updated plugin Simple Local Avatars
version 2.7.11
This commit is contained in:
parent
311bc308f5
commit
39ec06fbc1
@ -1476,6 +1476,7 @@ class Simple_Local_Avatars {
|
||||
?>
|
||||
<input type="hidden" name="simple-local-avatar-file-id" id="simple-local-avatar-file-id" value="<?php echo ! empty( $default_avatar_file_id ) ? esc_attr( $default_avatar_file_id ) : ''; ?>"/>
|
||||
<input type="hidden" name="simple-local-avatar-file-url" id="simple-local-avatar-file-url" value="<?php echo ! empty( $default_avatar_file_url ) ? esc_url( $default_avatar_file_url ) : ''; ?>"/>
|
||||
<?php wp_nonce_field( 'simple_local_avatar_default', 'simple-local-avatar-file-wpnonce' ); ?>
|
||||
<input type="button" name="simple-local-avatar" id="simple-local-avatar-default" class="button-secondary" value="<?php esc_attr_e( 'Choose Default Avatar', 'simple-local-avatar' ); ?>"/>
|
||||
<p class="description" style="margin-left: 23px;"><?php esc_html_e( 'Note that this avatar needs to be publicly available or a broken image will be shown.', 'simple-local-avatar' ); ?></p>
|
||||
<?php
|
||||
@ -1490,6 +1491,11 @@ class Simple_Local_Avatars {
|
||||
private function save_default_avatar_file_id() {
|
||||
global $pagenow;
|
||||
|
||||
// Check if nonce is set.
|
||||
if ( ! isset( $_POST['simple-local-avatar-file-wpnonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['simple-local-avatar-file-wpnonce'] ) ), 'simple_local_avatar_default' ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$file_id = filter_input( INPUT_POST, 'simple-local-avatar-file-id', FILTER_SANITIZE_NUMBER_INT );
|
||||
|
||||
// check for uploaded files
|
||||
|
@ -2,8 +2,8 @@
|
||||
Contributors: jakemgold, 10up, thinkoomph, jeffpaul, faisal03
|
||||
Donate link: https://10up.com/plugins/simple-local-avatars-wordpress/
|
||||
Tags: avatar, gravatar, user photos, users, profile
|
||||
Tested up to: 6.5
|
||||
Stable tag: 2.7.10
|
||||
Tested up to: 6.6
|
||||
Stable tag: 2.7.11
|
||||
License: GPL-2.0-or-later
|
||||
License URI: https://spdx.org/licenses/GPL-2.0-or-later.html
|
||||
|
||||
@ -45,7 +45,15 @@ No. Simple Local Avatars neither collects, stores, nor sends any PII data of vi
|
||||
|
||||
== Changelog ==
|
||||
|
||||
= 2.7.10 - 2024-05-23 =
|
||||
= 2.7.11 - 2024-07-18 =
|
||||
**Note that this release bumps the minimum required version of WordPress from 6.3 to 6.4.**
|
||||
|
||||
* **Changed:** Bumped WordPress "tested up to" version 6.6 and minimum version to 6.4 (props [@sudip-md](https://github.com/sudip-md), [@ankitguptaindia](https://github.com/ankitguptaindia), [@jeffpaul](https://github.com/jeffpaul) via [#289](https://github.com/10up/simple-local-avatars/pull/289), [#290](https://github.com/10up/simple-local-avatars/pull/290)).
|
||||
* **Security:** Add nonce check when saving the default avatar ID (props [@faisal-alvi](https://github.com/faisal-alvi), [@aaemnnosttv](https://github.com/aaemnnosttv), [@rafiem](https://github.com/rafiem), [@dkotter](https://github.com/dkotter) via [GHSA-46pw-6m35-9m7x](https://github.com/10up/simple-local-avatars/security/advisories/GHSA-46pw-6m35-9m7x)).
|
||||
* **Security:** Bump `braces` from 3.0.2 to 3.0.3, `pac-resolver` from 7.0.0 to 7.0.1, `socks` from 2.7.1 to 2.8.3 and removes `ip` (props [@dependabot](https://github.com/apps/dependabot), [@Sidsector9](https://github.com/Sidsector9) via [#286](https://github.com/10up/simple-local-avatars/pull/286)).
|
||||
* **Security:** Bump `ws` from 7.5.9 to 7.5.10 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#287](https://github.com/10up/simple-local-avatars/pull/287)).
|
||||
|
||||
= 2.7.10 - 2024-05-24 =
|
||||
* **Fixed:** Fix Default Avatar Fallback (props [@amirhossein7](https://profiles.wordpress.org/amirhossein7/), [@faisal-alvi](https://github.com/faisal-alvi), [@dkotter](https://github.com/dkotter), [@qasumitbagthariya](https://github.com/qasumitbagthariya/) via [#281](https://github.com/10up/simple-local-avatars/pull/281)).
|
||||
* **Security:** Bump `express` from 4.18.2 to 4.19.2 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#269](https://github.com/10up/simple-local-avatars/pull/269)).
|
||||
* **Security:** Bump `follow-redirects` from 1.15.5 to 1.15.6 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#269](https://github.com/10up/simple-local-avatars/pull/269)).
|
||||
@ -141,6 +149,9 @@ No. Simple Local Avatars neither collects, stores, nor sends any PII data of vi
|
||||
|
||||
== Upgrade Notice ==
|
||||
|
||||
= 2.7.11 =
|
||||
**Note that this release bumps the minimum required version of WordPress from 6.3 to 6.4.**
|
||||
|
||||
= 2.7.8 =
|
||||
**Note that this release bumps the minimum required version of WordPress from 5.7 to 6.3.**
|
||||
|
||||
|
@ -3,8 +3,8 @@
|
||||
* Plugin Name: Simple Local Avatars
|
||||
* Plugin URI: https://10up.com/plugins/simple-local-avatars-wordpress/
|
||||
* Description: Adds an avatar upload field to user profiles. Generates requested sizes on demand, just like Gravatar! Simple and lightweight.
|
||||
* Version: 2.7.10
|
||||
* Requires at least: 6.3
|
||||
* Version: 2.7.11
|
||||
* Requires at least: 6.4
|
||||
* Requires PHP: 7.4
|
||||
* Author: 10up
|
||||
* Author URI: https://10up.com
|
||||
@ -67,7 +67,7 @@ define( 'SLA_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
|
||||
require_once dirname( __FILE__ ) . '/includes/class-simple-local-avatars.php';
|
||||
|
||||
// Global constants.
|
||||
define( 'SLA_VERSION', '2.7.10' );
|
||||
define( 'SLA_VERSION', '2.7.11' );
|
||||
define( 'SLA_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
|
||||
|
||||
if ( ! defined( 'SLA_IS_NETWORK' ) ) {
|
||||
|
Loading…
Reference in New Issue
Block a user