WordPress.org

Plugin Directory

Changeset 1595327


Ignore:
Timestamp:
02/14/17 00:07:08 (7 months ago)
Author:
flippercode
Message:

security vulnerablity is resolved

Location:
wp-google-map-plugin/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • wp-google-map-plugin/trunk/core/class.initiate-core.php

    r1490212 r1595327  
    9696 
    9797                // Register method to hide promotional product from overview page of current product. 
    98                 add_action( 'wp_ajax_hide_promotional_products',array( $this, 'hide_promotional_products' ) ); 
    9998                add_action( 'wp_ajax_check_products_updates',array( $this, 'check_products_updates' ) ); 
    100                 add_action( 'wp_ajax_verify_envanto_purchase',array( $this, 'verify_envanto_purchase' ) ); 
    10199                add_action( 'wp_ajax_submit_user_suggestion',array( $this, 'submit_user_suggestion' ) ); 
    102100                add_action( 'admin_enqueue_scripts', array($this,'load_products_common_resources') ); 
     
    232230 
    233231            } 
    234             function verify_envanto_purchase() { 
    235  
    236  
    237             if (isset($_POST['action']) and $_POST['action'] == 'verify_envanto_purchase' and isset( $_POST['pvn'] ) && wp_verify_nonce($_POST['pvn'], 'purchase-verification-request') ) 
    238             { 
    239  
    240                 $submitData = $_POST; 
    241                 $url = 'http://plugins.flippercode.com/wunpupdates/'; 
    242  
    243                 $bodyargs = array( 'wunpu_action' => 'verify-purchase', 
    244                                 'purchasekey' => wp_unslash($submitData['purchasekey']), 
    245                                 'ip' => $_SERVER['REMOTE_ADDR'], 
    246                                 'site_url' => urlencode(site_url()), 
    247                                 'currentTextDomain' => $submitData['current_text_domain'], 
    248                                 'admin_email' => get_bloginfo('admin_email')); 
    249                 $args = array('method' => 'POST', 'timeout' => 45, 'body' => $bodyargs ); 
    250  
    251                 $response = wp_remote_post($url,$args); 
    252  
    253                 if ( is_wp_error( $response ) ) { 
    254                 $result = array('status' => '0','error' => $response->get_error_message()) ; 
    255                 } else { 
    256                    $valid_purchase = (array) json_decode($response['body']); 
    257  
    258                    if($response['response']['code'] == '200') { 
    259  
    260                            $result = array('status' => '1','purchase_verified' => $valid_purchase['status']); 
    261                            if(  $valid_purchase['status'] == 'true') { 
    262                                update_option( $submitData['current_text_domain'].'_user_has_license', 'yes' ); 
    263                                update_option( $submitData['current_text_domain'].'_license_key', $submitData['purchasekey'] ); 
    264                                update_option( $submitData['current_text_domain'].'_license_details', $valid_purchase ); 
    265                            } 
    266                     } else { 
    267  
    268                        $result = array('status' => '0','purchase_verified' => $valid_purchase['status'],'error' => 'Sorry! Server cannot be reached right now.'); 
    269                    } 
    270  
    271                 } 
    272                 echo json_encode($result); 
    273                 exit; 
    274  
    275             } 
    276  
    277            } 
     232             
    278233 
    279234           public function check_products_updates() { 
     
    304259            } 
    305260 
    306  
    307             public function hide_promotional_products() { 
    308  
    309                 if(isset($_POST['productname']) and !empty($_POST['productname'])) 
    310                 update_option($_POST['productname'].'_hide_promotional_products','yes'); 
    311                 //echo '<pre>'; print_r($_POST); exit; 
    312  
    313             } 
    314261 
    315262            public function _load_core_files() { 
  • wp-google-map-plugin/trunk/readme.txt

    r1552329 r1595327  
    103103= DEMO & Documentation = 
    104104 
    105 * Demo : [Google Maps Pro Plugin Live Demo](http://www.flippercode.com/product/wp-google-map-pro/) 
    106 * Documentation : [WP Google Map Documentation](http://guide.flippercode.com/googlemaps/) 
     105* Demo : [Google Maps Pro Plugin Live Demo](http://wpgmp.flippercode.com/) 
    107106 
    108107 
     
    152151 
    153152== Changelog == 
     153 
     154= 3.2.0 = 
     155* Security Fix: Security vulnerablity is resolved. 
    154156 
    155157= 3.1.6 = 
  • wp-google-map-plugin/trunk/wp-google-map-plugin.php

    r1552329 r1595327  
    44 * @package Maps 
    55 * @author Flipper Code <hello@flippercode.com> 
    6  * @version 3.1.9 
     6 * @version 3.2.0 
    77 */ 
    88 
     
    1313Author: flippercode 
    1414Author URI: http://www.flippercode.com/ 
    15 Version: 3.1.9 
     15Version: 3.2.0 
    1616Text Domain: wp-google-map-plugin 
    1717Domain Path: /lang/ 
Note: See TracChangeset for help on using the changeset viewer.