Plugin Directory

Changeset 448261 for wordpress-users


Ignore:
Timestamp:
10/07/2011 03:55:28 AM (14 years ago)
Author:
jonkemp
Message:

Fixed security issue with potential SQL Injection flaw. Additional bug fixes.

Location:
wordpress-users/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • wordpress-users/trunk/readme.txt

    r297501 r448261  
    33Tags: user, members, users, directory, profiles, profile
    44Requires at least: 2.5.1
    5 Tested up to: 3.0.1
    6 Stable tag: 1.3
     5Tested up to: 3.2.1
     6Stable tag: 1.4
    77
    88Display your WordPress users and their profiles in an index on your site.
     
    2828**Changelog**
    2929
     30* 1.4: Fixed security issue with potential SQL Injection flaw. Additional bug fixes.
    3031* 1.3: Updated pagination. Moved page content from the bottom to the top of the page.
    3132* 1.2: Bug fix for WordPress 3.0 compatibility.
  • wordpress-users/trunk/wp-users.php

    r297501 r448261  
    44Plugin URI: http://kempwire.com/wordpress-users-plugin
    55Description: Display your WordPress users and user profiles.
    6 Version: 1.3
     6Version: 1.4
    77Author: Jonathan Kemp
    88Author URI: http://kempwire.com/
    99
    10 Copyright 2009-2010  Jonathan Kemp  (email : jonkemp@comcast.net)
     10Copyright 2009-2011  Jonathan Kemp  (email : kempdogg@gmail.com)
    1111
    1212This program is free software: you can redistribute it and/or modify
     
    250250
    251251function get_user_listing($curauth) { 
     252    global $post;
    252253    $concat = wpu_concat_single();
    253254   
    254     $html .= "<div class=\"wpu-user\">\n";
     255    $html = "<div class=\"wpu-user\">\n";
    255256    if (get_option('wpu_image_list')) {
    256257        if(get_option('wpu_avatars') == "gravatars") {
     
