Version Description
- More error fixes and general clean up.
Download this release
Release Info
| Developer | Benbodhi |
| Plugin |  SVG Support |
| Version | 2.5.5 |
| Comparing to | |
| See all releases | |
Code changes from version 2.5.4 to 2.5.5
- functions/attachment.php +14 -15
- functions/mime-types.php +4 -0
- readme.txt +8 -1
- svg-support.php +24 -22
- uninstall.php +1 -1
functions/attachment.php
CHANGED
|
@@ -199,7 +199,7 @@ function bodhi_svgs_sanitize( $file ){
|
|
| 199 |
|
| 200 |
}
|
| 201 |
|
| 202 |
-
function bodhi_svgs_minify(
|
| 203 |
|
| 204 |
global $bodhi_svgs_options;
|
| 205 |
global $sanitizer;
|
|
@@ -220,32 +220,31 @@ function bodhi_svgs_is_gzipped( $contents ) {
|
|
| 220 |
|
| 221 |
}
|
| 222 |
|
| 223 |
-
function bodhi_svgs_sanitize_svg( $file ){
|
| 224 |
|
| 225 |
global $bodhi_svgs_options;
|
| 226 |
|
| 227 |
-
if ( !empty($bodhi_svgs_options['sanitize_svg']) && $bodhi_svgs_options['sanitize_svg'] === 'on' ) {
|
| 228 |
|
| 229 |
if ( $file['type'] === 'image/svg+xml' ) {
|
| 230 |
-
|
| 231 |
$sanitize_on_upload_roles_array = array();
|
| 232 |
|
| 233 |
$should_sanitize_svg = array();
|
| 234 |
-
|
| 235 |
$sanitize_on_upload_roles_array = (array) $bodhi_svgs_options['sanitize_on_upload_roles'];
|
| 236 |
-
|
| 237 |
$user = wp_get_current_user();
|
| 238 |
-
|
| 239 |
-
|
| 240 |
-
|
| 241 |
-
|
| 242 |
-
|
| 243 |
-
|
| 244 |
-
|
| 245 |
-
'safe-svg' );
|
| 246 |
}
|
| 247 |
elseif ( ! bodhi_svgs_sanitize( $file['tmp_name'] ) ) {
|
| 248 |
-
$file['error'] = __( "Sorry, this file couldn't be sanitized
|
| 249 |
'safe-svg' );
|
| 250 |
}
|
| 251 |
|
| 199 |
|
| 200 |
}
|
| 201 |
|
| 202 |
+
function bodhi_svgs_minify() {
|
| 203 |
|
| 204 |
global $bodhi_svgs_options;
|
| 205 |
global $sanitizer;
|
| 220 |
|
| 221 |
}
|
| 222 |
|
| 223 |
+
function bodhi_svgs_sanitize_svg( $file ) {
|
| 224 |
|
| 225 |
global $bodhi_svgs_options;
|
| 226 |
|
| 227 |
+
if ( !empty($bodhi_svgs_options['sanitize_svg']) && $bodhi_svgs_options['sanitize_svg'] === 'on' && $bodhi_svgs_options['sanitize_on_upload_roles'][0] != "none" ) {
|
| 228 |
|
| 229 |
if ( $file['type'] === 'image/svg+xml' ) {
|
| 230 |
+
|
| 231 |
$sanitize_on_upload_roles_array = array();
|
| 232 |
|
| 233 |
$should_sanitize_svg = array();
|
| 234 |
+
|
| 235 |
$sanitize_on_upload_roles_array = (array) $bodhi_svgs_options['sanitize_on_upload_roles'];
|
| 236 |
+
|
| 237 |
$user = wp_get_current_user();
|
| 238 |
+
|
| 239 |
+
$current_user_roles = ( array ) $user->roles;
|
| 240 |
+
|
| 241 |
+
$should_sanitize_svg = array_intersect($sanitize_on_upload_roles_array, $current_user_roles);
|
| 242 |
+
|
| 243 |
+
if( empty($should_sanitize_svg) ) {
|
| 244 |
+
// Do nothing Here
|
|
|
|
| 245 |
}
|
| 246 |
elseif ( ! bodhi_svgs_sanitize( $file['tmp_name'] ) ) {
|
| 247 |
+
$file['error'] = __( "Sorry, this file couldn't be sanitized for security reasons and wasn't uploaded",
|
| 248 |
'safe-svg' );
|
| 249 |
}
|
| 250 |
|
functions/mime-types.php
CHANGED
|
@@ -19,6 +19,10 @@ function bodhi_svgs_upload_mimes( $mimes = array() ) {
|
|
| 19 |
$allowed_roles_array = array();
|
| 20 |
$is_role_allowed = array();
|
| 21 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 22 |
$allowed_roles_array = (array) $bodhi_svgs_options['restrict'];
|
| 23 |
|
| 24 |
$user = wp_get_current_user();
|
| 19 |
$allowed_roles_array = array();
|
| 20 |
$is_role_allowed = array();
|
| 21 |
|
| 22 |
+
if( !isset($bodhi_svgs_options['restrict']) ) {
|
| 23 |
+
return $mimes;
|
| 24 |
+
}
|
| 25 |
+
|
| 26 |
$allowed_roles_array = (array) $bodhi_svgs_options['restrict'];
|
| 27 |
|
| 28 |
$user = wp_get_current_user();
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Tags: svg, vector, safesvg, safe svg, sanitization, sanitisation, sanitizer, san
|
|
| 5 |
Requires at least: 4.8
|
| 6 |
Tested up to: 6.1.1
|
| 7 |
Requires PHP: 7.2
|
| 8 |
-
Stable tag: 2.5.
