;</span>
230
  <?php
231
  }
232
  }
@@ -234,40 +243,40 @@ class WIS_Instagram_Profiles extends WIS_Profiles {
234
  if ( isset( $_GET['token_error'] ) ) {
235
  $token_error = wp_strip_all_tags( $_GET['token_error'] );
236
  echo '<div class="notice notice-error"><p>' . $token_error . '</p></div>';
237
- $_SERVER['REQUEST_URI'] = str_replace( '#_', '', esc_url(remove_query_arg( 'token_error' )) );
238
  } else {
239
  if ( isset( $_GET['access_token'] ) ) {
240
  $token = $_GET['access_token'];
241
  $result = $this->update_account_profiles( $token );
242
- $_SERVER['REQUEST_URI'] = str_replace( '#_', '', esc_url(remove_query_arg( 'access_token' )) );
243
  }
244
  }
245
  }
246
  }
247
  $authorize_url_instagram = "https://api.instagram.com/oauth/authorize?" . http_build_query( [
248
- "client_id" => WIS_INSTAGRAM_CLIENT_ID,
249
- "redirect_uri" => "https://instagram.cm-wp.com/basic-api",
250
- "scope" => "user_profile,user_media",
251
- "response_type" => "code",
252
- "state" => $this->getSocialUrl(),
253
- ] );
254
 
255
  $authorize_url_business = "https://instagram.cm-wp.com/api/?" . http_build_query( [
256
- "app_id" => WIS_FACEBOOK_CLIENT_ID,
257
- "state" => $this->getSocialUrl() . '&type=business',
258
- ] );
259
 
260
  $accounts = WIS_Plugin::app()->getPopulateOption( WIG_PROFILES_OPTION, [] );
261
  $accounts_business = WIS_Plugin::app()->getPopulateOption( WIG_BUSINESS_PROFILES_OPTION, [] );
262
 
263
 
264
  $data = [
265
- 'is_premium' => WIS_Plugin::app()->is_premium(),
266
- 'authorize_url_instagram' => $authorize_url_instagram,
267
- 'authorize_url_business' => $authorize_url_business,
268
- 'accounts' => $accounts,
269
- 'accounts_business' => $accounts_business,
270
- 'social' => $this->social,
271
  ];
272
  $result = $this->page->render( WIG_COMPONENT_VIEWS_DIR . '/accounts', $data );
273
 
46
  wp_verify_nonce( $_POST['_ajax_nonce'], 'addAccountByToken' );
47
 
48
  $account = json_decode( stripslashes( $_POST['account'] ), true );
49
+ $user_profile = [];
50
  $user_profile = apply_filters( 'wis/account/profiles', $user_profile, true );
51
 
52
  if ( ! WIS_Plugin::app()->is_premium() && $this->count_accounts() >= 1 ) {
83
  if ( $is_business ) {
84
  //Получаем аккаунты привязанные к фейсбуку
85
  $args = [
86
+ 'access_token' => $token,
87
+ 'fields' => 'instagram_business_account',
88
+ 'limit' => 200,
89
  ];
90
  $url = WFB_FACEBOOK_SELF_URL . "me/accounts";
91
+ $response = wp_remote_get( esc_url_raw( add_query_arg( $args, $url ) ) );
92
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
93
  $pages = json_decode( wp_remote_retrieve_body( $response ), true );
94
  //$username = $result['data'][0]['name'];
95
  $html = "";
96
  $users = [];
97
  foreach ( $pages['data'] as $key => $r ) {
98
+ $args = [
 
 
99
  'access_token' => $token,
100
+ 'fields' => 'instagram_business_account',
101
+ ];
102
+ $url = WFB_FACEBOOK_SELF_URL . $r['id'];
103
+ $response = wp_remote_get( esc_url_raw( add_query_arg( $args, $url ) ) );
104
+ if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
105
+ $ig_account = json_decode( wp_remote_retrieve_body( $response ), true );
106
+ if ( isset( $ig_account['instagram_business_account']['id'] ) ) {
107
+ $args = [
108
+ 'fields' => 'username,id,followers_count,follows_count,media_count,name,profile_picture_url',
109
+ 'access_token' => $token,
110
+ ];
111
+ $url = add_query_arg( $args, WFB_FACEBOOK_SELF_URL . $ig_account['instagram_business_account']['id'] );
112
+ $response = wp_remote_get( esc_url_raw( $url ) );
113
+ if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
114
+ $result = json_decode( wp_remote_retrieve_body( $response ), true );
115
+ $result['token'] = $token;
116
+ $users[] = $result;
117
+ $html .= "<div class='wis-row wis-row-style' id='wis-instagram-row' data-account='" . json_encode( $result ) . "'>";
118
+ $html .= "<div class='wis-col-1 wis-col1-style'><img src='{$result['profile_picture_url']}' width='50' alt='{$result['username']}'></div>";
119
+ $html .= "<div class='wis-col-2 wis-col2-style'>{$result['name']}<br>@{$result['username']}</div>";
120
+ $html .= "</div>";
121
+ }
122
+ if ( "" !== $username && $username == $result['username'] ?? '' ) {
123
+ $user_profile = [];
124
+ $user_profile = apply_filters( 'wis/account/profiles', $user_profile, true );
125
+
126
+ $user_profile[ $result['username'] ] = $result;
127
+ WIS_Plugin::app()->updateOption( WIG_BUSINESS_PROFILES_OPTION, $user_profile );
128
+ }
129
  }
130
  }
131
  }
147
  }
148
 
