{"id":242417,"date":"2025-07-30T06:09:36","date_gmt":"2025-07-30T06:09:36","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/font-type-tester\/"},"modified":"2025-07-30T06:09:26","modified_gmt":"2025-07-30T06:09:26","slug":"font-type-tester","status":"publish","type":"plugin","link":"https:\/\/ps.wordpress.org\/plugins\/font-type-tester\/","author":23316579,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.1.12","stable_tag":"1.1.12","tested":"6.8.5","requires":"5.0","requires_php":"7.4","requires_plugins":null,"header_name":"Font Type Tester","header_author":"mitradranirban","header_description":"A comprehensive font testing tool with real-time typography controls","assets_banners_color":"ddedfd","last_updated":"2025-07-30 06:09:26","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/paypal.me\/dranirban","header_plugin_uri":"","header_author_uri":"","rating":0,"author_block_rating":0,"active_installs":10,"downloads":331,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.1.12":{"tag":"1.1.12","author":"mitradranirban","date":"2025-07-30 06:09:26"}},"upgrade_notice":[],"ratings":[],"assets_icons":{"Icon-128x128.png":{"filename":"Icon-128x128.png","revision":3336336,"resolution":"128x128","location":"assets","locale":""},"Icon-256x256.png":{"filename":"Icon-256x256.png","revision":3336336,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"Banner-772x256.png":{"filename":"Banner-772x256.png","revision":3336336,"resolution":"772x256","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.1.12"],"block_files":[],"assets_screenshots":[],"screenshots":[],"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[244748,245581,2221,245583,245582],"plugin_category":[],"plugin_contributors":[244751],"plugin_business_model":[],"class_list":["post-242417","plugin","type-plugin","status-publish","hentry","plugin_tags-font-preview","plugin_tags-font-tester","plugin_tags-fonts","plugin_tags-static-fonts","plugin_tags-typography-tools","plugin_contributors-mitradranirban","plugin_committers-mitradranirban"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/font-type-tester\/assets\/Icon-128x128.png?rev=3336336","icon_2x":"https:\/\/ps.w.org\/font-type-tester\/assets\/Icon-256x256.png?rev=3336336","generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>Font Type Tester is a powerful WordPress plugin designed for designers, developers, and typography enthusiasts who need to test and preview static fonts with precision control over typography settings.<\/p>\n\n<p><strong>Key Features:<\/strong><\/p>\n\n<ul>\n<li><strong>Font Upload &amp; Management<\/strong> - Upload TTF, OTF, WOFF, and WOFF2 font files<\/li>\n<li><strong>Real-time Typography Controls<\/strong> - Adjust font size, line height, letter spacing, and word spacing with intuitive sliders<\/li>\n<li><strong>Font Source Protection<\/strong> - Automatic obfuscation of font filenames to protect original sources<\/li>\n<li><strong>Custom Sample Text<\/strong> - Test fonts with your own content<\/li>\n<li><strong>Responsive Interface<\/strong> - Works perfectly on desktop and mobile devices<\/li>\n<li><strong>Secure File Handling<\/strong> - Validates file types and implements security measures<\/li>\n<li><strong>Easy Integration<\/strong> - Simple shortcode implementation<\/li>\n<\/ul>\n\n<p><strong>Perfect for:<\/strong><\/p>\n\n<ul>\n<li>Web designers testing fonts for client projects<\/li>\n<li>Typography enthusiasts exploring font characteristics<\/li>\n<li>Developers needing font preview functionality<\/li>\n<li>Anyone who wants to test fonts without revealing source files<\/li>\n<\/ul>\n\n<p><strong>Privacy &amp; Security:<\/strong><\/p>\n\n<p>The plugin automatically renames uploaded font files with random strings, ensuring that the original font source remains protected. This is particularly useful when testing premium fonts or when you need to share font previews without exposing the actual font files.