Version Description
- Fixed bug with default post settings
- Filtering roles and capabilities form malicious code
Download this release
Release Info
| Developer | vasyl_m |
| Plugin |  Advanced Access Manager |
| Version | 3.1.3 |
| Comparing to | |
| See all releases | |
Code changes from version 3.1.2 to 3.1.3
- Application/Backend/Capability.php +1 -1
- Application/Backend/Post.php +1 -1
- Application/Backend/Role.php +1 -1
- aam.php +1 -1
- readme.txt +5 -1
Application/Backend/Capability.php
CHANGED
|
@@ -176,7 +176,7 @@ class AAM_Backend_Capability {
|
|
| 176 |
* @access public
|
| 177 |
*/
|
| 178 |
public function add() {
|
| 179 |
-
$capability =
|
| 180 |
|
| 181 |
if ($capability) {
|
| 182 |
//add the capability to administrator's role as default behavior
|
| 176 |
* @access public
|
| 177 |
*/
|
| 178 |
public function add() {
|
| 179 |
+
$capability = sanitize_text_field(AAM_Core_Request::post('capability'));
|
| 180 |
|
| 181 |
if ($capability) {
|
| 182 |
//add the capability to administrator's role as default behavior
|
Application/Backend/Post.php
CHANGED
|
@@ -263,7 +263,7 @@ class AAM_Backend_Post {
|
|
| 263 |
public function save() {
|
| 264 |
if ($this->checkLimit()) {
|
| 265 |
$object = trim(AAM_Core_Request::post('object'));
|
| 266 |
-
$objectId =
|
| 267 |
|
| 268 |
$param = AAM_Core_Request::post('param');
|
| 269 |
$value = filter_var(
|
| 263 |
public function save() {
|
| 264 |
if ($this->checkLimit()) {
|
| 265 |
$object = trim(AAM_Core_Request::post('object'));
|
| 266 |
+
$objectId = AAM_Core_Request::post('objectId', null);
|
| 267 |
|
| 268 |
$param = AAM_Core_Request::post('param');
|
| 269 |
$value = filter_var(
|
Application/Backend/Role.php
CHANGED
|
@@ -90,7 +90,7 @@ class AAM_Backend_Role {
|
|
| 90 |
* @access public
|
| 91 |
*/
|
| 92 |
public function add() {
|
| 93 |
-
$name =
|
| 94 |
$roles = new WP_Roles;
|
| 95 |
$role_id = strtolower($name);
|
| 96 |
//if inherited role is set get capabilities from it
|
| 90 |
* @access public
|
| 91 |
*/
|
| 92 |
public function add() {
|
| 93 |
+
$name = sanitize_text_field(AAM_Core_Request::post('name'));
|
| 94 |
$roles = new WP_Roles;
|
| 95 |
$role_id = strtolower($name);
|
| 96 |
//if inherited role is set get capabilities from it
|
aam.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
/**
|
| 4 |
Plugin Name: Advanced Access Manager
|
| 5 |
Description: Manage User and Role Access to WordPress Backend and Frontend.
|
| 6 |
-
Version: 3.1.
|
| 7 |
Author: Vasyl Martyniuk <vasyl@vasyltech.com>
|
| 8 |
Author URI: http://www.vasyltech.com
|
| 9 |
|
| 3 |
/**
|
| 4 |
Plugin Name: Advanced Access Manager
|
| 5 |
Description: Manage User and Role Access to WordPress Backend and Frontend.
|
| 6 |
+
Version: 3.1.3
|
| 7 |
Author: Vasyl Martyniuk <vasyl@vasyltech.com>
|
| 8 |
Author URI: http://www.vasyltech.com
|
| 9 |
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: vasyltech
|
|
| 3 |
Tags: access, access manager, role, user, capability, admin, page, post, widget
|
| 4 |
Requires at least: 3.8
|
| 5 |
Tested up to: 4.4
|
| 6 |
-
Stable tag: 3.1.
|
| 7 |
|
| 8 |
One of the best tools in WordPress repository to manage access to your posts,
|
| 9 |
pages, categories and backend area for users, roles and visitors.
|
|
@@ -45,6 +45,10 @@ out more about the Advanced Access Manager.
|
|
| 45 |
|
| 46 |
== Changelog ==
|
| 47 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48 |
= 3.1.2 =
|
| 49 |
* Quick fix
|
| 50 |
|
| 3 |
Tags: access, access manager, role, user, capability, admin, page, post, widget
|
| 4 |
Requires at least: 3.8
|
| 5 |
Tested up to: 4.4
|
| 6 |
+
Stable tag: 3.1.3
|
| 7 |
|
| 8 |
One of the best tools in WordPress repository to manage access to your posts,
|
| 9 |
pages, categories and backend area for users, roles and visitors.
|
| 45 |
|
| 46 |
== Changelog ==
|
| 47 |
|
| 48 |
+
= 3.1.3 =
|
| 49 |
+
* Fixed bug with default post settings
|
| 50 |
+
* Filtering roles and capabilities form malicious code
|
| 51 |
+
|
| 52 |
= 3.1.2 =
|
| 53 |
* Quick fix
|
| 54 |
|