149
  $args = [
150
+ 'fields' => 'id,media_count,username',
151
+ 'access_token' => $token,
152
  ];
153
 
154
  $url = WIG_USERS_SELF_URL;
155
+ $url = esc_url_raw( add_query_arg( $args, $url ) );
156
  $response = wp_remote_get( $url );
157
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
158
  $user = json_decode( wp_remote_retrieve_body( $response ), true );
191
  */
192
  public function refresh_token( $token ) {
193
  $args = [
194
+ 'grant_type' => 'ig_refresh_token',
195
+ 'access_token' => $token,
196
  ];
197
 
198
  $url = WIG_USERS_SELF_MEDIA_URL . 'refresh_access_token';
199
+ $url = esc_url_raw( add_query_arg( $args, $url ) );
200
  $response = wp_remote_get( $url );
201
  if ( 200 == wp_remote_retrieve_response_code( $response ) ) {
202
  $new = json_decode( wp_remote_retrieve_body( $response ), true );
219
  if ( isset( $_GET['token_error'] ) ) {
220
  $token_error = wp_strip_all_tags( $_GET['token_error'] );
221
  echo '<div class="notice notice-error"><p>' . $token_error . '</p></div>';
222
+ $_SERVER['REQUEST_URI'] = str_replace( '#_', '', esc_url_raw( remove_query_arg( 'token_error' ) ) );
223
  } else {
224
  if ( isset( $_GET['access_token'] ) ) {
225
  $token = $_GET['access_token'];
226
  $result = $this->update_account_profiles( $token, true );
227
+ $_SERVER['REQUEST_URI'] = esc_url_raw( remove_query_arg( 'access_token' ) );
228
  ?>
229
+ <div id="wis_accounts_modal" class="wis_accounts_modal">
230
+ <div class="wis_modal_header">
231
+ Choose Account:
232
+ </div>
233
+ <div class="wis_modal_content">
234
  <?php echo $result[0]; ?>
235
+ </div>
236
+ </div>
237
+ <div id="wis_modal_overlay" class="wis_modal_overlay"></div>
238
+ <span class="wis-overlay-spinner is-active">&nbsp;</span>
239
  <?php
240
  }
241
  }
243
  if ( isset( $_GET['token_error'] ) ) {
244
  $token_error = wp_strip_all_tags( $_GET['token_error'] );
245
  echo '<div class="notice notice-error"><p>' . $token_error . '</p></div>';
246
+ $_SERVER['REQUEST_URI'] = str_replace( '#_', '', esc_url_raw( remove_query_arg( 'token_error' ) ) );
247
  } else {
248
  if ( isset( $_GET['access_token'] ) ) {
249
  $token = $_GET['access_token'];
250
  $result = $this->update_account_profiles( $token );
251
+ $_SERVER['REQUEST_URI'] = str_replace( '#_', '', esc_url_raw( remove_query_arg( 'access_token' ) ) );
252
  }
253
  }
254
  }
255
  }
256
  $authorize_url_instagram = "https://api.instagram.com/oauth/authorize?" . http_build_query( [
257
+ "client_id" => WIS_INSTAGRAM_CLIENT_ID,
258
+ "redirect_uri" => "https://instagram.cm-wp.com/basic-api",
259
+ "scope" => "user_profile,user_media",
260
+ "response_type" => "code",
261
+ "state" => $this->getSocialUrl(),
262
+ ] );
263
 
264
  $authorize_url_business = "https://instagram.cm-wp.com/api/?" . http_build_query( [
265
+ "app_id" => WIS_FACEBOOK_CLIENT_ID,
266
+ "state" => $this->getSocialUrl() . '&type=business',
267
+ ] );
268
 
269
  $accounts = WIS_Plugin::app()->getPopulateOption( WIG_PROFILES_OPTION, [] );
270
  $accounts_business = WIS_Plugin::app()->getPopulateOption( WIG_BUSINESS_PROFILES_OPTION, [] );
271
 
272
 
273
  $data = [
274
+ 'is_premium' => WIS_Plugin::app()->is_premium(),
275
+ 'authorize_url_instagram' => $authorize_url_instagram,
276
+ 'authorize_url_business' => $authorize_url_business,
277
+ 'accounts' => $accounts,
278
+ 'accounts_business' => $accounts_business,
279
+ 'social' => $this->social,
280
  ];
281
  $result = $this->page->render( WIG_COMPONENT_VIEWS_DIR . '/accounts', $data );
282
 
components/youtube/html_templates/accounts.php CHANGED
@@ -10,37 +10,38 @@ $social = $args['social'];
10
 
11
  $count_accounts = ! empty( $accounts ) ? count( $accounts ) : 0;
12
  ?>
13
- <form action="<?= $_SERVER['REQUEST_URI']; ?>" method="post">
14
- <div class="wis-youtube-form-row">
15
- <div class="wyt-add-form">
16
- <input type="text" name="wyt_api_key" id="wyt_api_key" class="" style="width: 550px;"
17
- value="<?= WIS_Plugin::app()->getOption( WYT_API_KEY_OPTION_NAME, '' ) ?>"
18
- placeholder="<?php _e( 'Youtube api key.', 'instagram-slider-widget' ) ?>">
19
- </div>
20
- <div class="wyt-add-form">
21
- <input type="submit" class="wyt-btn-Youtube-account"
22
- value="<?php _e( 'Save', 'instagram-slider-widget' ) ?>">
23
- </div>
24
- <div class="" style="display: inline-block;">
25
- <a href="<?= admin_url(); ?>?page=manual-wisw" target="_blank">How to get Youtube API
26
- key</a>
27
- </div>
28
- </div>
 