<\/p>\n\n<h3>Technical Requirements<\/h3>\n\n<ul>\n<li>WordPress 5.0 or higher<\/li>\n<li>PHP 7.4 or higher<\/li>\n<li>MySQL 5.6 or higher (for font metadata storage)<\/li>\n<li>Modern browser with FontFace API support<\/li>\n<li>Sufficient upload directory permissions<\/li>\n<\/ul>\n\n<h3>Support<\/h3>\n\n<p>For support, feature requests, or bug reports, please visit our support page or contact the developer.<\/p>\n\n<h3>Privacy Policy<\/h3>\n\n<p>This plugin:\n* Stores uploaded font files locally on your server\n* Does not transmit any data to external services\n* Obfuscates font filenames for privacy protection\n* Stores minimal metadata in the WordPress database\n* Automatically cleanups data upon deactivation<\/p>\n\n<h3>Developer Notes<\/h3>\n\n<p>The plugin uses modern web APIs including the FontFace API for dynamic font loading. It implements WordPress best practices for:<\/p>\n\n<ul>\n<li>Secure AJAX handling with nonces<\/li>\n<li>Proper database table creation and cleanup<\/li>\n<li>File upload validation and security<\/li>\n<li>Responsive CSS grid layouts<\/li>\n<li>Cross-browser compatibility<\/li>\n<\/ul>\n\n<p>For developers looking to extend functionality, the plugin provides clean hooks and follows WordPress coding standards.<\/p>\n\n<h3>Credits<\/h3>\n\n<p>Developed with \u2764\ufe0f for the WordPress community.<\/p>\n\n<p>Special thanks to the WordPress core team for providing excellent APIs and documentation that make plugins like this possible.<\/p>\n\n<!--section=installation-->\n<p><strong>Automatic Installation:<\/strong><\/p>\n\n<ol>\n<li>Log in to your WordPress admin panel<\/li>\n<li>Go to Plugins &gt; Add New<\/li>\n<li>Search for \"Font Type Tester\"<\/li>\n<li>Click \"Install Now\" and then \"Activate\"<\/li>\n<\/ol>\n\n<p><strong>Manual Installation:<\/strong><\/p>\n\n<ol>\n<li>Download the plugin files<\/li>\n<li>Upload the <code>font-type-tester<\/code> folder to <code>\/wp-content\/plugins\/<\/code> directory<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress<\/li>\n<li>The plugin will automatically create necessary directories and database tables<\/li>\n<\/ol>\n\n<p><strong>Usage:<\/strong><\/p>\n\n<ol>\n<li>Admin Side:<\/li>\n<\/ol>\n\n<p>Go to Settings \u2192 Font Tester in WordPress admin\nUpload fonts with optional custom names\nManage (view\/delete) uploaded fonts\nCopy the shortcode [fotyte_font_tester] for use<\/p>\n\n<ol>\n<li>Front-end:<\/li>\n<\/ol>\n\n<p>Add [fotyte_font_tester] shortcode to any page\/post\nUsers can select from available fonts via dropdown\nFull typography controls remain available\nNo upload interface visible to regular users<\/p>\n\n<!--section=faq-->\n<dl>\n<dt id='what%20font%20formats%20are%20supported%3F'><h3>What font formats are supported?<\/h3><\/dt>\n<dd><p>The plugin supports TTF, OTF, WOFF, and WOFF2 font formats, which cover the majority of web font needs.<\/p><\/dd>\n<dt id='are%20my%20font%20files%20secure%3F'><h3>Are my font files secure?<\/h3><\/dt>\n<dd><p>Yes! The plugin automatically obfuscates font filenames by renaming them with random strings. This protects the original source while still allowing full functionality.<\/p><\/dd>\n<dt id='can%20i%20use%20this%20plugin%20on%20multiple%20pages%3F'><h3>Can I use this plugin on multiple pages?<\/h3><\/dt>\n<dd><p>Absolutely! You can use the <code>[font_tester]<\/code> shortcode on any page, post, or widget area where shortcodes are supported.