Merge pull request #33 from ryanshoover/master

Better escaping to get rid of potential fatal error

Author: stevenkword

js/admin.js

@@ -8,7 +8,7 @@ document.getElementById( 'wpbody' ).addEventListener( 'click', function ( event
     var parent = event.path[ 1 ] || null;
 
     // If the parent div doesn't have our wpengine-geoip class, then abort
-    if ( !parent || !parent.classList.includes( 'wpengine-geoip' ) ) {
+    if ( !parent || -1 === jQuery.inArray( 'wpengine-geoip', parent.classList ) ) {
         return;
     }
 

readme.txt

@@ -3,7 +3,7 @@ Contributors: wpengine, markkelnar, stevenkword, stephenlin, ryanshoover, taylor
 Tags: wpe, wpengine, geoip, localization, geolocation
 Requires at least: 3.0.1
 Tested up to: 4.8
-Stable tag: 1.2.1
+Stable tag: 1.2.2
 
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -232,6 +232,10 @@ Please contact the WP Engine [Support Team](https://my.wpengine.com/support#gene
 
 == Changelog ==
 
+= 1.2.2 =
+- We're escaping our output. AND we're escaping our output in a way where the code will actually work!
+- We've also gotten rid of any bleeding-edge JavaScript. Sure, it's cool. But a plugin that works for everybody is even cooler.
+
 = 1.2.1 =
 - When you dismiss the notice on development websites, it stays dismissed. Like it should.
 - The readme's code blocks actually have code in them now. Because what's the sense of a code block without code in it?

wpengine-geoip.php

@@ -1,7 +1,7 @@
 <?php
 /**
  * Plugin Name: WP Engine GeoIP
- * Version: 1.2.1
+ * Version: 1.2.2
  * Description: Create a personalized user experienced based on location.
  * Author: WP Engine
  * Author URI: http://wpengine.com
@@ -633,7 +633,13 @@ public function action_admin_init_check_plugin_dependencies() {
 	public function action_admin_notices() {
 		foreach ( $this->admin_notices as $type => $notices ) {
 			foreach ( $notices as $key => $notice ) {
-				echo wp_kses( "<div class=\"notice notice-{$type} wpengine-geoip is-dismissible\" data-key=\"{$key}\"><p>$notice</p></div>" );
+				?>
+				<div class="notice notice-<?php echo esc_attr( $type ); ?> wpengine-geoip is-dismissible" data-key="<?php echo esc_attr( $key ); ?>">
+					<p>
+						<?php echo esc_html( $notice ); ?>
+					</p>
+				</div>
+				<?php
 			}
 		}
 	}