29
 
30
  <?php
31
  if ( $count_accounts >= 1 && ! $is_premium ) : ?>
32
- <div class="wyt-add-form">
33
- <span class="instagram-account-pro"><?php echo sprintf( __( "More accounts in <a href='%s'>PRO version</a>", 'instagram-slider-widget' ), WIS_Plugin::app()->get_support()->get_pricing_url( true, "wis_settings" ) ); ?></span>
34
- </div>
35
  <?php else: ?>
36
- <div class="wis-youtube-form-row" style="margin-top: 15px;">
37
- <a class="wis-btn-youtube-account" target="_self" href="#" title="Add Account">
38
  <?php _e( 'Add channel', 'instagram-slider-widget' ) ?>
39
- </a>
40
- </div>
41
- <div class="wyt-add-form">
42
- <span class="instagram-account-pro"><?php echo sprintf( __( "More accounts in <a href='%s'>PRO version</a>", 'instagram-slider-widget' ), WIS_Plugin::app()->get_support()->get_pricing_url( true, "wis_settings" ) ); ?></span>
43
- </div>
44
  <?php endif; ?>
45
 
46
  </form>
@@ -49,67 +50,69 @@ $count_accounts = ! empty( $accounts ) ? count( $accounts ) : 0;
49
  <?php
50
  if ( ! empty( $accounts ) ) :
51
  ?>
52
- <div class="wis-social-group"><?php echo __( 'Connected channels', 'instagram-slider-widget' ); ?></div>
53
- <table class="widefat wis-table">
54
- <thead>
55
- <tr>
56
- <th class="wis-profile-picture"><?php echo __( 'Image', 'instagram-slider-widget' ); ?></th>
57
- <th class="wis-profile-id"><?php echo __( 'ID', 'instagram-slider-widget' ); ?></th>
58
- <th class="wis-profile-name"><?php echo __( 'Name', 'instagram-slider-widget' ); ?></th>
59
- <th class="wis-profile-actions"><?php echo __( 'Action', 'instagram-slider-widget' ); ?></th>
60
- </tr>
61
- </thead>
62
- <tbody>
63
  <?php
64
  foreach ( $accounts as $channelId => $account ) {
65
  $delete_link = $this->getActionUrl( 'delete', [ 'social' => $social, 'account' => $channelId ] );
66
  ?>
67
- <tr>
68
- <td class="wis-profile-picture">
69
- <img src="<?= $account->snippet->thumbnails->default->url ?>"
70
- width="30" alt=""/>
71
- </td>
72
- <td class="wis-profile-id"><?php echo $channelId; ?></td>
73
- <td class="wis-profile-name">
74
- <a href="https://youtube.com/channel/<?= $channelId ?>"><?php echo $account->snippet->title; ?></a>
75
- </td>
76
- <td class="wis-profile-actions">
77
- <a href="<?php echo $delete_link; ?>" class="btn btn-danger wyt-close-button">
78
- <span class="dashicons dashicons-trash"></span><?php echo __( 'Delete', 'instagram-slider-widget' ); ?>
79
- </a>
80
- <span class="spinner"
81
- id="wis-delete-spinner-<?php echo $channelId; ?>"></span>
82
- </td>
83
- </tr>
84
  <?php
85
  }
86
  ?>
87
- </tbody>
88
- </table>
89
  <?php wp_nonce_field( $this->plugin->getPrefix() . 'settings_form', $this->plugin->getPrefix() . 'nonce' ); ?>
90
  <?php endif; ?>
91
 
92
  <div id="wis_add_ytaccount_modal" class="wis_accounts_modal wis_closed">
93
- <div class="wis_modal_header">
94
  <?php _e( 'Add Youtube channel', 'instagram-slider-widget' ); ?>
95
- </div>
96
- <div class="wis_modal_content">
97
- <form action="<?= $_SERVER['REQUEST_URI']; ?>" method="post">
98
- <div class="wis-youtube-form-row">
99
- <div class="wyt-add-form" style="width: 100%;">
100
- <input type="text" name="wyt_feed_link" id="wyt_feed_link" class=""
101
- placeholder="<?php _e( 'Channel link. Example: https://www.youtube.com/channel/UC0WP5P-ufpRfjbNrmOWwLBQ', 'instagram-slider-widget' ) ?>">
102
- </div>
103
- <div class="">
104
- <a href="https://support.google.com/youtube/answer/6180214"
105
- target="_blank"><?php _e( 'How to get channel link', 'instagram-slider-widget' ); ?></a>
106
- </div>
107
- </div>
 
108
 
109
- <div class='wis-row-style'>
110
- <input type="submit" class='btn btn-primary' value="<?php _e( 'Add channel', 'instagram-slider-widget' ); ?>">
111
- </div>
112
- </form>
113
- </div>
 
114
  </div>
115
  <div id="wis_add_ytaccount_modal_overlay" class="wis_modal_overlay wis_closed"></div>
10
 
