From cf0f18e12eb3291c94be9765ca2057d5d7f89f79 Mon Sep 17 00:00:00 2001
From: Dave Bonds <dave@idxbroker.com>
Date: Thu, 14 Jan 2016 10:29:39 -0600
Subject: [PATCH 1/3] * prevent direct file access * remove dns prefetch for
 font awesome * sanitize detail keys and values

---
 includes/class-agents.php                   | 11 ++++++++++-
 includes/class-employee-widget.php          |  1 +
 includes/class-taxonomies.php               |  1 +
 includes/functions.php                      |  5 ++++-
 includes/helpers.php                        |  2 +-
 includes/shortcodes.php                     |  1 +
 includes/views/agentevo-metabox.php         |  2 --
 includes/views/archive-employee.php         |  6 ------
 includes/views/create-tax.php               |  4 +++-
 includes/views/employee-details-metabox.php |  1 +
 includes/views/idx-metabox.php              |  2 --
 includes/views/impress-agents-settings.php  |  1 +
 includes/views/single-employee.php          |  6 ------
 plugin.php                                  |  9 ++-------
 14 files changed, 25 insertions(+), 27 deletions(-)
 delete mode 100644 includes/views/agentevo-metabox.php
 delete mode 100644 includes/views/idx-metabox.php

diff --git a/includes/class-agents.php b/includes/class-agents.php
index 5c37114..0fd3411 100644
--- a/includes/class-agents.php
+++ b/includes/class-agents.php
@@ -1,4 +1,5 @@
 <?php
+if ( ! defined( 'ABSPATH' ) ) exit;
 /**
  * This file contains the IMPress_Agents class.
  */
@@ -40,7 +41,7 @@ function __construct() {
 			),
 			'col2' => array(
 				__( 'Email:', 'impress_agents' )			=> '_employee_email',
-				__( 'Website (NO http://):', 'impress_agents' )	=> '_employee_website',
+				__( 'Website:', 'impress_agents' )			=> '_employee_website',
 				__( 'Address:', 'impress_agents' ) 			=> '_employee_address',
 				__( 'City:', 'impress_agents' )				=> '_employee_city',
 				__( 'State:', 'impress_agents' )			=> '_employee_state',
@@ -182,6 +183,14 @@ function metabox_save( $post_id, $post ) {
 	    /** Store the employee details custom fields */
 	    foreach ( (array) $employee_details as $key => $value ) {
 
+	    	$key = sanitize_key($key);
+
+	    	if($key == '_employee_email') {
+	    		$value = sanitize_email($value);
+	    	} else {
+	    		$value = sanitize_text_field($value);
+	    	}
+
 	        /** Save/Update/Delete */
 	        if ( $value ) {
 	            update_post_meta($post->ID, $key, $value);
diff --git a/includes/class-employee-widget.php b/includes/class-employee-widget.php
index d9dbd5f..f2f1258 100644
--- a/includes/class-employee-widget.php
+++ b/includes/class-employee-widget.php
@@ -1,4 +1,5 @@
 <?php
+if ( ! defined( 'ABSPATH' ) ) exit;
 /**
  * This widget displays a featured employee.
  *
diff --git a/includes/class-taxonomies.php b/includes/class-taxonomies.php
index e9b0c79..e8112d8 100644
--- a/includes/class-taxonomies.php
+++ b/includes/class-taxonomies.php
@@ -1,4 +1,5 @@
 <?php
+if ( ! defined( 'ABSPATH' ) ) exit;
 /**
  * This file contains the IMPress_Agents_Taxonomies class.
  */
diff --git a/includes/functions.php b/includes/functions.php
index 6f116bd..0345e7e 100644
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -1,4 +1,5 @@
 <?php
+if ( ! defined( 'ABSPATH' ) ) exit;
 /**
  * Holds miscellaneous functions for use in the IMPress Agents plugin
  *
@@ -95,7 +96,9 @@ function impa_employee_details() {
         $output .= sprintf('<p><a class="email" itemprop="email" href="mailto:%s">%s</a></p>', antispambot($email), antispambot($email) );
 