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
|
@@ -161,6 +161,9 @@ You need to add the mime type for svg and svgz to: "MLA Settings > Media Library
|
|
| 161 |
|
| 162 |
== Changelog ==
|
| 163 |
|
|
|
|
|
|
|
|
|
|
| 164 |
= 2.5.4 =
|
| 165 |
* Fixed errors.
|
| 166 |
|
|
@@ -389,6 +392,10 @@ You need to add the mime type for svg and svgz to: "MLA Settings > Media Library
|
|
| 389 |
|
| 390 |
|
| 391 |
== Upgrade Notice ==
|
|
|
|
|
|
|
|
|
|
|
|
|
| 392 |
= 2.5.4 =
|
| 393 |
Updating to 2.5+ Adds new features and addresses a number of earlier issues raised. Please take a backup before updating!
|
| 394 |
2.5.4 fixes errors in the 2.5 series of updates.
|
| 5 |
Requires at least: 4.8
|
| 6 |
Tested up to: 6.1.1
|
| 7 |
Requires PHP: 7.2
|
| 8 |
+
Stable tag: 2.5.5
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
| 161 |
|
| 162 |
== Changelog ==
|
| 163 |
|
| 164 |
+
= 2.5.5 =
|
| 165 |
+
* More error fixes and general clean up.
|
| 166 |
+
|
| 167 |
= 2.5.4 =
|
| 168 |
* Fixed errors.
|
| 169 |
|
| 392 |
|
| 393 |
|
| 394 |
== Upgrade Notice ==
|
| 395 |
+
= 2.5.5 =
|
| 396 |
+
Updating to 2.5+ Adds new features and addresses a number of earlier issues raised. Please take a backup before updating!
|
| 397 |
+
2.5.5 fixes more reported errors in the 2.5 series of updates.
|
| 398 |
+
|
| 399 |
= 2.5.4 =
|
| 400 |
Updating to 2.5+ Adds new features and addresses a number of earlier issues raised. Please take a backup before updating!
|
| 401 |
2.5.4 fixes errors in the 2.5 series of updates.
|
svg-support.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: SVG Support
|
| 4 |
Plugin URI: http://wordpress.org/plugins/svg-support/
|
| 5 |
Description: Upload SVG files to the Media Library and render SVG files inline for direct styling/animation of an SVG's internal elements using CSS/JS.
|
| 6 |
-
Version: 2.5.