11
  $count_accounts = ! empty( $accounts ) ? count( $accounts ) : 0;
12
  ?>
13
+ <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
14
+ <?php wp_nonce_field( 'wis_yt_token', 'csrf_check' ); ?>
15
+ <div class="wis-youtube-form-row">
16
+ <div class="wyt-add-form">
17
+ <input type="text" name="wyt_api_key" id="wyt_api_key" class="" style="width: 550px;"
18
+ value="<?php echo esc_attr( WIS_Plugin::app()->getOption( WYT_API_KEY_OPTION_NAME, '' ) ); ?>"
19
+ placeholder="<?php esc_html_e( 'Youtube api key.', 'instagram-slider-widget' ) ?>">
20
+ </div>
21
+ <div class="wyt-add-form">
22
+ <input type="submit" class="wyt-btn-Youtube-account"
23
+ value="<?php esc_html_e( 'Save', 'instagram-slider-widget' ) ?>">
24
+ </div>
25
+ <div class="" style="display: inline-block;">
26
+ <a href="<?php echo admin_url(); ?>?page=manual-wisw"
27
+ target="_blank"><?php esc_html_e( 'How to get YouTube API key', 'instagram-slider-widget' ); ?></a>
28
+ </div>
29
+ </div>
30
 
31
  <?php
32
  if ( $count_accounts >= 1 && ! $is_premium ) : ?>
33
+ <div class="wyt-add-form">
34
+ <span class="instagram-account-pro"><?php echo sprintf( __( "More accounts in <a href='%s'>PRO version</a>", 'instagram-slider-widget' ), WIS_Plugin::app()->get_support()->get_pricing_url( true, "wis_settings" ) ); ?></span>
35
+ </div>
36
  <?php else: ?>
37
+ <div class="wis-youtube-form-row" style="margin-top: 15px;">
38
+ <a class="wis-btn-youtube-account" target="_self" href="#" title="Add Account">
39
  <?php _e( 'Add channel', 'instagram-slider-widget' ) ?>
40
+ </a>
41
+ </div>
42
+ <div class="wyt-add-form">
43
+ <span class="instagram-account-pro"><?php echo sprintf( __( "More accounts in <a href='%s'>PRO version</a>", 'instagram-slider-widget' ), WIS_Plugin::app()->get_support()->get_pricing_url( true, "wis_settings" ) ); ?></span>
44
+ </div>
45
  <?php endif; ?>
46
 
47
  </form>
50
  <?php
51
  if ( ! empty( $accounts ) ) :
52
  ?>
53
+ <div class="wis-social-group"><?php echo __( 'Connected channels', 'instagram-slider-widget' ); ?></div>
54
+ <table class="widefat wis-table">
55
+ <thead>
56
+ <tr>
57
+ <th class="wis-profile-picture"><?php echo __( 'Image', 'instagram-slider-widget' ); ?></th>
58
+ <th class="wis-profile-id"><?php echo __( 'ID', 'instagram-slider-widget' ); ?></th>
59
+ <th class="wis-profile-name"><?php echo __( 'Name', 'instagram-slider-widget' ); ?></th>
60
+ <th class="wis-profile-actions"><?php echo __( 'Action', 'instagram-slider-widget' ); ?></th>
61
+ </tr>
62
+ </thead>
63
+ <tbody>
64
  <?php
65
  foreach ( $accounts as $channelId => $account ) {
66
  $delete_link = $this->getActionUrl( 'delete', [ 'social' => $social, 'account' => $channelId ] );
67
  ?>
68
+ <tr>
69
+ <td class="wis-profile-picture">
70
+ <img src="<?php echo $account->snippet->thumbnails->default->url ?>"
71
+ width="30" alt=""/>
72
+ </td>
73
+ <td class="wis-profile-id"><?php echo $channelId; ?></td>
74
+ <td class="wis-profile-name">
75
+ <a href="https://youtube.com/channel/<?php echo $channelId ?>"><?php echo $account->snippet->title; ?></a>
76
+ </td>
77
+ <td class="wis-profile-actions">
78
+ <a href="<?php echo $delete_link; ?>" class="btn btn-danger wyt-close-button">
79
+ <span class="dashicons dashicons-trash"></span><?php echo __( 'Delete', 'instagram-slider-widget' ); ?>
80
+ </a>
81
+ <span class="spinner"
82
+ id="wis-delete-spinner-<?php echo $channelId; ?>"></span>
83
+ </td>
84
+ </tr>
85
  <?php
86
  }
87
  ?>
88
+ </tbody>
89
+ </table>
90
  <?php wp_nonce_field( $this->plugin->getPrefix() . 'settings_form', $this->plugin->getPrefix() . 'nonce' ); ?>
91
  <?php endif; ?>
92
 
93
  <div id="wis_add_ytaccount_modal" class="wis_accounts_modal wis_closed">
94
+ <div class="wis_modal_header">
95
  <?php _e( 'Add Youtube channel', 'instagram-slider-widget' ); ?>
96
+ </div>
97
+ <div class="wis_modal_content">
98
+ <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
99
+ <?php wp_nonce_field( 'wis_yt_link', 'csrf_check' ); ?>
100
+ <div class="wis-youtube-form-row">
101
+ <div class="wyt-add-form" style="width: 100%;">
102
+ <input type="text" name="wyt_feed_link" id="wyt_feed_link" class=""
103
+ placeholder="<?php _e( 'Channel link. Example: https://www.youtube.com/channel/UC0WP5P-ufpRfjbNrmOWwLBQ', 'instagram-slider-widget' ) ?>">
104
+ </div>
105
+ <div class="">
106
+ <a href="https://support.google.com/youtube/answer/6180214"
107
+ target="_blank"><?php _e( 'How to get channel link', 'instagram-slider-widget' ); ?></a>
108
+ </div>
109
+ </div>
110
 
111
+ <div class='wis-row-style'>
112
+ <input type="submit" class='btn btn-primary'
113
+ value="<?php _e( 'Add channel', 'instagram-slider-widget' ); ?>">
114
+ </div>
115
+ </form>
116
+ </div>
117
  </div>
118
  <div id="wis_add_ytaccount_modal_overlay" class="wis_modal_overlay wis_closed"></div>
components/youtube/html_templates/default.php CHANGED
@@ -15,22 +15,22 @@ $yt_link = "https://www.youtube.com/watch?v=";
15
 