     if (get_post_meta($post->ID, '_employee_website', true) != '')
-        $output .= sprintf('<p><a class="website" itemprop="url" href="http://%s">%s</a></p>', get_post_meta($post->ID, '_employee_website', true), get_post_meta($post->ID, '_employee_website', true) );
+    	$website = esc_url(get_post_meta($post->ID, '_employee_website', true));
+    	$website_no_http = preg_replace('#^https?://#', '', rtrim($website,'/'));
+        $output .= sprintf('<p><a class="website" itemprop="url" href="%s">%s</a></p>', $website, $website_no_http );
 
     if (get_post_meta($post->ID, '_employee_city', true) != '' || get_post_meta($post->ID, '_employee_address', true) != '' || get_post_meta($post->ID, '_employee_state', true) != '' || get_post_meta($post->ID, '_employee_zip', true) != '' ) {
 
diff --git a/includes/helpers.php b/includes/helpers.php
index 822c0a8..b08ad0b 100755
--- a/includes/helpers.php
+++ b/includes/helpers.php
@@ -1,5 +1,5 @@
 <?php
-
+if ( ! defined( 'ABSPATH' ) ) exit;
 /**
  * Lists all the terms of a given taxonomy
  *
diff --git a/includes/shortcodes.php b/includes/shortcodes.php
index 40997d7..34ea387 100644
--- a/includes/shortcodes.php
+++ b/includes/shortcodes.php
@@ -1,4 +1,5 @@
 <?php
+if ( ! defined( 'ABSPATH' ) ) exit;
 /**
  * Adds shortcode to display agent profiles
  */
diff --git a/includes/views/agentevo-metabox.php b/includes/views/agentevo-metabox.php
deleted file mode 100644
index f6d8c19..0000000
--- a/includes/views/agentevo-metabox.php
+++ /dev/null
@@ -1,2 +0,0 @@
-<?php
-echo '<a href="http://www.agentevolution.com/equity" target="_blank"><img style="max-width: 100%;" src="' . IMPRESS_AGENTS_URL . 'images/equity-ad.png" alt="Import your Employees with the Equity Framework"></a>';
\ No newline at end of file
diff --git a/includes/views/archive-employee.php b/includes/views/archive-employee.php
index 9f31fc8..5ca240f 100644
--- a/includes/views/archive-employee.php
+++ b/includes/views/archive-employee.php
@@ -13,12 +13,6 @@ function enqueue_single_employee_scripts() {
 	wp_enqueue_style( 'font-awesome' );
 }
 
-/** Set DNS Prefetch to improve performance on single listings templates */
-add_filter('wp_head','impress_agents_dnsprefetch', 0);
-function impress_agents_dnsprefetch() {
-    echo "\n<link rel='dns-prefetch' href='//maxcdn.bootstrapcdn.com' />\n"; // Loads FontAwesome
-}
-
 function archive_employee_loop() {
 	echo '<div class="employee-archive">';
 
diff --git a/includes/views/create-tax.php b/includes/views/create-tax.php
index 0216081..89fa242 100755
--- a/includes/views/create-tax.php
+++ b/includes/views/create-tax.php
@@ -1,4 +1,6 @@
-<?php screen_icon( 'themes' ); ?>
+<?php
+if ( ! defined( 'ABSPATH' ) ) exit;
+screen_icon( 'themes' ); ?>
 <h2><?php _e( 'Employee Taxonomies', 'impress_agents' ); ?></h2>
 
 <div id="col-container">
diff --git a/includes/views/employee-details-metabox.php b/includes/views/employee-details-metabox.php
index 40c3e21..11682fb 100644
--- a/includes/views/employee-details-metabox.php
+++ b/includes/views/employee-details-metabox.php
@@ -1,4 +1,5 @@
 <?php
+if ( ! defined( 'ABSPATH' ) ) exit;
 wp_nonce_field( 'impress_agents_metabox_save', 'impress_agents_metabox_nonce' );
 
