Plugin Directory


Ignore:
Timestamp:
02/10/2024 05:39:12 AM (15 months ago)
Author:
metagauss
Message:

Release 3.4.3

Location:
eventprime-event-calendar-management/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • eventprime-event-calendar-management/trunk/event-prime.php

    r3029483 r3033882  
    44 * Plugin URI: https://theeventprime.com
    55 * Description: Beginner-friendly Events Calendar plugin to create free as well as paid Events. Includes Event Types, Event Sites & Performers too.
    6  * Version: 3.4.2
     6 * Version: 3.4.3
    77 * Author: Metagauss
    88 * Author URI: https://profiles.wordpress.org/metagauss/
  • eventprime-event-calendar-management/trunk/includes/class-eventprime.php

    r3029483 r3033882  
    1717     * @var Version
    1818     */
    19     public $version = '3.4.2';
     19    public $version = '3.4.3';
    2020    /**
    2121     * Factory
  • eventprime-event-calendar-management/trunk/includes/events/assets/css/em-admin-metabox-custom.css

    r3023310 r3033882  
    381381.emagic .ep-accordion-wrap .ui-accordion-header-active.ep-accordion-header-item{
    382382    color: rgba(var(--ep-primary-rgb), 1);
    383     background-color: rgba(var(--ep-primary-rgb), 0.1);
     383    background-color: rgba(var(--ep-primary-rgb), 0.1) !important;
    384384    top: 0px;
    385385    font-size: 1rem;
     
    409409
    410410.emagic .ep-accordion-wrap .ep-accordion-header-item {
    411     border: 0px;
     411    border: 0px !important;
    412412    padding: 1rem 1.5rem;
    413413    margin: 0px;
    414414    background-color: #fff;
    415     border-bottom: 1px solid var(--ep-border-color);
     415    border-bottom: 1px solid var(--ep-border-color) !important;
    416416    top:0px;
    417417    font-size: 1rem;
  • eventprime-event-calendar-management/trunk/includes/service/class-ep-ajax.php

    r3029483 r3033882  
    578578            }
    579579           
     580            if(empty($guest_submission)){
     581                $hasUserRestriction = 0;
     582                $frontend_submission_roles = (array) ep_get_global_settings( 'frontend_submission_roles' );
     583                //epd($frontend_submission_roles);
     584                if( ! empty( $frontend_submission_roles ) ) {
     585                    $user = wp_get_current_user();
     586                    foreach ( $user->roles as $key => $value ) {
     587                        if( in_array( $value, $frontend_submission_roles ) ) {
     588                            $hasUserRestriction = 1;
     589                            break;
     590                        }
     591                    }
     592                }else{
     593                    $hasUserRestriction = 0;
     594                }
     595                if(empty($hasUserRestriction)){
     596                       wp_send_json_error( array( 'error' => ep_get_global_settings('ues_restricted_submission_message') ) );
     597                }
     598            }
     599           
     600           
     601           
    580602            $post_status = ep_get_global_settings( 'ues_default_status' );
    581603            if( empty( $post_status ) ) {
     
    587609            if( isset( $data['event_id'] ) && ! empty( $data['event_id'] ) ) {
    588610                $post_id = $data['event_id'];
     611                if(empty(get_post($post_id)) || get_post_type($post_id) != 'em_event' ){
     612                    wp_send_json_error( array( 'error' => esc_html__( 'There is some issue with event. Please try later.', 'eventprime-event-calendar-management' ) ) );
     613                }
     614                if(!empty($guest_submission) && get_post_meta($post_id, 'em_user_submitted', true) != get_current_user_id()){
     615                       wp_send_json_error( array( 'error' => esc_html__( 'Event does not belong to you.', 'eventprime-event-calendar-management' ) ) );
     616               
     617                }
    589618                $post_update = array(
    590619                    'ID'         => $post_id,
     
