WordPress.org

Plugin Directory


Ignore:
Timestamp:
11/11/17 08:25:02 (3 months ago)
Author:
pradeepmakone07
Message:

Urgent security fix

Location:
wp-support-plus-responsive-ticket-system/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • wp-support-plus-responsive-ticket-system/trunk/includes/admin/attachment/uploadAttachment.php

    r1609704 r1763596  
    2323            break; 
    2424    } 
     25    if ( preg_match('/php/i', $extension) || preg_match('/phtml/i', $extension) ){ 
     26      $isError=true; 
     27      $errorMessege=__('Error: file format not supported!','wp-support-plus-responsive-ticket-system'); 
     28    } 
    2529} 
    2630 
     
    3842    $save_url = $upload_dir['baseurl'] . '/wpsp/'.time().'_'.str_replace(' ','_',$_FILES[0]['name']); 
    3943    move_uploaded_file($_FILES[0]['tmp_name'], $save_directory); 
    40      
     44 
    4145    //download key to check unique 
    4246    $key=0; 
     
    4650        $result=$wpdb->get_var($sql); 
    4751    }while ($result); 
    48      
     52 
    4953    $values=array( 
    5054        'filename'=>$_FILES[0]['name'], 
  • wp-support-plus-responsive-ticket-system/trunk/readme.txt

    r1763537 r1763596  
    44Tags: ticket,support,helpdesk,crm,responsive,chat,skype,email pipe,contact,faq,woocommerce 
    55Requires at least: 4.0 
    6 Tested up to: 4.8 
    7 Stable tag: 8.0.7 
     6Tested up to: 4.9 
     7Stable tag: 8.0.8 
    88 
    99== Description == 
     
    7777 
    7878== Changelog == 
     79= V 8.0.8 = 
     80* Fix : Urgent security fix 
     81 
    7982= V 8.0.7 = 
    8083* Tweak : Setting to disable edit ticket information for agents 
  • wp-support-plus-responsive-ticket-system/trunk/wp-support-plus.php

    r1661351 r1763596  
    1 <?php  
     1<?php 
    22/** 
    33 * Plugin Name: WP Support Plus 
    44 * Plugin URI: https://wordpress.org/plugins/wp-support-plus-responsive-ticket-system-ticket-system/ 
    55 * Description: Easy to use Customer Support System in Wordpress itself! 
    6  * Version: 8.0.7 
     6 * Version: 8.0.8 
    77 * Author: Pradeep Makone 
    88 * Author URI: http://profiles.wordpress.org/pradeepmakone07/ 
    99 * Requires at least: 4.4 
    10  * Tested up to: 4.7 
     10 * Tested up to: 4.9 
    1111 * Text Domain: wp-support-plus-responsive-ticket-system 
    1212 * Domain Path: /lang 
     
    2525                register_deactivation_hook( __FILE__, array($this,'deactivate') ); 
    2626        $this->include_files(); 
    27                  
     27 
    2828                add_action( 'init', array($this,'load_wpsp_actions') ); 
    29          
     29 
    3030        //output buffer for faq 
    3131        add_action('init', array($this,'do_output_buffer')); 
    3232        add_action('wp_footer',array($this,'close_pending_tickets')); 
    33                  
     33 
    3434                $advancedSettings=get_option( 'wpsp_advanced_settings' ); 
    3535                if($advancedSettings['admin_bar_Setting']==1){ 
     
    4545                $cron=new WPSPCron(); 
    4646                add_action( 'wpsp_attachment_garbage_collection', array( $cron, 'attachment_garbage_collection')); 
    47                  
     47 
    4848                /* 
    4949                 * add and publish open ticket page for ticket URL links 
    5050                 */ 
    5151                add_action( 'wp_loaded', array ( $this, 'create_open_ticket_page' ) ); 
    52                  
     52 
    5353                /* 
    5454                 * Popup for woocommerce and other tasks 
     
    5656                add_action('wp_footer',array($this,'wpsp_front_popup')); 
    5757                add_action('admin_footer',array($this,'wpsp_front_popup')); 
    58                     
     58 
    5959    } 
    60          
     60 
    6161        function load_wpsp_actions(){ 
    6262            include( WCE_PLUGIN_DIR.'includes/admin/actions/load_wpsp_actions.php' ); 
    6363        } 
    64          
     64 
    6565        function wpsp_front_popup(){ 
    6666            include( WCE_PLUGIN_DIR.'includes/woo/wpsp_front_popup.php' ); 
     
    6868 
    6969    function do_output_buffer() { 
    70              
     70 
    7171            if ((isset($_REQUEST['page']) && $_REQUEST['page']=='wp-support-plus-faq')||(isset($_REQUEST['page']) && $_REQUEST['page']=='wp-support-plus-Canned-Reply')){ 
    7272                ob_start(); 
    7373            } 
    74              
     74 
    7575            if(isset($_REQUEST['ticket_attachment'])){ 
    7676                include( WCE_PLUGIN_DIR.'includes/admin/attachment/download_attachment.php' ); 
    7777            } 
    78              
     78 
    7979            if(isset($_REQUEST['wpsp_system_info'])){ 
    8080                include( WCE_PLUGIN_DIR.'includes/admin/attachment/download_system_info.php' ); 
    8181            } 
    82              
     82 
    8383    } 
    84      
     84 
    8585    function load_textdomain(){ 
    8686        $locale = apply_filters( 'plugin_locale', get_locale(), 'wp-support-plus-responsive-ticket-system' ); 
     
    8888        load_plugin_textdomain( 'wp-support-plus-responsive-ticket-system', false, plugin_basename( dirname( __FILE__ ) ) . '/lang' ); 
    8989    } 
    90      
     90 
    9191    function close_pending_tickets(){ 
    9292        include( WCE_PLUGIN_DIR.'includes/admin/close_pending_tickets.php' ); 
    9393    } 
    94      
     94 
    9595    private function define_constants() { 
    9696        define( 'WPSP_STORE_URL', "https://www.wpsupportplus.com/" ); 
    9797                define( 'WCE_PLUGIN_URL', plugin_dir_url( __FILE__ ) ); 
    9898        define( 'WCE_PLUGIN_DIR', plugin_dir_path( __FILE__ ) ); 
    99         define( 'WPSP_VERSION', '8.0.7' ); 
     99        define( 'WPSP_VERSION', '8.0.8' ); 
    100100    } 
    101          
     101 
    102102        function create_open_ticket_page(){ 
    103103            if( get_option( 'wpsp_ticket_open_page_shortcode' ) === false ){ 
     
    114114 
    115115        private function include_files(){ 
    116          
     116 
    117117            include( WCE_PLUGIN_DIR.'includes/admin/validations/ticket_link_encrypt.php' ); 
    118118            if (is_admin()) { 
     
    124124            } 
    125125    } 
    126      
     126 
    127127    function installation(){ 
    128128            include( WCE_PLUGIN_DIR.'includes/admin/installation.php' ); 
    129129    } 
    130          
     130 
    131131        function deactivate(){ 
    132132            include( WCE_PLUGIN_DIR.'includes/admin/uninstall.php' ); 
    133133        } 
    134          
     134 
    135135        function admin_bar() { 
    136136            global $current_user; 
     
    146146                ); 
    147147            } 
    148     }    
     148    } 
    149149} 
    150150 
Note: See TracChangeset for help on using the changeset viewer.