16
  <div class='wyoutube-videos-container'>
17
  <?php foreach ($videos as $video): ?>
18
- <?= 'yt_link' == $args['yimages_link'] ? sprintf('<a href="%s%s" target="_blank" style="text-decoration: none;">', $yt_link, $video->id->videoId) : ''?>
19
- <div class="wyoutube-video-container" data-remodal-target="<?= $video->id->videoId ?>"
20
- style="margin-top: 10px; width: <?=$width-2?>%; <?= 'ypopup' == $args['yimages_link'] ? 'cursor: pointer' : ''?> ">
21
- <img src="<?= $video->snippet->thumbnails->medium->url ?>" alt="">
22
  <div class="wyoutuve-video-title ellipsis-2-lines">
23
- <?= $video->snippet->title ?>
24
  </div>
25
  <div class="woutube-video-specs">
26
  <div class="wyoutube-video-watches">
27
- <?= sprintf("%s %s", $video->statistics->viewCount, __('views', 'instagram-slider-widget'))?>
28
  </div>
29
  <div class="wyoutube-video-publish">
30
- <?= time_elapsed_string($video->snippet->publishedAt) ?>
31
  </div>
32
  </div>
33
  </div>
34
- <?= 'yt_link' == $args['yimages_link'] ? "</a>" : ''?>
35
  <?php endforeach; ?>
36
  </div>
15
 
16
  <div class='wyoutube-videos-container'>
17
  <?php foreach ($videos as $video): ?>
18
+ <?php echo 'yt_link' == $args['yimages_link'] ? sprintf('<a href="%s%s" target="_blank" style="text-decoration: none;">', $yt_link, $video->id->videoId) : ''?>
19
+ <div class="wyoutube-video-container" data-remodal-target="<?php echo $video->id->videoId ?>"
20
+ style="margin-top: 10px; width: <?php echo $width-2?>%; <?php echo 'ypopup' == $args['yimages_link'] ? 'cursor: pointer' : ''?> ">
21
+ <img src="<?php echo $video->snippet->thumbnails->medium->url ?>" alt="">
22
  <div class="wyoutuve-video-title ellipsis-2-lines">
23
+ <?php echo $video->snippet->title ?>
24
  </div>
25
  <div class="woutube-video-specs">
26
  <div class="wyoutube-video-watches">
27
+ <?php echo sprintf("%s %s", $video->statistics->viewCount, __('views', 'instagram-slider-widget'))?>
28
  </div>
29
  <div class="wyoutube-video-publish">
30
+ <?php echo time_elapsed_string($video->snippet->publishedAt) ?>
31
  </div>
32
  </div>
33
  </div>
34
+ <?php echo 'yt_link' == $args['yimages_link'] ? "</a>" : ''?>
35
  <?php endforeach; ?>
36
  </div>
components/youtube/html_templates/feed_header_template.php CHANGED
@@ -26,7 +26,7 @@ $profile_url = "https://youtube.com/channel/" . $account->snippet->channelId
26
  </div>
27
  <div class="wyt-subscribe-button-container">
28
  <div class="wyt-subscribe-button">
29
- <a href="https://youtube.com/channel/<?= $account->snippet->channelId ?>" target="_blank" style=" text-decoration: none;color: white; font-size: 1rem"><?= __('subscribe', 'instagram-slider-widget') ?></a>
30
  </div>
31
  </div>
32
  </div>
26
  </div>
27
  <div class="wyt-subscribe-button-container">
28
  <div class="wyt-subscribe-button">
29
+ <a href="https://youtube.com/channel/<?php echo $account->snippet->channelId ?>" target="_blank" style=" text-decoration: none;color: white; font-size: 1rem"><?php echo __('subscribe', 'instagram-slider-widget') ?></a>
30
  </div>
31
  </div>
32
  </div>
components/youtube/html_templates/form-feed.php CHANGED
@@ -20,13 +20,14 @@ $feed_id = $args['instance']['id'] ?? '';
20
  } ?>
21
  </h2>
22
  <form action="" method="post" name="wis-feed-add-form" id="wis-feed-add-form">
 
23
  <div class="jr-container">
24
  <div class="isw-common-settings">
25
  <div class="wis-flex-content">
26
  <div class="wis-flex-content-column">
27
  <div class="form-group">
28
  <label for="title" class="form-label"><?php _e( 'Title:', 'instagram-slider-widget' ); ?></label>
29
- <input class="form-input" id="title" name="title" value="<?php echo $instance['title']; ?>"/>
30
  </div>
31
  <div class="form-group" id="wis-feed-account">
32
  <?php
@@ -80,13 +81,13 @@ $feed_id = $args['instance']['id'] ?? '';
80
 
81
  <div class="isw-tabs">
82
  <ul>
83
- <li class="desk_tab active" id="desk_tab_<?= $feed_id ?>" data-tab-id="<?= $feed_id ?>"><?php _e( 'Desktop', 'instagram-slider-widget' ); ?></li>
84
- <li class="mob_tab" id="mob_tab_<?= $feed_id ?>" data-tab-id="<?= $feed_id ?>"><?php _e( 'Mobile', 'instagram-slider-widget' ); ?></li>
85
  </ul>
86
  </div>
87
 
