== Changelog ==

= 3.5.2 =
* Changed: Updated compatibility with WordPress 6.8.
* Fixed: One Google Services class was missing in the packaged library resulting in Google Drive Embedder Enterprise not working correctly.
* Fixed: Various PHP Deprecation notices and warnings in the Google Services library.

= 3.5.1 =
* Fixed: There was a fatal error when editing a single user in the admin area due to the incorrect usage of the built-in WordPress filter.

= 3.5.0 =
* IMPORTANT: The minimum WordPress version has been raised to WordPress 5.5. Technically the plugin still works on older versions as well, but we will not actively support them.
* IMPORTANT: The minimum PHP version has been raised to PHP 7.2.
* Changed: Updated compatibility with WordPress 6.7.
* Changed: Updated compatibility with PHP 8.
* Changed: As users may have different Google accounts, and they may not be logged in in the correct one, we now request users to confirm the correct account to use when they want to log in.
* Fixed: A lot of plugin strings in its admin area were not translatable.
* Fixed: Make all URLs in the plugin to use the `https` protocol.
* Fixed: Fixed all the deprecation and compatibility issues with the latest PHP versions, including in the Google API Services library.
* Fixed: The "Force user to confirm Google permissions every time" option did not work correctly because we were passing an incorrect value to Google.
* Fixed: SVG images used to display Google logo were not rendering properly on various pages.

= 3.4.6 =
* Fixed: Auth errors when redirect login is enabled.
* Removed the `gal_login_form_readyjs` filter.

= 3.4.5 =
* Updated: Plugin name.
* Fixed: Admin escaping.

= 3.4.4 =
* Updated compatibility with the WordPress 5.7 release.
* "Login with Google" button removed static images generated same button using HTML code and use Google svg icon.
* Bug fixed for header already sent.

= 3.4.3 =
* Updated compatibility with the WordPress 5.6 release.

= 3.4.2 =
* Added missing alt attribute in image tag.
* Set httponly flag in cookie.
* Added custom text support for the "Login with Google" button.

= 3.4.1 =
* Bug fixing for PHP Notice: Undefined index: approval_prompt.
* Bug Fixing for PHP Deprecated: Array and string offset access syntax with curly braces is deprecated.

= 3.4 =
* Bug fixing for Invalid parameter value for approval_prompt: 'auto'.
* Updated compatibility with the WordPress 5.4 release.

= 3.3 =
* Added permission check functionality.
* Added Google Drive Embedder insufficient permission error fixes.
* Added Login With Google buttons branding.
* Updated compatibility with the WordPress 5.3.1 release.

= 3.2 =
* Added workaround for incompatibility with WPMU Defender plugin's new 2FA feature.
* Updated compatibility with the upcoming WordPress 4.9 release.

= 3.0 =
Internal changes to Google Client library. Essential for the latest versions of some extension plugins such as Google Drive Embedder.

= 2.10.5 =
* Multisite improvements: better handling of COOKIE_DOMAIN configuration and also allows login redirects straight to sub-sites even when login is handled by the root site's wp-login.php page.
* Login page cookies now last for the length of the current browser session instead of for a fixed time, so this should reduce unexpected 'Session mismatch' errors.
* Ensures plugin options are not loaded until 'plugins_loaded' stage. This makes it easier to use the gal_options hook more reliably.
* Added language files for be_BY.
* Added filters `gal_options` and `gal_sa_options` so you can configure settings using PHP code.
* Changed the way Google client library is included to avoid conflicts with other Google-related plugins that set the include path in a way that doesn't allow for other plugins.

= 2.9.7 =
* Added gal_set_login_cookie filter so you can prevent Login for Google Apps from setting its `wordpress_google_apps_login` cookie under certain circumstances. It only technically needs to be set on the `wp-login.php` page in most installations, and you may find that if it sets the cookie on any page load (which it does when not already set) then this prevents caching on heavy traffic pages.