|
| 7 |
Author: Benbodhi
|
| 8 |
Author URI: https://benbodhi.com
|
| 9 |
Text Domain: svg-support
|
|
@@ -22,26 +22,28 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
| 22 |
/**
|
| 23 |
* Global variables
|
| 24 |
*/
|
| 25 |
-
$
|
|
|
|
|
|
|
| 26 |
$plugin_file = plugin_basename(__FILE__); // plugin file for reference
|
| 27 |
define( 'BODHI_SVGS_PLUGIN_PATH', plugin_dir_path( __FILE__ ) ); // define the absolute plugin path for includes
|
| 28 |
define( 'BODHI_SVGS_PLUGIN_URL', plugin_dir_url( __FILE__ ) ); // define the plugin url for use in enqueue
|
| 29 |
$bodhi_svgs_options = get_option('bodhi_svgs_settings'); // retrieve our plugin settings from the options table
|
| 30 |
|
|
|
|
|
|
|
|
|
|
| 31 |
use enshrined\svgSanitize\Sanitizer; // init svg sanitizer for usage
|
| 32 |
|
| 33 |
if ( ( !empty($bodhi_svgs_options['sanitize_svg']) && $bodhi_svgs_options['sanitize_svg'] === 'on' ) || ( !empty($bodhi_svgs_options['minify_svg']) && $bodhi_svgs_options['minify_svg'] === 'on' ) ) {
|
| 34 |
|
| 35 |
-
|
| 36 |
-
* SVG Sanitizer class
|
| 37 |
-
*/
|
| 38 |
-
include( BODHI_SVGS_PLUGIN_PATH . 'vendor/autoload.php' ); // svg sanitizer
|
| 39 |
|
| 40 |
// interfaces to enable custom whitelisting of svg tags and attributes
|
| 41 |
include( BODHI_SVGS_PLUGIN_PATH . 'includes/svg-tags.php' );
|
| 42 |
include( BODHI_SVGS_PLUGIN_PATH . 'includes/svg-attributes.php' );
|
| 43 |
|
| 44 |
-
$sanitizer = new Sanitizer();
|
| 45 |
|
| 46 |
}
|
| 47 |
|
|
@@ -81,36 +83,36 @@ if ( empty( $svgs_plugin_version_stored ) ) {
|
|
| 81 |
}
|
| 82 |
|
| 83 |
/**
|
| 84 |
-
* Defaults for better security
|
| 85 |
*/
|
| 86 |
-
//
|
| 87 |
if ( !isset($bodhi_svgs_options['sanitize_svg_front_end']) ) {
|
| 88 |
-
|
| 89 |
-
|
| 90 |
}
|
| 91 |
|
| 92 |
-
//
|
| 93 |
if ( !isset($bodhi_svgs_options['restrict']) || $bodhi_svgs_options['restrict'] == "on" ) {
|
| 94 |
-
|
| 95 |
-
|
| 96 |
}
|
| 97 |
elseif (isset($bodhi_svgs_options['restrict']) && $bodhi_svgs_options['restrict'] == "none" ) {
|
| 98 |
$bodhi_svgs_options['restrict'] = array("none");
|
| 99 |
-
|
| 100 |
}
|
| 101 |
|
| 102 |
-
//
|
| 103 |
if ( !isset($bodhi_svgs_options['sanitize_svg']) ) {
|
| 104 |
-
|
| 105 |
-
|
| 106 |
}
|
| 107 |
|
| 108 |
-
//
|
| 109 |
if ( !isset($bodhi_svgs_options['sanitize_on_upload_roles']) ) {
|
| 110 |
-
|
| 111 |
-
|
| 112 |
}
|
| 113 |
elseif ( isset($bodhi_svgs_options['sanitize_on_upload_roles']) && $bodhi_svgs_options['sanitize_on_upload_roles'] == "none") {
|
| 114 |
$bodhi_svgs_options['sanitize_on_upload_roles'] = array("none");
|
| 115 |
-
|
| 116 |
}
|
| 3 |
Plugin Name: SVG Support
|
| 4 |
Plugin URI: http://wordpress.org/plugins/svg-support/
|
| 5 |
Description: Upload SVG files to the Media Library and render SVG files inline for direct styling/animation of an SVG's internal elements using CSS/JS.
|
| 6 |
+
Version: 2.5.5
|
| 7 |
Author: Benbodhi
|
| 8 |
Author URI: https://benbodhi.com
|
| 9 |
Text Domain: svg-support
|
| 22 |
/**
|
| 23 |
* Global variables
|
| 24 |
*/
|
| 25 |
+
global $bodhi_svgs_options;
|
| 26 |
+
$bodhi_svgs_options = array(); // Defining global array
|
| 27 |
+
$svgs_plugin_version = '2.5.5'; // for use on admin pages
|
| 28 |
$plugin_file = plugin_basename(__FILE__); // plugin file for reference
|
| 29 |
define( 'BODHI_SVGS_PLUGIN_PATH', plugin_dir_path( __FILE__ ) ); // define the absolute plugin path for includes
|
| 30 |
define( 'BODHI_SVGS_PLUGIN_URL', plugin_dir_url( __FILE__ ) ); // define the plugin url for use in enqueue