88
- <div class="isw-tabs-content" id="widget_tabs_<?= $feed_id ?>" data-widget-id="<?= $feed_id ?>">
89
- <div id="desk_tab_content_<?= $feed_id ?>" class="desk_settings">
90
  <h3 style="width: 100%; text-align: center"><?php _e( 'Desktop settings', 'instagram-slider-widget' ); ?></h3>
91
 
92
  <div class="wis-flex-content">
@@ -128,11 +129,11 @@ $feed_id = $args['instance']['id'] ?? '';
128
  <?php _e( 'Request videos by:', 'instagram-slider-widget' ); ?>
129
  </label>
130
  <select class="form-select" name="request_by" id="request_by">
131
- <option value="<?= YoutubeApi::orderByRelevance ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByRelevance, true ); ?>><?php _e( 'Relevance', 'instagram-slider-widget' ); ?></option>
132
- <option value="<?= YoutubeApi::orderByDate ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByDate, true ); ?>> <?php _e( 'Date', 'instagram-slider-widget' ); ?></option>
133
- <option value="<?= YoutubeApi::orderByRating ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByRating, true ); ?>> <?php _e( 'Rating', 'instagram-slider-widget' ); ?></option>
134
- <option value="<?= YoutubeApi::orderByViewCount ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByViewCount, true ); ?>><?php _e( 'View count', 'instagram-slider-widget' ); ?></option>
135
- <option value="<?= YoutubeApi::orderByUnspec ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByUnspec, true ); ?>> <?php _e( 'Unspecified', 'instagram-slider-widget' ); ?></option>
136
  </select>
137
  </div>
138
  <div id="wis-field-orderby" class="form-group">
@@ -162,7 +163,7 @@ $feed_id = $args['instance']['id'] ?? '';
162
  </div>
163
  <div id="wis-field-custom_url" class="form-group" <?php echo 'custom_url' !== $instance['yimages_link'] ? 'style="display:none;' : '' ?>>
164
  <label class="form-label" for="custom_url"><?php _e( 'Custom link:', 'instagram-slider-widget' ); ?></label>
165
- <input class="form-input" id="custom_url" name="custom_url" value="<?php echo $instance['custom_url']; ?>"/>
166
  <span class="jr-description"><?php _e( '* use this field only if the above option is set to <strong>Custom Link</strong>', 'instagram-slider-widget' ); ?></span>
167
  </div>
168
  <div id="wis-field-show_feed_header" class="form-group">
@@ -179,7 +180,7 @@ $feed_id = $args['instance']['id'] ?? '';
179
  <?php _e( 'Block words', 'instagram-slider-widget' ); ?>
180
  </label>
181
  <input class="form-input" id="blocked_words" name="blocked_words"
182
- value="<?php echo $instance['blocked_words']; ?>"/>
183
  <div class="jr-description"><?php _e( 'Enter comma-separated words. If one of them occurs in the image description, the image will not be displayed', 'instagram-slider-widget' ); ?></div>
184
  </div>
185
  </div>
@@ -218,7 +219,7 @@ $feed_id = $args['instance']['id'] ?? '';
218
  </div>
219
  </div>
220
 
221
- <div id="mob_tab_content_<?= $feed_id ?>" class="mob_settings" style="display: none;">
222
  <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings', 'instagram-slider-widget' ); ?></h3>
223
  <?php if ( defined( 'WISP_PLUGIN_ACTIVE' ) && $this->plugin->is_premium() ) :
224
  echo apply_filters( 'wis/youtube/mob_settings', '', $this, $instance, $sliders, $options_linkto, $feed_id );
20
  } ?>
21
  </h2>
22
  <form action="" method="post" name="wis-feed-add-form" id="wis-feed-add-form">
23
+ <?php wp_nonce_field('wis_edit_feed','csrf_check'); ?>
24
  <div class="jr-container">
25
  <div class="isw-common-settings">
26
  <div class="wis-flex-content">
27
  <div class="wis-flex-content-column">
28
  <div class="form-group">
29
  <label for="title" class="form-label"><?php _e( 'Title:', 'instagram-slider-widget' ); ?></label>
30
+ <input class="form-input" id="title" name="title" value="<?php echo esc_attr( $instance['title'] ); ?>"/>
31
  </div>
32
  <div class="form-group" id="wis-feed-account">
33
  <?php
81
 
82
  <div class="isw-tabs">
83
  <ul>
84
+ <li class="desk_tab active" id="desk_tab_<?php echo $feed_id ?>" data-tab-id="<?php echo $feed_id ?>"><?php _e( 'Desktop', 'instagram-slider-widget' ); ?></li>
85
+ <li class="mob_tab" id="mob_tab_<?php echo $feed_id ?>" data-tab-id="<?php echo $feed_id ?>"><?php _e( 'Mobile', 'instagram-slider-widget' ); ?></li>
86
  </ul>
87
  </div>
88
 
89
+ <div class="isw-tabs-content" id="widget_tabs_<?php echo $feed_id ?>" data-widget-id="<?php echo $feed_id ?>">
90
+ <div id="desk_tab_content_<?php echo $feed_id ?>" class="desk_settings">
91
  <h3 style="width: 100%; text-align: center"><?php _e( 'Desktop settings', 'instagram-slider-widget' ); ?></h3>
92
 
