All-in-One WP Migration - Version 7.2

Version Description

Fixed

  • Use a nonce when checking for updates
Download this release

Release Info

Developer bangelov
Plugin Icon 128x128 All-in-One WP Migration
Version 7.2
Comparing to
See all releases

Code changes from version 7.1 to 7.2

all-in-one-wp-migration.php CHANGED
@@ -5,7 +5,7 @@
5
* Description: Migration tool for all your blog data. Import or Export your blog content with a single click.
6
* Author: ServMask
7
* Author URI: https://servmask.com/
8
- * Version: 7.1
9
* Text Domain: all-in-one-wp-migration
10
* Domain Path: /languages
11
* Network: True
5
* Description: Migration tool for all your blog data. Import or Export your blog content with a single click.
6
* Author: ServMask
7
* Author URI: https://servmask.com/
8
+ * Version: 7.2
9
* Text Domain: all-in-one-wp-migration
10
* Domain Path: /languages
11
* Network: True
constants.php CHANGED
@@ -35,7 +35,7 @@ define( 'AI1WM_DEBUG', false );
35
// ==================
36
// = Plugin Version =
37
// ==================
38
- define( 'AI1WM_VERSION', '7.1' );
39
40
// ===============
41
// = Plugin Name =
35
// ==================
36
// = Plugin Version =
37
// ==================
38
+ define( 'AI1WM_VERSION', '7.2' );
39
40
// ===============
41
// = Plugin Name =
lib/controller/class-ai1wm-main-controller.php CHANGED
@@ -970,7 +970,7 @@ class Ai1wm_Main_Controller {
970
971
wp_localize_script( 'ai1wm_updater', 'ai1wm_updater', array(
972
'ajax' => array(
973
- 'url' => wp_make_link_relative( admin_url( 'admin-ajax.php?action=ai1wm_updater' ) ),
974
),
975
) );
976
@@ -1012,9 +1012,11 @@ class Ai1wm_Main_Controller {
1012
}
1013
1014
// Check for updates
1015
- if ( isset( $_GET['ai1wm_updater'] ) ) {
1016
- if ( current_user_can( 'update_plugins' ) ) {
1017
- Ai1wm_Updater::check_for_updates();
1018
}
1019
}
1020
}
970
971
wp_localize_script( 'ai1wm_updater', 'ai1wm_updater', array(
972
'ajax' => array(
973
+ 'url' => wp_make_link_relative( add_query_arg( array( 'ai1wm_nonce' => wp_create_nonce( 'ai1wm_updater' ) ), admin_url( 'admin-ajax.php?action=ai1wm_updater' ) ) ),
974
),
975
) );
976
1012
}
1013
1014
// Check for updates
1015
+ if ( isset( $_GET['ai1wm_check_for_updates'] ) ) {
1016
+ if ( check_admin_referer( 'ai1wm_check_for_updates', 'ai1wm_nonce' ) ) {
1017
+ if ( current_user_can( 'update_plugins' ) ) {
1018
+ Ai1wm_Updater::check_for_updates();
1019
+ }
1020
}
1021
}
1022
}
lib/controller/class-ai1wm-updater-controller.php CHANGED
@@ -57,30 +57,32 @@ class Ai1wm_Updater_Controller {
57
}
58
59
public static function updater( $params = array() ) {
60
- ai1wm_setup_environment();
61
62
- // Set params
63
- if ( empty( $params ) ) {
64
- $params = stripslashes_deep( $_POST );
65
- }
66
67
- // Set uuid
68
- $uuid = null;
69
- if ( isset( $params['ai1wm_uuid'] ) ) {
70
- $uuid = trim( $params['ai1wm_uuid'] );
71
- }
72
73
- // Set extension
74
- $extension = null;
75
- if ( isset( $params['ai1wm_extension'] ) ) {
76
- $extension = trim( $params['ai1wm_extension'] );
77
- }
78
79
- $extensions = Ai1wm_Extensions::get();
80
81
- // Verify whether extension exists
82
- if ( isset( $extensions[ $extension ] ) ) {
83
- update_option( $extensions[ $extension ]['key'], $uuid );
84
}
85
}
86
}
57
}
58
59
public static function updater( $params = array() ) {