= 2.9.6 =
* New 'Remember Me' in advanced options. Check to ensure users are not automatically logged out at the end of their browser session. This applies to all users using 'Login with Google'. It has the same functionality as checking the 'Remember Me' checkbox on the login form when using regular WordPress username/password to login.
* Improved handling of errors when multiple versions of the plugin are inadvertently activated.

= 2.8.17 =
* Added filter gal_login_button_text so developers can customize the 'Login with Google' button in all versions (in Premium/Enterprise, it is possible to set the button text in settings, and that will always take priority if set).
* Fixed a text injection vulnerability whereby it was possible for a third party to trick a user into viewing a version of the login page containing an error message entirely of their own choosing - all sites should upgrade to this plugin version.

= 2.8.16 =
* Updated to work correctly alongside some plugins that change the login URL from /wp-login.php to something else.

= 2.8.15 =
* Removed a WordPress function that is deprecated in WP 4.4 - force_ssl_login.
* This could have resulted in some visible warning messages.

= 2.8.14 =
* Updated some URLs pointing to information about Premium/Enterprise upgrades.
Readme updated.

= 2.8.13 =
* Ready for WordPress 4.4.
* New translation strings for languages.

= 2.8.12 =
* Opportunity to sign up for emails on Google Apps and WordPress, from settings page.

= 2.8.11 =
* Service Account Client ID is imported from JSON key file so user can copy and paste it into admin.google.com

= 2.8.10 =
* Changed name of login cookie from 'google_apps_login' to 'wp_google_apps_login'.

= 2.8.3 =
* Resolved conflict with some other plugins over Google-related function names.

= 2.8.1 =
* 'Session mismatch' warning should be much less of a problem now.

= 2.8 =
* Session mismatch (could be a problem setting cookies) should now occur less frequently. Service Account can have no admin email (for gmail.com accounts).

= 2.7 =
* Accepts filter gal_client_config_ini containing filesystem path to an INI file to supply to Google's client library on instantiation, so you can override settings.
* Added substitution version core/Google/IO/DebugVersionOfCurl.php to replace core/Google/IO/Curl.php temporarily to log communications to Google's server for debugging purposes.

= 2.5.2 =
* Service Account settings can be uploaded by copy-and-paste of JSON file contents as well as just uploading the file directly.

= 2.5 =
* Platform extended to provide Service Account settings.

= 2.4.4 =
* Readme updates and tidied settings page.

= 2.4.3 =
* New hooks for profile photos.
* Updated Google client library.

= 2.3.1 =
* Fixed conflicts with some other plugins such as Google Analyticator which use similar Google client libraries.

= 2.3 =
* Better organized config pages.
* Uses latest Google client library.
* Option to link to wp-glogin.com from login page.

= 2.2 =
* Fix for an error seen on multisite admin.
* Added Arabic translation.

= 2.1 =
* New design to support multiple languages. Includes Serbo-Croatian.
* Fixed some conflicts with other plugins when used in 'auto redirect to Google' mode.

= 2.0 =
* Our platform provides centralized setup and management of Google-related features in your WordPress site and plugins. Other developers can easily extend our Google authentication into their own plugins.

= 1.4 =
* Added clearer instructions, plus new options: automatically redirect users to Login via Google; plus force users to fully approve access to their Google account every time they login (allowing them to switch accounts if only logged into the wrong one, as well as making the process clearer).

= 1.3 =
* Much neater support for redirecting users to most appropriate page post-login, especially on multisite installations; Better notices guiding admins through configuration

= 1.2 =
* Upgrade to match WordPress 3.8;
* More extensible code

= 1.1 =
* Increased security - uses an extra authenticity check;
* Better support for mal-configured Google credentials;
* No longer uses PHP-based sessions - will work on even more WordPress configurations

= 1.0 =
* All existing versions are functionally identical - no need to upgrade.
