From 95fa1817fa70fac113c8aef430c1e6ac28e2f3a1 Mon Sep 17 00:00:00 2001
From: TruongSa <shrimp2t@gmail.com>
Date: Sat, 2 Apr 2016 08:58:47 +0700
Subject: [PATCH 1/3] Sanitize widget data

---
 inc/widgets/block_1_widget.php | 10 +++++-----
 inc/widgets/block_2_widget.php |  8 ++++----
 inc/widgets/block_3_widget.php |  8 ++++----
 inc/widgets/block_4_widget.php |  8 ++++----
 4 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/inc/widgets/block_1_widget.php b/inc/widgets/block_1_widget.php
index fd43d46..11985a4 100644
--- a/inc/widgets/block_1_widget.php
+++ b/inc/widgets/block_1_widget.php
@@ -152,12 +152,12 @@ public function update( $new_instance, $old_instance ) {
 			'orderby' 				=> '',
 		) );
 
-		$instance['title']               = strip_tags( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? strip_tags($new_instance['ignore_sticky']) : '';
-		$instance['layout']              = $new_instance['layout'];
-		$instance['featured_categories'] = $new_instance['featured_categories'];
+		$instance['title']               = sanitize_text_field( $new_instance['title'] );
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field( $new_instance['ignore_sticky']) : '';
+		$instance['layout']              = sanitize_text_field( $new_instance['layout'] );
+		$instance['featured_categories'] = isset( $new_instance['featured_categories'] ) ?  array_map( 'absint', ( array) $new_instance['featured_categories'] ) : false ;
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
-		$instance['orderby'] 		     = $new_instance['orderby'];
+		$instance['orderby'] 		     = sanitize_text_field( $new_instance['orderby'] );
 
 		return $instance;
 	}
diff --git a/inc/widgets/block_2_widget.php b/inc/widgets/block_2_widget.php
index 85a21bc..8c101a5 100644
--- a/inc/widgets/block_2_widget.php
+++ b/inc/widgets/block_2_widget.php
@@ -151,11 +151,11 @@ public function update( $new_instance, $old_instance ) {
 			'orderby' 				=> '',
 		) );
 
-		$instance['title']               = strip_tags( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? strip_tags($new_instance['ignore_sticky']) : '';
-		$instance['featured_categories'] = $new_instance['featured_categories'];
+		$instance['title']               = sanitize_text_field( $new_instance['title'] );
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field($new_instance['ignore_sticky']) : '';
+		$instance['featured_categories'] = isset( $new_instance['featured_categories'] ) ?  array_map( 'absint', ( array) $new_instance['featured_categories'] ) : false ;
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
-		$instance['orderby'] 		     = $new_instance['orderby'];
+		$instance['orderby'] 		     = sanitize_text_field( $new_instance['orderby'] );
 
 		return $instance;
 	}
diff --git a/inc/widgets/block_3_widget.php b/inc/widgets/block_3_widget.php
index a7ddfea..3644c32 100644
--- a/inc/widgets/block_3_widget.php
+++ b/inc/widgets/block_3_widget.php
@@ -146,11 +146,11 @@ public function update( $new_instance, $old_instance ) {
 			'orderby' 				=> '',
 		) );
 
-		$instance['title']               = strip_tags( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? strip_tags($new_instance['ignore_sticky']) : '';
-		$instance['block_category']      = $new_instance['block_category'];
+		$instance['title']               = sanitize_text_field( $new_instance['title'] );
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field($new_instance['ignore_sticky']) : '';
+		$instance['block_category']      = absint( $new_instance['block_category'] );
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
-		$instance['orderby'] 		     = $new_instance['orderby'];
+		$instance['orderby'] 		     = sanitize_text_field( $new_instance['orderby'] );
 
 		return $instance;
 	}
diff --git a/inc/widgets/block_4_widget.php b/inc/widgets/block_4_widget.php
index 786929b..937026f 100644
--- a/inc/widgets/block_4_widget.php
+++ b/inc/widgets/block_4_widget.php
@@ -133,11 +133,11 @@ public function update( $new_instance, $old_instance ) {
 			'orderby' 				=> '',
 		) );
 
-		$instance['title']               = strip_tags( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? strip_tags($new_instance['ignore_sticky']) : '';
-		$instance['featured_categories'] = $new_instance['featured_categories'];
+		$instance['title']               = sanitize_text_field( $new_instance['title'] );
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field($new_instance['ignore_sticky']) : '';
+		$instance['featured_categories'] = isset( $new_instance['featured_categories'] ) ?  array_map( 'absint', ( array) $new_instance['featured_categories'] ) : false ;
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
-		$instance['orderby'] 		     = $new_instance['orderby'];
+		$instance['orderby'] 		     = sanitize_text_field( $new_instance['orderby'] );
 
 		return $instance;
 	}

From d2be64199c5a2ea04d2ecf0d6588cc91e986f8a7 Mon Sep 17 00:00:00 2001
From: TruongSa <shrimp2t@gmail.com>
Date: Sat, 2 Apr 2016 09:04:07 +0700
Subject: [PATCH 2/3] Update Sanitize widget data