93
  <div class="wis-flex-content">
129
  <?php _e( 'Request videos by:', 'instagram-slider-widget' ); ?>
130
  </label>
131
  <select class="form-select" name="request_by" id="request_by">
132
+ <option value="<?php echo YoutubeApi::orderByRelevance ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByRelevance, true ); ?>><?php _e( 'Relevance', 'instagram-slider-widget' ); ?></option>
133
+ <option value="<?php echo YoutubeApi::orderByDate ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByDate, true ); ?>> <?php _e( 'Date', 'instagram-slider-widget' ); ?></option>
134
+ <option value="<?php echo YoutubeApi::orderByRating ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByRating, true ); ?>> <?php _e( 'Rating', 'instagram-slider-widget' ); ?></option>
135
+ <option value="<?php echo YoutubeApi::orderByViewCount ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByViewCount, true ); ?>><?php _e( 'View count', 'instagram-slider-widget' ); ?></option>
136
+ <option value="<?php echo YoutubeApi::orderByUnspec ?>" <?php selected( $instance['request_by'], YoutubeApi::orderByUnspec, true ); ?>> <?php _e( 'Unspecified', 'instagram-slider-widget' ); ?></option>
137
  </select>
138
  </div>
139
  <div id="wis-field-orderby" class="form-group">
163
  </div>
164
  <div id="wis-field-custom_url" class="form-group" <?php echo 'custom_url' !== $instance['yimages_link'] ? 'style="display:none;' : '' ?>>
165
  <label class="form-label" for="custom_url"><?php _e( 'Custom link:', 'instagram-slider-widget' ); ?></label>
166
+ <input class="form-input" id="custom_url" name="custom_url" value="<?php echo esc_url_raw( $instance['custom_url'] ); ?>"/>
167
  <span class="jr-description"><?php _e( '* use this field only if the above option is set to <strong>Custom Link</strong>', 'instagram-slider-widget' ); ?></span>
168
  </div>
169
  <div id="wis-field-show_feed_header" class="form-group">
180
  <?php _e( 'Block words', 'instagram-slider-widget' ); ?>
181
  </label>
182
  <input class="form-input" id="blocked_words" name="blocked_words"
183
+ value="<?php echo esc_attr( $instance['blocked_words'] ); ?>"/>
184
  <div class="jr-description"><?php _e( 'Enter comma-separated words. If one of them occurs in the image description, the image will not be displayed', 'instagram-slider-widget' ); ?></div>
185
  </div>
186
  </div>
219
  </div>
220
  </div>
221
 
222
+ <div id="mob_tab_content_<?php echo $feed_id ?>" class="mob_settings" style="display: none;">
223
  <h3 style="width: 100%; text-align: center"><?php _e( 'Mobile settings', 'instagram-slider-widget' ); ?></h3>
224
  <?php if ( defined( 'WISP_PLUGIN_ACTIVE' ) && $this->plugin->is_premium() ) :
225
  echo apply_filters( 'wis/youtube/mob_settings', '', $this, $instance, $sliders, $options_linkto, $feed_id );
components/youtube/html_templates/widget_settings.php CHANGED
@@ -101,11 +101,11 @@ $instance = $args['instance'];
101
  <label for="<?php echo $this->get_field_id('request_by'); ?>"><strong><?php _e('Request videos by:', 'instagram-slider-widget'); ?></strong>
102
  <select class="widefat" name="<?php echo $this->get_field_name('request_by'); ?>"
103
  id="<?php echo $this->get_field_id('request_by'); ?>">
104
- <option value="<?= YoutubeApi::orderByRelevance ?>" <?php selected($instance['request_by'], YoutubeApi::orderByRelevance, true); ?>><?php _e('Relevance', 'instagram-slider-widget'); ?></option>
105
- <option value="<?= YoutubeApi::orderByDate ?>" <?php selected($instance['request_by'], YoutubeApi::orderByDate, true); ?>> <?php _e('Date', 'instagram-slider-widget'); ?></option>
106
- <option value="<?= YoutubeApi::orderByRating ?>" <?php selected($instance['request_by'], YoutubeApi::orderByRating, true); ?>> <?php _e('Rating', 'instagram-slider-widget'); ?></option>
107
- <option value="<?= YoutubeApi::orderByViewCount ?>" <?php selected($instance['request_by'], YoutubeApi::orderByViewCount, true); ?>><?php _e('View count', 'instagram-slider-widget'); ?></option>
108
- <option value="<?= YoutubeApi::orderByUnspec ?>" <?php selected($instance['request_by'], YoutubeApi::orderByUnspec, true); ?>> <?php _e('Unspecified', 'instagram-slider-widget'); ?></option>
109
  </select>
110
  </label>
111
  </p>
101
  <label for="<?php echo $this->get_field_id('request_by'); ?>"><strong><?php _e('Request videos by:', 'instagram-slider-widget'); ?></strong>
102
  <select class="widefat" name="<?php echo $this->get_field_name('request_by'); ?>"
103
  id="<?php echo $this->get_field_id('request_by'); ?>">
104
+ <option value="<?php echo YoutubeApi::orderByRelevance ?>" <?php selected($instance['request_by'], YoutubeApi::orderByRelevance, true); ?>><?php _e('Relevance', 'instagram-slider-widget'); ?></option>
105
+ <option value="<?php echo YoutubeApi::orderByDate ?>" <?php selected($instance['request_by'], YoutubeApi::orderByDate, true); ?>> <?php _e('Date', 'instagram-slider-widget'); ?></option>
106
+ <option value="<?php echo YoutubeApi::orderByRating ?>" <?php selected($instance['request_by'], YoutubeApi::orderByRating, true); ?>> <?php _e('Rating', 'instagram-slider-widget'); ?></option>
107
+ <option value="<?php echo YoutubeApi::orderByViewCount ?>" <?php selected($instance['request_by'], YoutubeApi::orderByViewCount, true); ?>><?php _e('View count', 'instagram-slider-widget'); ?></option>
108
+ <option value="<?php echo YoutubeApi::orderByUnspec ?>" <?php selected($instance['request_by'], YoutubeApi::orderByUnspec, true); ?>> <?php _e('Unspecified', 'instagram-slider-widget'); ?></option>
109
  </select>
110
  </label>
111
  </p>
components/youtube/includes/class-youtube-feed.php CHANGED
@@ -78,7 +78,7 @@ class WIS_Youtube_Feed extends WIS_Feed {
78
  'images_number' => 20,
79
  'title_words' => 50,
80
  'columns' => 2,
81
- 'show_feed_header' => 1,
82
 
