WordPress.org

Plugin Directory

Changeset 1632839


Ignore:
Timestamp:
04/08/17 12:36:33 (6 months ago)
Author:
netweblogic
Message:

updating to 3.1.7

Location:
login-with-ajax/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • login-with-ajax/trunk/login-with-ajax-admin.php

    r1403859 r1632839  
    146146                <div id="post-body"> 
    147147                    <div id="post-body-content"> 
    148                         <form method="post" action="<?php echo str_replace( '%7E', '~', $_SERVER['REQUEST_URI']); ?>"> 
     148                        <form method="post" action=""> 
    149149                        <h2><?php _e("General Settings", 'login-with-ajax'); ?></h2> 
    150150                        <table class="form-table"> 
  • login-with-ajax/trunk/login-with-ajax.php

    r1403859 r1632839  
    55Description: Ajax driven login widget. Customisable from within your template folder, and advanced settings from the admin area. 
    66Author: Marcus Sykes 
    7 Version: 3.1.6 
     7Version: 3.1.7 
    88Author URI: http://msyk.es 
    99Tags: Login, Ajax, Redirect, BuddyPress, MU, WPMU, sidebar, admin, widget 
     
    2525along with this program.  If not, see <http://www.gnu.org/licenses/>. 
    2626*/ 
    27 define('LOGIN_WITH_AJAX_VERSION', '3.1.5'); 
     27define('LOGIN_WITH_AJAX_VERSION', '3.1.7'); 
    2828class LoginWithAjax { 
    2929 
     
    114114            //Add logout/in redirection 
    115115            add_action('wp_logout', 'LoginWithAjax::logoutRedirect'); 
    116             add_action('logout_url', 'LoginWithAjax::logoutUrl'); 
    117             add_action('login_redirect', 'LoginWithAjax::loginRedirect', 1, 3); 
     116            add_filter('logout_url', 'LoginWithAjax::logoutUrl'); 
     117            add_filter('login_redirect', 'LoginWithAjax::loginRedirect', 1, 3); 
    118118            add_shortcode('login-with-ajax', 'LoginWithAjax::shortcode'); 
    119119            add_shortcode('lwa', 'LoginWithAjax::shortcode'); 
  • login-with-ajax/trunk/readme.txt

    r1551895 r1632839  
    33Tags: login, ajax, ajax login, registration, redirect redirect, buddypress, multi site, sidebar, admin, widget 
    44Requires at least: 3.7 
    5 Tested up to: 4.7 
    6 Stable tag: 3.1.6 
     5Tested up to: 4.7.2 
     6Stable tag: 3.1.7 
    77License: GPLv2 or later 
    88 
     
    174174 
    175175== Changelog == 
     176= 3.1.7 = 
     177* fixed XSS security vulnerability on LWA settings page allowing code injection if an authorized user follows a properly structured url to that page, this does not affect the security of the login forms, only the settings page. Kudos Neven Biruski from DefenceCode for responsible disclosure. 
     178* changed our hooks logout_url and login_redirect added as actions to filters which prevented functionality in some situations 
     179 
    176180= 3.1.6 = 
    177181* added Persian translation, thanks to Mohammad Akbari 
Note: See TracChangeset for help on using the changeset viewer.