|
| 31 |
$bodhi_svgs_options = get_option('bodhi_svgs_settings'); // retrieve our plugin settings from the options table
|
| 32 |
|
| 33 |
+
/*
|
| 34 |
+
* SVG Sanitizer class
|
| 35 |
+
*/
|
| 36 |
use enshrined\svgSanitize\Sanitizer; // init svg sanitizer for usage
|
| 37 |
|
| 38 |
if ( ( !empty($bodhi_svgs_options['sanitize_svg']) && $bodhi_svgs_options['sanitize_svg'] === 'on' ) || ( !empty($bodhi_svgs_options['minify_svg']) && $bodhi_svgs_options['minify_svg'] === 'on' ) ) {
|
| 39 |
|
| 40 |
+
include( BODHI_SVGS_PLUGIN_PATH . 'vendor/autoload.php' ); // svg sanitizer
|
|
|
|
|
|
|
|
|
|
| 41 |
|
| 42 |
// interfaces to enable custom whitelisting of svg tags and attributes
|
| 43 |
include( BODHI_SVGS_PLUGIN_PATH . 'includes/svg-tags.php' );
|
| 44 |
include( BODHI_SVGS_PLUGIN_PATH . 'includes/svg-attributes.php' );
|
| 45 |
|
| 46 |
+
$sanitizer = new Sanitizer(); // initialize if enabled
|
| 47 |
|
| 48 |
}
|
| 49 |
|
| 83 |
}
|
| 84 |
|
| 85 |
/**
|
| 86 |
+
* Defaults for better security in versions >= 2.5
|
| 87 |
*/
|
| 88 |
+
// Enable 'sanitize_svg_front_end' by default
|
| 89 |
if ( !isset($bodhi_svgs_options['sanitize_svg_front_end']) ) {
|
| 90 |
+
$bodhi_svgs_options['sanitize_svg_front_end'] = 'on';
|
| 91 |
+
update_option( 'bodhi_svgs_settings', $bodhi_svgs_options );
|
| 92 |
}
|
| 93 |
|
| 94 |
+
// Allow only admins to upload SVGs by default
|
| 95 |
if ( !isset($bodhi_svgs_options['restrict']) || $bodhi_svgs_options['restrict'] == "on" ) {
|
| 96 |
+
$bodhi_svgs_options['restrict'] = array('administrator');
|
| 97 |
+
update_option( 'bodhi_svgs_settings', $bodhi_svgs_options );
|
| 98 |
}
|
| 99 |
elseif (isset($bodhi_svgs_options['restrict']) && $bodhi_svgs_options['restrict'] == "none" ) {
|
| 100 |
$bodhi_svgs_options['restrict'] = array("none");
|
| 101 |
+
update_option( 'bodhi_svgs_settings', $bodhi_svgs_options );
|
| 102 |
}
|
| 103 |
|
| 104 |
+
// By default turn on "Sanitize SVG while uploading" option
|
| 105 |
if ( !isset($bodhi_svgs_options['sanitize_svg']) ) {
|
| 106 |
+
$bodhi_svgs_options['sanitize_svg'] = "on";
|
| 107 |
+
update_option( 'bodhi_svgs_settings', $bodhi_svgs_options );
|
| 108 |
}
|
| 109 |
|
| 110 |
+
// By default sanitize on upload for everyone except administrator and editor roles
|
| 111 |
if ( !isset($bodhi_svgs_options['sanitize_on_upload_roles']) ) {
|
| 112 |
+
$bodhi_svgs_options['sanitize_on_upload_roles'] = array('administrator', 'editor');
|
| 113 |
+
update_option( 'bodhi_svgs_settings', $bodhi_svgs_options );
|
| 114 |
}
|
| 115 |
elseif ( isset($bodhi_svgs_options['sanitize_on_upload_roles']) && $bodhi_svgs_options['sanitize_on_upload_roles'] == "none") {
|
| 116 |
$bodhi_svgs_options['sanitize_on_upload_roles'] = array("none");
|
| 117 |
+
update_option( 'bodhi_svgs_settings', $bodhi_svgs_options );
|
| 118 |
}
|
uninstall.php
CHANGED
|
@@ -7,4 +7,4 @@ $bodhi_options_on_deletion = get_option( 'bodhi_svgs_settings' );
|
|
| 7 |
if ( isset($bodhi_options_on_deletion[ 'del_plugin_data' ]) && $bodhi_options_on_deletion[ 'del_plugin_data' ] === 'on' ) {
|
| 8 |
delete_option( 'bodhi_svgs_plugin_version' );
|
| 9 |
delete_option( 'bodhi_svgs_settings' );
|
| 10 |
-
}
|
| 7 |
if ( isset($bodhi_options_on_deletion[ 'del_plugin_data' ]) && $bodhi_options_on_deletion[ 'del_plugin_data' ] === 'on' ) {
|
| 8 |
delete_option( 'bodhi_svgs_plugin_version' );
|
| 9 |
delete_option( 'bodhi_svgs_settings' );
|
| 10 |
+
}
|