83
  'm_images_number' => 20,
84
  'm_title_words' => 50,
78
  'images_number' => 20,
79
  'title_words' => 50,
80
  'columns' => 2,
81
+ 'show_feed_header' => 0,
82
 
83
  'm_images_number' => 20,
84
  'm_title_words' => 50,
components/youtube/includes/class-youtube-profiles.php CHANGED
@@ -65,13 +65,20 @@ class WIS_Youtube_Profiles extends WIS_Profiles {
65
  * @return string
66
  */
67
  public function content() {
 
 
 
 
68
  if ( isset( $_POST['wyt_api_key'] ) && $_POST['wyt_api_key'] != null ) {
69
- $this->update_youtube_api_key( $_POST['wyt_api_key'] );
 
 
70
  }
71
 
72
  if ( isset( $_POST['wyt_feed_link'] ) && $_POST['wyt_feed_link'] != null ) {
 
73
 
74
- $link = $_POST['wyt_feed_link'];
75
  $start_with_string = 'youtube.com/channel/';
76
 
77
  if ( stripos( $link, $start_with_string ) === false ) {
65
  * @return string
66
  */
67
  public function content() {
68
+ if ( ! current_user_can( 'manage_options' ) ) {
69
+ wp_die( 'Access denied' );
70
+ }
71
+
72
  if ( isset( $_POST['wyt_api_key'] ) && $_POST['wyt_api_key'] != null ) {
73
+ check_admin_referer( 'wis_yt_token', 'csrf_check' );
74
+
75
+ $this->update_youtube_api_key( sanitize_text_field( $_POST['wyt_api_key'] ) );
76
  }
77
 
78
  if ( isset( $_POST['wyt_feed_link'] ) && $_POST['wyt_feed_link'] != null ) {
79
+ check_admin_referer( 'wis_yt_link', 'csrf_check' );
80
 
81
+ $link = esc_url_raw( $_POST['wyt_feed_link'] );
82
  $start_with_string = 'youtube.com/channel/';
83
 
84
  if ( stripos( $link, $start_with_string ) === false ) {
includes/class-feed.php CHANGED
@@ -52,7 +52,7 @@ abstract class WIS_Feed {
52
  */
53
  public function __get( $name ) {
54
  if ( isset( $this->instance[ $name ] ) ) {
55
- return $this->instance[ $name ];
56
  }
57
 
58
  return null;
@@ -103,13 +103,7 @@ abstract class WIS_Feed {
103
  * @return mixed|null
104
  */
105
  public function get( $name ) {
106
- if ( $this->is_mobile ) {
107
- if ( isset( $this->instance["m_{$name}"] ) ) {
108
- return $this->instance["m_{$name}"];
109
- }
110
- }
111
-
112
- return $this->__get( $name );
113
  }
114
 
115
  /**
52
  */
53
  public function __get( $name ) {
54
  if ( isset( $this->instance[ $name ] ) ) {
55
+ return is_string( $this->instance[ $name ] ) ? sanitize_text_field( $this->instance[ $name ] ) : $this->instance[ $name ];
56
  }
57
 
58
  return null;
103
  * @return mixed|null
104
  */
105
  public function get( $name ) {
106
+ return $this->is_mobile ? $this->__get( "m_{$name}" ) : $this->__get( $name );
 
 
 
 
 
 
107
  }
108
 
109
  /**
instaram_slider.php CHANGED
@@ -2,7 +2,7 @@
2
  /*
3
  Plugin Name: Social Slider Feed
4
  Plugin URI: https://cm-wp.com/instagram-slider-widget
5
- Version: 2.0.4
6
  Description: Shows Instagram, Facebook and YouTube responsive feeds in widgets, posts, pages, or anywhere else using shortcodes
7
  Author: creativemotion
8
  Author URI: https://cm-wp.com/
2
  /*
3
  Plugin Name: Social Slider Feed
4
  Plugin URI: https://cm-wp.com/instagram-slider-widget
5
+ Version: 2.0.6
6
  Description: Shows Instagram, Facebook and YouTube responsive feeds in widgets, posts, pages, or anywhere else using shortcodes
7
  Author: creativemotion
8
  Author URI: https://cm-wp.com/
readme.txt CHANGED
@@ -109,6 +109,13 @@ If you don't use an account in the widget, go to the plugin settings and add an
109
 
110
  == Changelog ==
111
 
 
 
 
 
 
 
 
112
  = 2.0.4 =
113
  * Fix adding account
114
  * WP 6.0 compatibility
109
 
110
  == Changelog ==
111
 
112
+ = 2.0.6 =
113
+ * Fix security issues
114
+
115
+ = 2.0.5 =
116
+ * Fix adding account (personal/business)
117
+ * Fix show feed
118
+
119
  = 2.0.4 =
120
  * Fix adding account
121
  * WP 6.0 compatibility