Merge branch 'release-1.2.11' into releases

.gitignore

@@ -1,3 +1,4 @@
+.ds_store
 .vscode
 .sass-cache
 node_modules/

includes/class.media.php

@@ -202,7 +202,7 @@ function upload_url($url, $type = null) {
 			if ( count($tb) )
 				$url = add_query_arg($tb, $url);
 		}
-		return $url;
+		return sanitize_url( $url );
 	}
 
 	/**
@@ -263,7 +263,7 @@ function upload_media() {
 			/* Send image data to main post edit form and close popup */
 			//Get Attachment ID
 			$args = new stdClass();
-			$args->id = $this->util->array_key_first( $_POST[ $this->var_setmedia ] );
+			$args->id = esc_attr( $this->util->array_key_first( $_POST[ $this->var_setmedia ] ) );
 			//Make sure post is valid
 			if ( wp_attachment_is_image($args->id) ) {
 				$p = $this->get_request_props();
@@ -311,7 +311,7 @@ function upload_media() {
 		//Display default UI
 
 		//Determine media type
-		$type = ( isset($_REQUEST['type']) ) ? $_REQUEST['type'] : $this->var_type;
+		$type = ( isset($_REQUEST['type']) ) ? esc_attr( $_REQUEST['type'] ) : $this->var_type;
 		//Determine UI to use (disk or URL upload)
 		$upload_form = ( isset($_GET['tab']) && 'type_url' == $_GET['tab'] ) ? 'media_upload_type_url_form' : 'media_upload_type_form';
 		//Load UI

includes/class.utilities.php

@@ -75,7 +75,7 @@ function is_admin_management_page() {
 				 && ( $this->is_file('edit.php')
 				 	|| ( $this->is_file('admin.php')
 				 		&& isset($_GET['page'])
-				 		&& strpos($_GET['page'], 'cnr') === 0 )
+				 		&& strpos($_GET['page'], 'fvrt') === 0 )
 				 	)
 				 );
 	}
@@ -213,11 +213,12 @@ function get_action($default = null) {
 		$action = '';
 
 		//Check if action is set in URL
-		if ( isset($_GET['action']) )
-			$action = $_GET['action'];
+		if ( isset($_GET['action']) ) {
+			$action = esc_attr( $_GET['action'] );
+		}
 		//Otherwise, Determine action based on plugin plugin admin page suffix
 		elseif ( isset($_GET['page']) && ($pos = strrpos($_GET['page'], '-')) && $pos !== false && ( $pos != count($_GET['page']) - 1 ) )
-			$action = trim(substr($_GET['page'], $pos + 1), '-_');
+			$action = trim( esc_attr( substr( $_GET['page'], $pos + 1 ) ), '-_');
 
 		//Determine action for core admin pages
 		if ( ! isset($_GET['page']) || empty($action) ) {
@@ -682,7 +683,7 @@ class FVRT_Debug {
 
 	/* Constructor */
 
-	function CNR_Debug() {
+	function FVRT_Debug() {
 		$this->__construct();
 	}
 
@@ -765,7 +766,7 @@ function timer_show($name = 'default', $format = 'Elapsed time: %s') {
 	 * Retrieve current function name
 	 * @param string|array $properties (optional) Properties to retrieve for current function
 	 * @return string|array Current function properties. Default: function name.  Will return array if multiple properties are requested
-	 * @see CNR_Debug::backtrace 
+	 * @see FVRT_Debug::backtrace 
 	 */
 	function get_current($properties = 'function') {
 		return $this->backtrace($properties, 1, 2);
@@ -775,7 +776,7 @@ function get_current($properties = 'function') {
 	 * Retrieves calling function name
 	 * @param string|array $properties (optional) Properties to retrieve for caller
 	 * @return string|array Calling function properties. Default: function name.  Will return array if multiple properties are requested
-	 * @see CNR_Debug::backtrace 
+	 * @see FVRT_Debug::backtrace 
 	 */
 	function get_caller($properties = 'function') {
 		return $this->backtrace($properties, 1, 3);

js/admin.js

@@ -43,7 +43,7 @@ if ( typeof(fvrt) != 'object' )
 	fvrt.setupActions = function() {
 		//Get remove links on page
 		var t = this;
-		$(this.buildSelector('item', 'remove')).live('click', function() {
+		$(this.buildSelector('item', 'remove')).on('click', function() {
 			t.removeItem(this);
 			return false;
 		});

main.php

@@ -3,7 +3,7 @@
 Plugin Name: Favicon Rotator
 Plugin URI: http://archetyped.com/tools/favicon-rotator/
 Description: Easily set site favicon and even rotate through multiple icons
-Version: 1.2.9
+Version: 1.2.11
 Author: Archetyped
 Author URI: http://archetyped.com
 Text Domain: favicon-rotator

model.php

@@ -339,7 +339,7 @@ function save_icons($icons = null, $type = null) {
 			foreach ( $this->get_icon_type_names() as $itype ) {
 				$field = $field_base . $itype;
 				if ( isset($_POST[$field]) ) { 
-					$icons[$itype] = explode(',', $_POST[$field]);
+					$icons[$itype] = explode( ',', esc_attr( $_POST[$field] ) );
 				}
 			}
 		}

readme.txt

@@ -3,7 +3,7 @@ Contributors: Archetyped
 Donate link: http://mycharitywater.org/archetyped-2012-fall
 Tags: favicon,icon,template,theme,customization,simple,media,touch,ios,android
 Requires at least: 5.4
-Tested up to: 5.5
+Tested up to: 6.4
 Stable tag: trunk
 
 Easily set site favicon and even rotate through multiple icons
@@ -51,6 +51,14 @@ No upgrade notices
 
 == Changelog ==
 
+= 1.2.11 =
+* Optimize: WordPress 6.4 Compatibility
+* Optimize: Data validation/formatting
+* Optimize: Internal code cleanup
+
+= 1.2.10 =
+* Optimize: WordPress 5.6 Compatibility
+
 = 1.2.9 =
 * Optimize: WordPress 5.5 Compatibility