 global $post;
diff --git a/includes/views/idx-metabox.php b/includes/views/idx-metabox.php
deleted file mode 100644
index aac9614..0000000
--- a/includes/views/idx-metabox.php
+++ /dev/null
@@ -1,2 +0,0 @@
-<?php
-echo '<a href="http://www.idxbroker.com/features/idx-wordpress-plugin" target="_blank"><img style="max-width: 100%;" src="' . IMPRESS_AGENTS_URL . 'images/idx-ad.png" alt="Hook up your MLS with IDX Broker"></a>';
\ No newline at end of file
diff --git a/includes/views/impress-agents-settings.php b/includes/views/impress-agents-settings.php
index c772bd9..999a892 100644
--- a/includes/views/impress-agents-settings.php
+++ b/includes/views/impress-agents-settings.php
@@ -1,4 +1,5 @@
 <?php
+if ( ! defined( 'ABSPATH' ) ) exit;
 if( isset($_GET['settings-updated']) ) { ?>
     <div id="message" class="updated">
         <p><strong><?php _e('Settings saved.','impress_agents'); ?></strong></p>
diff --git a/includes/views/single-employee.php b/includes/views/single-employee.php
index ecf8a4a..2f155b3 100644
--- a/includes/views/single-employee.php
+++ b/includes/views/single-employee.php
@@ -11,12 +11,6 @@ function enqueue_single_employee_scripts() {
 	wp_enqueue_style( 'font-awesome' );
 }
 
-/** Set DNS Prefetch to improve performance on single listings templates */
-add_filter('wp_head','impress_agents_dnsprefetch', 0);
-function impress_agents_dnsprefetch() {
-    echo "\n<link rel='dns-prefetch' href='//maxcdn.bootstrapcdn.com' />\n"; // Loads FontAwesome
-}
-
 function single_employee_post_content() {
 	global $post;
 	?>
diff --git a/plugin.php b/plugin.php
index a065055..0f94670 100644
--- a/plugin.php
+++ b/plugin.php
@@ -12,6 +12,8 @@
 	License URI: http://www.opensource.org/licenses/gpl-license.php
 */
 
+if ( ! defined( 'ABSPATH' ) ) exit;
+
 register_activation_hook( __FILE__, 'impress_agents_activation' );
 /**
  * This function runs on plugin activation. It flushes the rewrite rules to prevent 404's
@@ -99,13 +101,6 @@ function add_impress_agents_main_styles() {
     function impress_agents_admin_scripts_styles() {
         wp_enqueue_style( 'impress_agents_admin_css', IMPRESS_AGENTS_URL . 'includes/css/impress-agents-admin.css' );
 
-        /** Enqueue Font Awesome in the Admin if IDX Broker is not installed */
-		// if (!class_exists( 'Idx_Broker_Plugin' )) {
-		// 	wp_register_style('font-awesome-admin', '//maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css', '', null, 'all');
-		// 	wp_enqueue_style('font-awesome-admin');
-		// 	wp_enqueue_style('upgrade-icon', IMPRESS_AGENTS_URL . 'includes/css/impress-agents-upgrade.css');
-		// }
-
 		wp_enqueue_script( 'impress-agents-admin', IMPRESS_AGENTS_URL . 'includes/js/admin.js', 'media-views' );
 
 		$localize_script = array(

From ce8fd63f53756b60b8698ef1a88f9f2082f3929f Mon Sep 17 00:00:00 2001
From: Dave Bonds <dave@idxbroker.com>
Date: Mon, 25 Jan 2016 16:28:09 -0600
Subject: [PATCH 2/3] Updated readme.txt TODO: * add screenshots * convert to
 markdown

---
 readme.txt | 35 ++++++++++++++++++++++++++---------
 1 file changed, 26 insertions(+), 9 deletions(-)

diff --git a/readme.txt b/readme.txt
index a2bd61b..8f68510 100644
--- a/readme.txt
+++ b/readme.txt
@@ -2,22 +2,27 @@
 Author: Agent Evolution
 Author URL: http://www.agentevolution.com/
 Contributors: agentevolution, davebonds, chadajohnson, idxco
-Tags:
-Requires at least: 3.7
+Tags: agents, employees, employee directory, agent directory, agents, idx broker, idx, impress
+Requires at least: 4.3.0
 Tested up to: 4.4.1
-Stable tag: 2.0.0
+Stable tag: 1.0.0
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 
-Employee Directory for WordPress tailored for Real Estate Offices.
+Employee Directory tailored for Real Estate Offices.
 