---
 inc/widgets/block_1_widget.php | 2 +-
 inc/widgets/block_2_widget.php | 2 +-
 inc/widgets/block_3_widget.php | 2 +-
 inc/widgets/block_4_widget.php | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/inc/widgets/block_1_widget.php b/inc/widgets/block_1_widget.php
index 11985a4..967e8fd 100644
--- a/inc/widgets/block_1_widget.php
+++ b/inc/widgets/block_1_widget.php
@@ -153,7 +153,7 @@ public function update( $new_instance, $old_instance ) {
 		) );
 
 		$instance['title']               = sanitize_text_field( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field( $new_instance['ignore_sticky']) : '';
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) && $new_instance['ignore_sticky'] ? 1 : 0;
 		$instance['layout']              = sanitize_text_field( $new_instance['layout'] );
 		$instance['featured_categories'] = isset( $new_instance['featured_categories'] ) ?  array_map( 'absint', ( array) $new_instance['featured_categories'] ) : false ;
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
diff --git a/inc/widgets/block_2_widget.php b/inc/widgets/block_2_widget.php
index 8c101a5..215501b 100644
--- a/inc/widgets/block_2_widget.php
+++ b/inc/widgets/block_2_widget.php
@@ -152,7 +152,7 @@ public function update( $new_instance, $old_instance ) {
 		) );
 
 		$instance['title']               = sanitize_text_field( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field($new_instance['ignore_sticky']) : '';
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) && $new_instance['ignore_sticky'] ? 1 : 0;
 		$instance['featured_categories'] = isset( $new_instance['featured_categories'] ) ?  array_map( 'absint', ( array) $new_instance['featured_categories'] ) : false ;
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
 		$instance['orderby'] 		     = sanitize_text_field( $new_instance['orderby'] );
diff --git a/inc/widgets/block_3_widget.php b/inc/widgets/block_3_widget.php
index 3644c32..e3c8447 100644
--- a/inc/widgets/block_3_widget.php
+++ b/inc/widgets/block_3_widget.php
@@ -147,7 +147,7 @@ public function update( $new_instance, $old_instance ) {
 		) );
 
 		$instance['title']               = sanitize_text_field( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field($new_instance['ignore_sticky']) : '';
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) && $new_instance['ignore_sticky'] ? 1 : 0;
 		$instance['block_category']      = absint( $new_instance['block_category'] );
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
 		$instance['orderby'] 		     = sanitize_text_field( $new_instance['orderby'] );
diff --git a/inc/widgets/block_4_widget.php b/inc/widgets/block_4_widget.php
index 937026f..8fefb2b 100644
--- a/inc/widgets/block_4_widget.php
+++ b/inc/widgets/block_4_widget.php
@@ -134,7 +134,7 @@ public function update( $new_instance, $old_instance ) {
 		) );
 
 		$instance['title']               = sanitize_text_field( $new_instance['title'] );
-		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) ? sanitize_text_field($new_instance['ignore_sticky']) : '';
+		$instance['ignore_sticky']       = isset($new_instance['ignore_sticky']) && $new_instance['ignore_sticky'] ? 1 : 0;
 		$instance['featured_categories'] = isset( $new_instance['featured_categories'] ) ?  array_map( 'absint', ( array) $new_instance['featured_categories'] ) : false ;
 		$instance['number_posts']        = absint( $new_instance['number_posts'] );
 		$instance['orderby'] 		     = sanitize_text_field( $new_instance['orderby'] );

From 40e7d4f09a4b295ec4697c7ca309275744cbc448 Mon Sep 17 00:00:00 2001
From: TruongSa <shrimp2t@gmail.com>
Date: Sat, 2 Apr 2016 09:16:04 +0700
Subject: [PATCH 3/3] Update version and changlog

---
 CHANGELOG.md           | 3 +++
 assets/sass/style.scss | 2 +-
 style.css              | 2 +-
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b031428..6eca462 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,9 @@
 ====================================================================
 CHANGELOG
 ====================================================================
+## 1.0.6
+* Add Sanitize widget data.
+
 ## 1.0.5
 * Change Action hooks prefix.
 * Fix Dashboard: Correct capability.
diff --git a/assets/sass/style.scss b/assets/sass/style.scss
index d983061..60e1d08 100644
--- a/assets/sass/style.scss
+++ b/assets/sass/style.scss
@@ -4,7 +4,7 @@ Theme URI: http://www.famethemes.com/themes/codilight-lite
 Author: FameThemes
 Author URI: http://www.famethemes.com
 Description: Codilight Lite is a news magazine style WordPress theme from FameThemes which is a perfect option to create any kind of magazine or blog websites.
-Version: 1.0.5
+Version: 1.0.6
 Text Domain: codilight-lite
 License: GNU General Public License v2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
diff --git a/style.css b/style.css
index 493860e..37e35ec 100644
--- a/style.css
+++ b/style.css
@@ -5,7 +5,7 @@ Theme URI: http://www.famethemes.com/themes/codilight-lite
 Author: FameThemes
 Author URI: http://www.famethemes.com
 Description: Codilight Lite is a news magazine style WordPress theme from FameThemes which is a perfect option to create any kind of magazine or blog websites.
-Version: 1.0.5
+Version: 1.0.6
 Text Domain: codilight-lite
 License: GNU General Public License v2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html