<\/p><\/dd>\n<dt id='what%20happens%20to%20uploaded%20fonts%20when%20i%20deactivate%20the%20plugin%3F'><h3>What happens to uploaded fonts when I deactivate the plugin?<\/h3><\/dt>\n<dd><p>When the plugin is deactivated, all uploaded font files and database entries are automatically cleaned up to keep your site tidy.<\/p><\/dd>\n<dt id='can%20i%20customize%20the%20sample%20text%3F'><h3>Can I customize the sample text?<\/h3><\/dt>\n<dd><p>Yes! The plugin includes a textarea where user can input any custom text to test how fonts render with your specific content.<\/p><\/dd>\n<dt id='is%20there%20a%20file%20size%20limit%20for%20font%20uploads%3F'><h3>Is there a file size limit for font uploads?<\/h3><\/dt>\n<dd><p>The plugin respects your WordPress and server upload limits. Most font files are well within typical limits, but very large font files may need server configuration adjustments.<\/p><\/dd>\n<dt id='does%20this%20work%20with%20variable%20fonts%3F'><h3>Does this work with variable fonts?<\/h3><\/dt>\n<dd><p>This version focuses on static fonts. Variable font support is available in our <a href=\"https:\/\/github.com\/mitradranirban\/variable-font-sampler\">Variable Font sampler<\/a>.<\/p><\/dd>\n<dt id='can%20i%20delete%20uploaded%20fonts%3F'><h3>Can I delete uploaded fonts?<\/h3><\/dt>\n<dd><p>Yes! Each uploaded font can be deleted individually through the interface, which removes both the file and database record.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.1.12<\/h4>\n\n<ul>\n<li><p><strong>Security Enhancements<\/strong><\/p>\n\n<ul>\n<li>Added proper nonce verification for all form submissions and GET parameters<\/li>\n<li>Implemented comprehensive input validation and sanitization for file uploads<\/li>\n<li>Added isset() checks for all $_FILES array access to prevent undefined index errors<\/li>\n<li>Enhanced file validation with binary signature checking for font files<\/li>\n<\/ul><\/li>\n<li><p><strong>WordPress Standards Compliance<\/strong><\/p>\n\n<ul>\n<li>Replaced direct filesystem operations with WP_Filesystem API methods<\/li>\n<li>Replaced move_uploaded_file() with WP_Filesystem::put_contents()<\/li>\n<li>Replaced unlink() with wp_delete_file() for file deletion<\/li>\n<li>Removed direct chmod() calls in favor of WP_Filesystem permissions<\/li>\n<li>Added translators comments for all internationalized strings with placeholders<\/li>\n<\/ul><\/li>\n<li><p><strong>Database Improvements<\/strong><\/p>\n\n<ul>\n<li>Implemented proper database query caching with wp_cache_get\/set<\/li>\n<li>Added phpcs:ignore comments for necessary direct database queries<\/li>\n<li>Enhanced error handling for database operations with automatic file cleanup<\/li>\n<\/ul><\/li>\n<li><p><strong>File Upload Security<\/strong><\/p>\n\n<ul>\n<li>Added file size validation (10MB limit for font files)<\/li>\n<li>Implemented binary signature verification for TTF, OTF, WOFF, and WOFF2 files<\/li>\n<li>Enhanced filename sanitization and unique filename generation<\/li>\n<li>Added comprehensive error messages for various upload failure scenarios<\/li>\n<\/ul><\/li>\n<li><p><strong>Performance Optimizations<\/strong><\/p>\n\n<ul>\n<li>Implemented font data caching with 1-hour expiration<\/li>\n<li>Added cache invalidation on font upload\/delete operations<\/li>\n<li>Optimized database queries with proper prepared statements<\/li>\n<\/ul><\/li>\n<li><p><strong>Bug Fixes<\/strong><\/p>\n\n<ul>\n<li>Fixed undefined array index warnings for $_FILES superglobal<\/li>\n<li>Resolved file permission issues with proper WordPress filesystem handling<\/li>\n<li>Fixed potential XSS vulnerabilities in admin interface<\/li>\n<li>Corrected improper sanitization of temporary file