    16571686   
    16581687    public function get_attendees_email_by_event_id(){
    1659         //wp_verify_nonce( 'ep_save_event_booking', 'ep_save_event_booking_nonce' );
     1688        if(!isset($_POST['_wpnonce']) || !wp_verify_nonce( $_POST['_wpnonce'], 'ep_email_attendies' )){
     1689            wp_send_json_error( array( 'success'=> false, 'errors' => esc_html__( 'Security check failed.', 'eventprime-event-calendar-management' ) ) );
     1690        }
     1691        if(empty(get_current_user_id()) || !current_user_can( 'manage_options' ) || !current_user_can( 'edit_posts' )){
     1692            wp_send_json_error( array( 'success'=> false, 'errors' => esc_html__( 'You do not have permission.', 'eventprime-event-calendar-management' ) ) );
     1693        }
    16601694        $data = $_POST;
    16611695        $emails = array();
     
    16901724   
    16911725    public function send_attendees_email(){
     1726        if(empty(get_current_user_id()) || !current_user_can( 'manage_options' ) || !current_user_can( 'edit_posts' )){
     1727            wp_send_json_error( array( 'success'=> false, 'message' => esc_html__( 'You do not have permission.', 'eventprime-event-calendar-management' ) ) );
     1728        }
    16921729        $data = $_POST;
    16931730        $email_address = isset($data['email_address']) && !empty($data['email_address']) ? explode(',', $data['email_address']) : array();
     
    19952032        $data = $_POST;
    19962033        if(!empty($data)){
    1997             $booking_controller  = EventM_Factory_Service::ep_get_instance( 'EventM_Booking_Controller_List' );
    1998             echo $booking_controller->export_bookings_all($data);
     2034            if(is_user_logged_in() && (current_user_can('edit_em_event') || current_user_can('edit_posts'))){
     2035                $booking_controller  = EventM_Factory_Service::ep_get_instance( 'EventM_Booking_Controller_List' );
     2036                echo $booking_controller->export_bookings_all($data);
     2037            }
    19992038        }
    20002039        die;
     
    20182057        if( isset( $_POST['event_id'] ) && ! empty( $_POST['event_id'] ) ) {
    20192058            $event_id = abs( sanitize_text_field( $_POST['event_id'] ) );
    2020             wp_delete_post( $event_id );
    2021             $response = array( 'post_id' => $event_id, 'status' => true );
     2059            if(!empty($event_id)){
     2060                if(!empty(get_post($event_id)) && get_post_type($event_id) == 'em_event' && (current_user_can('edit_em_event') || current_user_can('edit_posts'))){
     2061                    wp_delete_post( $event_id );
     2062                    $response = array( 'post_id' => $event_id, 'status' => true );   
     2063                }else{
     2064                    $response = array( 'post_id' =>'', 'status' => false, 'message' => esc_html( 'Something went wrong.', 'eventprime-event-calendar-management' ) );
     2065         
     2066                }
     2067            }
     2068           
    20222069        } else{
    20232070            $response = array( 'post_id' =>'', 'status' => false, 'message' => esc_html( 'Something went wrong.', 'eventprime-event-calendar-management' ) );
  • eventprime-event-calendar-management/trunk/readme.txt

    r3029483 r3033882  
    66Tested up to: 6.4
    77Requires PHP: 5.6
    8 Stable tag: 3.4.2
     8Stable tag: 3.4.3
    99License: GPLv2 or later
    1010
     
    668668== Changelog ==
    669669
     670= 3.4.3: February 09, 2024 =
     671* Added: Security Update.
     672
    670673= 3.4.2: January 31, 2024 =
    671674* Fixed: Checkout Issues.
     
    18951898== Upgrade Notice ==
    18961899
     1900= 3.4.3: February 09, 2024 =
     1901* Added: Security Update.
     1902
    18971903= 3.4.2: January 31, 2024 =
    18981904* Fixed: Checkout Issues.
Note: See TracChangeset for help on using the changeset viewer.