60
+ if ( check_ajax_referer( 'ai1wm_updater', 'ai1wm_nonce' ) ) {
61
+ ai1wm_setup_environment();
62
63
+ // Set params
64
+ if ( empty( $params ) ) {
65
+ $params = stripslashes_deep( $_POST );
66
+ }
67
68
+ // Set uuid
69
+ $uuid = null;
70
+ if ( isset( $params['ai1wm_uuid'] ) ) {
71
+ $uuid = trim( $params['ai1wm_uuid'] );
72
+ }
73
74
+ // Set extension
75
+ $extension = null;
76
+ if ( isset( $params['ai1wm_extension'] ) ) {
77
+ $extension = trim( $params['ai1wm_extension'] );
78
+ }
79
80
+ $extensions = Ai1wm_Extensions::get();
81
82
+ // Verify whether extension exists
83
+ if ( isset( $extensions[ $extension ] ) ) {
84
+ update_option( $extensions[ $extension ]['key'], $uuid );
85
+ }
86
}
87
}
88
}
lib/model/class-ai1wm-compatibility.php CHANGED
@@ -39,7 +39,7 @@ class Ai1wm_Compatibility {
39
}
40
41
// Get updater URL
42
- $updater_url = add_query_arg( array( 'ai1wm_updater' => 1 ), network_admin_url( 'plugins.php' ) );
43
44
// If no extension is used, update everything that is available
45
if ( empty( $extensions ) ) {
39
}
40
41
// Get updater URL
42
+ $updater_url = add_query_arg( array( 'ai1wm_check_for_updates' => 1, 'ai1wm_nonce' => wp_create_nonce( 'ai1wm_check_for_updates' ) ), network_admin_url( 'plugins.php' ) );
43
44
// If no extension is used, update everything that is available
45
if ( empty( $extensions ) ) {
lib/model/class-ai1wm-updater.php CHANGED
@@ -171,7 +171,7 @@ class Ai1wm_Updater {
171
if ( $file === $extension['basename'] ) {
172
173
// Get updater URL
174
- $updater_url = add_query_arg( array( 'ai1wm_updater' => 1 ), network_admin_url( 'plugins.php' ) );
175
176
// Check Purchase ID
177
if ( get_option( $extension['key'] ) ) {
171
if ( $file === $extension['basename'] ) {
172
173
// Get updater URL
174
+ $updater_url = add_query_arg( array( 'ai1wm_check_for_updates' => 1, 'ai1wm_nonce' => wp_create_nonce( 'ai1wm_check_for_updates' ) ), network_admin_url( 'plugins.php' ) );
175
176
// Check Purchase ID
177
if ( get_option( $extension['key'] ) ) {
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: move, transfer, copy, migrate, backup, clone, restore, db migration, wordp
4
Requires at least: 3.3
5
Tested up to: 5.2
6
Requires PHP: 5.2.17
7
- Stable tag: 7.1
8
License: GPLv2 or later
9
10
Move, transfer, copy, migrate, and backup a site with 1-click. Quick, easy, and reliable.
@@ -108,6 +108,11 @@ Alternatively you can download the plugin using the download button on this page
108
All-in-One WP Migration **asks for your consent** to collect **requester's email address** when filling plugin's contact form. [GDPR Compliant Privacy Policy](https://www.iubenda.com/privacy-policy/946881)
109
110
== Changelog ==
111
= 7.1 =
112
**Fixed**
113
4
Requires at least: 3.3
5
Tested up to: 5.2
6
Requires PHP: 5.2.17
7
+ Stable tag: 7.2
8
License: GPLv2 or later
9
10
Move, transfer, copy, migrate, and backup a site with 1-click. Quick, easy, and reliable.
108
All-in-One WP Migration **asks for your consent** to collect **requester's email address** when filling plugin's contact form. [GDPR Compliant Privacy Policy](https://www.iubenda.com/privacy-policy/946881)
109
110
== Changelog ==
111
+ = 7.2 =
112
+ **Fixed**
113
+
114
+ * Use a nonce when checking for updates
115
+
116
= 7.1 =
117
**Fixed**
118