 == Description ==
 
-This plugin adds a custom post type for Employees with custom meta fields for employee contact info. It uses included templates to display the contact info for single and archive pages, or these can be overridden in the theme.
+IMPress Agents provides you with a full employee directory, however it is ideal for Real Estate offices.
 
-Adds taxonomies for Offices and Job Types to show employees by location and job title.
+This plugin adds a custom post type for Employees with post meta fields for employee contact info. It uses included templates to display the contact info for single and archive pages, or these can be overridden in your theme.
 
-Coming soon: Import agent details from the IDX API!
+Adds taxonomies for Offices and Job Types to show employees by location and/or job title. Or add custom taxonmies to categorize to your needs.
+
+If using the [IMPress Listings](https://wordpress.org/plugins/wp-listings/) plugin, you can connect Employees to Listings. *Requires the [Posts 2 Posts](https://wordpress.org/plugins/posts-to-posts/) plugin*
+
+*Coming soon: Import agent details from the IDX API. Add more details and have them connected to imported listings from your [IDX Broker](http://www.idxbroker.com/) account!*
+*Coming soon: Add your favorite vendors!*
 
 == Installation ==
 
@@ -27,11 +32,23 @@ Coming soon: Import agent details from the IDX API!
 
 == Frequently Asked Questions ==
 
+= I have a support issue, where do I go? =
+Just post to the support forum here (https://wordpress.org/support/plugin/impress-agents/)
 
-== Screenshots ==
+= Can I use this without an IDX account =
+Certainly! It functions as an employee directory, with or without an IDX account.
 
+= How can I suggest improvements? =
+Just post to the support forum here on [wordpress.org](https://wordpress.org/support/plugin/impress-agents/) or developers can post to the [IMPress Agents Github repo](https://github.com/agentevolution/impress-agents).
+
+== Screenshots ==
+1.
+2.
+3.
+4.
+5.
 
 == Changelog ==
 
-= 0.9 =
+= 1.0.0 =
 * Initial public release

From 8c042df988dbb638c4153c7dd90b7eff2d56db7b Mon Sep 17 00:00:00 2001
From: Dave Bonds <dave@idxbroker.com>
Date: Mon, 25 Jan 2016 16:37:10 -0600
Subject: [PATCH 3/3] t stash mirror

---
 readme.txt | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/readme.txt b/readme.txt
index 8f68510..cd84564 100644
--- a/readme.txt
+++ b/readme.txt
@@ -17,7 +17,7 @@ IMPress Agents provides you with a full employee directory, however it is ideal
 
 This plugin adds a custom post type for Employees with post meta fields for employee contact info. It uses included templates to display the contact info for single and archive pages, or these can be overridden in your theme.
 
-Adds taxonomies for Offices and Job Types to show employees by location and/or job title. Or add custom taxonmies to categorize to your needs.
+Adds taxonomies for Offices and Job Types to show employees by location and/or job title. Or add custom taxonmies to categorize to your needs. If using WP 4.4+, you can add images to taxonomy terms and display an image for an office, job title, or an custom taxonomy term.
 
 If using the [IMPress Listings](https://wordpress.org/plugins/wp-listings/) plugin, you can connect Employees to Listings. *Requires the [Posts 2 Posts](https://wordpress.org/plugins/posts-to-posts/) plugin*
 
@@ -42,11 +42,14 @@ Certainly! It functions as an employee directory, with or without an IDX account
 Just post to the support forum here on [wordpress.org](https://wordpress.org/support/plugin/impress-agents/) or developers can post to the [IMPress Agents Github repo](https://github.com/agentevolution/impress-agents).
 
 == Screenshots ==
-1.
-2.
-3.
-4.
-5.
+1. WP Admin > Add New
+2. WP Admin > Employees
+3. WP Admin > Employee Taxonomies
+4. Front End > Single Employee
+5. Front End > Employee Archive
+6. Front End > Employee Widget
+7. Front End > Connected Listings
+7. Front End > Connected Agents
 
 == Changelog ==