    282283
    283284function display_user() { 
    284     if(isset($_GET['uid'])) {
     285    global $post;
     286   
     287    if (isset($_GET['uid'])) {
    285288        $uid = $_GET['uid'];
    286289        $curauth = get_userdata($uid);
    287290    }
    288291   
    289     $recent_posts = get_recent_posts($uid);
    290     $recent_comments = wpu_recent_comments($uid);
    291     $created = date("F jS, Y", strtotime($curauth->user_registered));
    292    
    293     $html .= "<p><a href=" . get_permalink($post->ID) . ">&laquo; Back to " . get_the_title($post->ID) . " page</a></p>\n";
    294    
    295     $html .= "<h2>$curauth->display_name</h2>\n";
    296    
    297     if (get_option('wpu_image_profile')) {
    298         if(get_option('wpu_avatars') == "gravatars") {
    299             $html .= "<p><a href=\"http://en.gravatar.com/\" title=\"Get your own avatar.\">" . get_avatar($curauth->user_email, '96', $gravatar) . "</a></p>\n";
    300         } elseif (get_option('wpu_avatars') == "userphoto") {
    301             if(function_exists('userphoto_the_author_photo'))
     292    if ( $curauth ) {
     293        $recent_posts = get_posts( array( 'numberposts' => 10, 'author' => $curauth->ID ) );
     294        $recent_comments = wpu_recent_comments($uid);
     295        $created = date("F jS, Y", strtotime($curauth->user_registered));
     296       
     297        $html = "<p><a href=" . get_permalink($post->ID) . ">&laquo; Back to " . get_the_title($post->ID) . " page</a></p>\n";
     298       
     299        $html .= "<h2>$curauth->display_name</h2>\n";
     300       
     301        if (get_option('wpu_image_profile')) {
     302            if(get_option('wpu_avatars') == "gravatars") {
     303                $html .= "<p><a href=\"http://en.gravatar.com/\" title=\"Get your own avatar.\">" . get_avatar($curauth->user_email, '96', $gravatar) . "</a></p>\n";
     304            } elseif (get_option('wpu_avatars') == "userphoto") {
     305                if(function_exists('userphoto_the_author_photo'))
     306                {
     307                    $html .= "<p>" . userphoto__get_userphoto($curauth->ID, USERPHOTO_FULL_SIZE, "", "", array(), "") . "</p>\n";
     308                }
     309            }
     310        }
     311   
     312        if ($curauth->user_url && $curauth->user_url != "http://") {
     313            $html .= "<p><strong>Website:</strong> <a href=\"$curauth->user_url\" rel=\"nofollow\">$curauth->user_url</a></p>\n";
     314        }
     315       
     316        $html .= "<p><strong>Joined on:</strong>  " . $created . "</p>";
     317       
     318        if (get_option('wpu_description_profile')) {
     319            if ($curauth->description) {
     320                $html .= "<p><strong>Profile:</strong></p>\n";
     321                $html .= "<p>$curauth->description</p>\n";
     322            }
     323        }
     324       
     325        if ($recent_posts) {
     326            $html .= "<h3>Recent Posts by $curauth->display_name</h3>\n";
     327            $html .= "<ul>\n";
     328            foreach( $recent_posts as $post )
    302329            {
    303                 $html .= "<p>" . userphoto__get_userphoto($curauth->ID, USERPHOTO_FULL_SIZE, "", "", array(), "") . "</p>\n";
    304             }
    305         }
    306     }
    307 
    308     if ($curauth->user_url && $curauth->user_url != "http://") {
    309         $html .= "<p><strong>Website:</strong> <a href=\"$curauth->user_url\" rel=\"nofollow\">$curauth->user_url</a></p>\n";
    310     }
    311    
    312     $html .= "<p><strong>Joined on:</strong>  " . $created . "</p>";
    313    
    314     if (get_option('wpu_description_profile')) {
    315         if ($curauth->description) {
    316             $html .= "<p><strong>Profile:</strong></p>\n";
    317             $html .= "<p>$curauth->description</p>\n";
    318         }
    319     }
    320    
    321     if ($recent_posts) {
    322         $html .= "<h3>Recent Posts by $curauth->display_name</h3>\n";
    323         $html .= "<ul>\n";
    324         foreach($recent_posts as $key=>$post)
    325         {
    326             $html .= "<li><a href=" . get_permalink($post->ID) . ">" . $post->post_title . "</a></li>";
    327         }
    328         $html .= "</ul>\n";
    329     }
    330    
    331     if ($recent_comments) {
    332         $html .= "<h3>Recent Comments by $curauth->display_name</h3>\n";
    333         $html .= "<ul>\n";
    334         foreach($recent_comments as $key=>$comment)
    335         {
    336             $html .= "<li>\"" . $comment->comment_content . "\" on <a href=" . get_permalink($comment->comment_post_ID) . "#comment-" . $comment->comment_ID . ">" . get_the_title($comment->comment_post_ID) . "</a></li>";
    337         }
    338         $html .= "</ul>\n";
    339     }
    340    
    341     echo "<div id=\"wpu-profile\">
    342     ";
    343     echo $html;
    344     echo "</div>
    345     ";
    346 }
    347 
    348 function get_recent_posts($uid)
    349 {
    350     global $wpdb;
    351    
    352     $posts = $wpdb->get_results("SELECT post_title, ID
    353     FROM $wpdb->posts
    354     WHERE post_author = $uid AND post_type = 'post' AND post_status = 'publish'
    355     ORDER BY post_date DESC
    356     LIMIT 10
    357     ");
    358    
    359     return $posts;
     330                setup_postdata($post);
     331               
     332                $html .= "<li><a href=" . get_permalink($post->ID) . ">" . $post->post_title . "</a></li>";
     333            }
     334            $html .= "</ul>\n";
     335        }
     336       
     337        wp_reset_query();
     338       
     339        if ($recent_comments) {
     340            $html .= "<h3>Recent Comments by $curauth->display_name</h3>\n";
     341            $html .= "<ul>\n";
     342            foreach($recent_comments as $key=>$comment)
     343            {
     344                $html .= "<li>\"" . $comment->comment_content . "\" on <a href=" . get_permalink($comment->comment_post_ID) . "#comment-" . $comment->comment_ID . ">" . get_the_title($comment->comment_post_ID) . "</a></li>";
     345            }
     346            $html .= "</ul>\n";
     347        }
     348       
     349        echo "<div id=\"wpu-profile\">
     350        ";
     351        echo $html;
     352        echo "</div>
     353        ";
     354    }
    360355}
    361356
     
    364359    global $wpdb;
    365360   
    366     $comments = $wpdb->get_results("SELECT comment_ID, comment_post_ID, SUBSTRING(comment_content, 1, 150) AS comment_content
     361    $comments = $wpdb->get_results( $wpdb->prepare("SELECT comment_ID, comment_post_ID, SUBSTRING(comment_content, 1, 150) AS comment_content
    367362    FROM $wpdb->comments
    368     WHERE user_id = $uid
     363    WHERE user_id = %s
    369364    ORDER BY comment_ID DESC
    370365    LIMIT 10
    371     ");
     366    ", $uid ) );
    372367
    373368    return $comments;
     
    391386
    392387function wpu_admin_menu() { 
    393     add_options_page('WordPress Users Options', 'WordPress Users', 8, __FILE__, 'wpu_admin');
     388    add_options_page('WordPress Users Options', 'WordPress Users', 'manage_options', __FILE__, 'wpu_admin');
    394389}
    395390
Note: See TracChangeset for help on using the changeset viewer.