## Changelog ## #### 1. **WordPress Compatibility** - **Old:** Tested up to WordPress 4.2.1 - **New:** Tested up to WordPress 6.7 - **Updated:** Minimum requirement to WordPress 5.0 #### 2. **PHP Compatibility** - **Added:** PHP 7.4 minimum requirement - **Fixed:** PHP 8.x compatibility issues - **Updated:** Array syntax and type handling for modern PHP #### 3. **Security Improvements** - **Added:** Nonces to all forms for CSRF protection - **Added:** Proper nonce verification in AJAX handlers - **Added:** `wp_verify_nonce()` checks in form submissions - **Added:** Capability checks with `current_user_can()` - **Added:** Data sanitization using: - `sanitize_text_field()` for text inputs - `esc_url_raw()` for URLs - `intval()` for numeric values - **Added:** Output escaping using: - `esc_html()` for HTML text - `esc_attr()` for HTML attributes - `esc_url()` for URLs - `esc_js()` for JavaScript strings - `wp_kses_post()` for post content #### 4. **jQuery Compatibility** - **Updated:** JavaScript for WordPress 5.5+ jQuery migration - **Added:** Proper jQuery no-conflict wrapper - **Updated:** Event handlers to use `.on()` instead of deprecated methods - **Added:** `wp-util` dependency for better WordPress integration - **Added:** AJAX error handling with JSON responses #### 5. **Code Quality Improvements** - **Fixed:** Deprecated `date()` usage for ID generation - **Replaced:** Using `current_time('timestamp')` for unique IDs - **Added:** Proper error checking for array operations - **Added:** Type checking before array operations - **Added:** Default values for `get_option()` calls - **Added:** Translation support with text domain 'quick-toolbar' - **Added:** Proper function documentation #### 6. **User Experience Enhancements** - **Added:** "Select All/None" buttons for bulk operations - **Added:** Success messages after adding custom links - **Added:** Better error messages for failed operations - **Added:** Form validation before submission - **Added:** Visual feedback for AJAX operations #### 7. **Accessibility Improvements** - **Added:** ARIA attributes for menu items - **Added:** Proper role attributes - **Added:** Keyboard navigation support - **Added:** Screen reader compatibility improvements #### 8. **Bug Fixes** - **Fixed:** Potential PHP warnings with undefined array keys - **Fixed:** Serialization issues with special characters - **Fixed:** URL encoding problems - **Fixed:** Missing permission checks - **Fixed:** Form resubmission issues with proper redirects ### Files Modified: 1. **ecm-quick-toolbar.php** - Main plugin file - Complete security overhaul - Modern WordPress coding standards - Proper data handling and validation 2. **js/ecmqt-scripts.js** - JavaScript file - jQuery compatibility updates - Added nonce support - Better error handling - UX enhancements 3. **readme.txt** - Plugin documentation - Updated version requirements - Added FAQ section - Comprehensive changelog - Upgrade notices ### Installation Instructions: 1. **Backup your current plugin** settings and database before updating 2. **Deactivate** the old version of the plugin 3. **Delete** the old plugin folder 4. **Upload** the new `quick-toolbar-updated` folder to `/wp-content/plugins/` 5. **Rename** the folder to `quick-toolbar` (if desired) 6. **Activate** the plugin ### Testing Recommendations: After updating, please test: 1. All existing toolbar links still work 2. Adding new custom links 3. Deleting custom links 4. Permission-based link visibility 5. Icon/image uploads for custom links 6. Responsive display on mobile devices ### Backward Compatibility: - All existing settings will be preserved - The data structure remains compatible - No database migrations required ### Support: If you encounter any issues after updating: 1. Check the browser console for JavaScript errors 2. Enable WP_DEBUG to check for PHP warnings 3. Verify file permissions are correct 4. Ensure you're running compatible versions of WordPress and PHP ### Future Considerations: For even more improvements, consider: 1. Adding a settings export/import feature 2. Implementing drag-and-drop link reordering 3. Adding link usage analytics 4. Creating user role-specific toolbar configurations