paths<\/li>\n<\/ul><\/li>\n<\/ul>\n\n<h4>1.1.11<\/h4>\n\n<ul>\n<li>Implemented custom font upload handler bypassing WordPress MIME restrictions<\/li>\n<li>Added binary file signature validation for TTF, OTF, WOFF, and WOFF2 formats<\/li>\n<li>Enhanced security with multi-layer file validation (extension + signature + size)<\/li>\n<li>Improved error handling with specific error messages and file cleanup<\/li>\n<li>Added upload success notifications with font name display<\/li>\n<li>Increased maximum upload size from 5MB to 10MB<\/li>\n<\/ul>\n\n<h4>1.1.10<\/h4>\n\n<p><strong>Security &amp; Code Quality Release<\/strong>\n* SECURITY FIX: Properly sanitized file upload inputs to prevent potential security vulnerabilities\n* SECURITY FIX: Eliminated unprepared SQL statements and improved database query security\n* SECURITY FIX: Removed intermediate SQL variables that could pose security risks\n* CODE QUALITY: Updated database queries to follow WordPress coding standards (PHPCS compliance)\n* CODE QUALITY: Improved prepared statement handling for better security practices\n* PERFORMANCE: Maintained existing caching functionality while improving query security\n* COMPATIBILITY: No breaking changes - fully backward compatible with previous versions<\/p>\n\n<h4>1.1.9<\/h4>\n\n<ul>\n<li><strong>SECURITY UPDATE<\/strong>: Fixed all WordPress Coding Standards warnings and security vulnerabilities<\/li>\n<li>Implemented proper input sanitization for $_FILES['font_file'] using wp_check_filetype() and wp_handle_upload()<\/li>\n<li>Fixed SQL injection vulnerabilities by properly escaping table names with backticks in prepared statements<\/li>\n<li>Replaced direct database queries with WordPress built-in methods ($wpdb-&gt;insert(), $wpdb-&gt;delete())<\/li>\n<li>Enhanced caching implementation with wp_cache_get(), wp_cache_set(), and proper cache invalidation<\/li>\n<li>Added comprehensive nonce verification and capability checks for all admin functions<\/li>\n<li>Implemented secure file upload handling with MIME type validation<\/li>\n<li>Added proper error handling and user feedback for upload\/delete operations<\/li>\n<li>Enhanced input validation using sanitize_text_field(), wp_unslash(), and absint()<\/li>\n<li>Improved database query performance with object caching (3600 second cache timeout)<\/li>\n<li>Fixed WordPress.Security.ValidatedSanitizedInput.InputNotSanitized warnings<\/li>\n<li>Fixed WordPress.DB.PreparedSQL.InterpolatedNotPrepared warnings<\/li>\n<li>Fixed WordPress.DB.DirectDatabaseQuery.DirectQuery and NoCaching warnings<\/li>\n<\/ul>\n\n<h4>1.1.8<\/h4>\n\n<ul>\n<li>Sanitized all <code>$_POST<\/code> and <code>$_FILES<\/code> inputs with <code>sanitize_text_field()<\/code> and <code>wp_unslash()<\/code><\/li>\n<li>Added <code>isset()<\/code> and <code>is_numeric()<\/code> guards for all external input<\/li>\n<li>Used proper <code>$wpdb-&gt;prepare()<\/code> syntax \u2014 avoided direct string interpolation and removed unsafe <code>$table<\/code> placeholders<\/li>\n<li>Implemented WP object caching via <code>wp_cache_get()<\/code> and <code>wp_cache_set()<\/code> for font listing and lookup<\/li>\n<li>Used <code>wp_cache_delete()<\/code> on upload\/delete to invalidate cache<\/li>\n<li>Added version parameters (<code>'1.1.8'<\/code>) to all styles\/scripts to fix browser cache busting<\/li>\n<li>Passed PHPCS codesniffing standards with WordPress-Extra + WordPress-Docs + WordPress-VIP rules<\/li>\n<\/ul>\n\n<h4>1.1.7<\/h4>\n\n<ul>\n<li>Fixed <code>$wpdb<\/code> query interpolation warnings<\/li>\n<li>Sanitized inputs and replaced <code>rename()<\/code> with <code>WP_Filesystem-&gt;move()<\/code><\/li>\n<li>Implemented object caching pattern for all fetching queries<\/li>\n<li>Fixed database queries to use <code>$wpdb-&gt;prepare()<\/code> \u2014 no raw variable interpolation<\/li>\n<li>Improved sanitization and validation for <code>$_POST['font_name']<\/code> using <code>isset()<\/code> and <code>wp_unslash()<\/code><\/li>\n<li>Validated and sanitized <code>$_FILES['font_file']<\/code> input properly<\/li>\n<li>Replaced <code>rename()<\/code> with <code>$wp_filesystem-&gt;move()<\/code> per WPCoding standards<\/li>\n<li>Added <code>version<\/code> to all uses of <code>wp_register_style()<\/code> and <code>wp_register_script()<\/code> to fix browser cache busting<\/li>\n<li>Added object caching (<code>wp_cache_get<\/code>, <code>wp_cache_set<\/code>) to SELECT queries<\/li>\n<li>Invalidated caches on insert\/delete using <code>wp_cache_delete()<\/code><\/li>\n<li>Retained backwards-compatible shortcode: <code>[fotyte_font_tester]<\/code><\/li>\n<\/ul>\n\n<h4>1.1.6<\/h4>\n\n<ul>\n<li>Residual use of heredoc syntax cleaned<\/li>\n<\/ul>\n\n<h4>1.1.5<\/h4>\n\n<ul>\n<li>Fully prefixed all functions, actions, shortcodes, and handles with <code>fotyte_<\/code><\/li>\n<\/ul>\n\n<h4>1.1.4<\/h4>\n\n<ul>\n<li>Switched from writing JS\/CSS files to using <code>wp_add_inline_style<\/code> and <code>wp_add_inline_script<\/code><\/li>\n<\/ul>\n\n<h4>1.1.3<\/h4>\n\n<ul>\n<li>Prepend function names with unique characters fotyte_ <\/li>\n<\/ul>\n\n<h4>1.1.2<\/h4>\n\n<ul>\n<li>Rearrange UI to put Font Preview on top <\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<ul>\n<li>Correcte Readme<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ol>\n<li>Admin Interface Added<\/li>\n<\/ol>\n\n<p>New admin menu item under Settings \u2192 Font Tester\nClean admin interface for font upload and management\nTable view of all uploaded fonts with delete functionality\nUsage instructions for the shortcode<\/p>\n\n<ol>\n<li>Front-end Changes<\/li>\n<\/ol>\n\n<p>Removed font upload form completely\nSimplified interface focusing only on font testing\nUsers can only select from fonts uploaded by administrators\nShows message when no fonts are available<\/p>\n\n<ol>\n<li>Security Improvements<\/li>\n<\/ol>\n\n<p>Added capability checks (manage_options) for all admin functions\nOnly administrators can upload and delete fonts\nEnhanced permission validation<\/p>\n\n<ol>\n<li>New Files Created\nThe plugin now creates 4 files:<\/li>\n<\/ol>\n\n<p>font-tester.css - Front-end styles\nfont-tester.js - Front-end JavaScript\nfont-tester-admin.css - Admin interface styles\nfont-tester-admin.js - Admin interface JavaScript<\/p>\n\n<ol>\n<li>Enhanced Functionality<\/li>\n<\/ol>\n\n<p>Better caching system\nImproved database queries with prepared statements\nCleaner admin interface with WordPress styling\nAutomatic page reload after font upload for immediate feedback<\/p>","raw_excerpt":"A comprehensive font testing tool with real-time typography controls and font source obfuscation for secure font preview.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/242417","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=242417"}],"author":[{"embeddable":true,"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/mitradranirban"}],"wp:attachment":[{"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=242417"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=242417"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=242417"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=242417"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=242417"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/ps.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=242417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}