Version Description
- Changes in all versions:
- Fix. Fix security issue in Booking Calendar Free version. More accurate sanitising and escaping parameters. (8.9.2.1)
Download this release
Release Info
Developer | wpdevelop |
Plugin | Booking Calendar |
Version | 8.9.2 |
Comparing to | |
See all releases |
Code changes from version 8.9.1 to 8.9.2
- core/admin/wpbc-sql.php +61 -14
- core/timeline/v2/wpbc-class-timeline_v2.php +9 -5
- readme.txt +5 -1
- wpdev-booking.php +2 -2
core/admin/wpbc-sql.php
CHANGED
@@ -129,11 +129,17 @@ function wpbc_check_request_paramters() {
|
|
129 |
$clean_params = array();
|
130 |
|
131 |
$clean_params['wh_booking_id'] = 'digit_or_csd';
|
132 |
-
if ( ( ! empty( $_REQUEST['wh_booking_type'] ) ) && ( 'lost' == $_REQUEST['wh_booking_type'] ) ) {
|
133 |
$clean_params['wh_booking_type'] = 'checked_skip_it';
|
134 |
} else {
|
135 |
$clean_params['wh_booking_type'] = 'digit_or_csd';
|
136 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
137 |
$clean_params['wh_approved'] = 'digit_or_csd'; // '0' | '1' | ''
|
138 |
|
139 |
$clean_params['wh_booking_date'] = 'digit_or_date'; // number | date 2016-07-20
|
@@ -166,7 +172,15 @@ function wpbc_check_request_paramters() {
|
|
166 |
$clean_params['page_num'] = 'd'; // '' | '1' ... // does not exist in 6.2.1.4
|
167 |
$clean_params['page_items_count'] = 'd'; // '' | '1' ... // does not exist in 6.2.1.4
|
168 |
$clean_params['view_days_num'] = 'd'; // '' | '1' ... // does not exist in 6.2.1.4
|
169 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
170 |
foreach ( $clean_params as $request_key => $clean_type ) {
|
171 |
|
172 |
// elements only listed in array::
|
@@ -185,34 +199,67 @@ function wpbc_check_request_paramters() {
|
|
185 |
break;
|
186 |
|
187 |
case 'digit_or_date': // digit or comma separated digit
|
188 |
-
|
189 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
190 |
|
191 |
break;
|
192 |
|
193 |
case 'digit_or_csd': // digit or comma separated digit
|
194 |
-
|
195 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
196 |
|
197 |
break;
|
198 |
|
199 |
case 's': // string
|
200 |
-
|
201 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
202 |
|
203 |
break;
|
204 |
|
205 |
case 'd': // digit
|
206 |
-
|
207 |
-
|
208 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
209 |
|
210 |
break;
|
211 |
|
212 |
default:
|
213 |
-
|
214 |
-
|
215 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
216 |
break;
|
217 |
}
|
218 |
|
129 |
$clean_params = array();
|
130 |
|
131 |
$clean_params['wh_booking_id'] = 'digit_or_csd';
|
132 |
+
if ( ( ! empty( $_REQUEST['wh_booking_type'] ) ) && ( 'lost' == $_REQUEST['wh_booking_type'] ) ) { //FixIn: 8.5.2.19
|
133 |
$clean_params['wh_booking_type'] = 'checked_skip_it';
|
134 |
} else {
|
135 |
$clean_params['wh_booking_type'] = 'digit_or_csd';
|
136 |
}
|
137 |
+
if ( ( ! empty( $_REQUEST['booking_type'] ) ) && ( 'lost' == $_REQUEST['booking_type'] ) ) { //FixIn: 8.9.2.1
|
138 |
+
$clean_params['booking_type'] = 'checked_skip_it';
|
139 |
+
} else {
|
140 |
+
$clean_params['booking_type'] = 'digit_or_csd';
|
141 |
+
}
|
142 |
+
|
143 |
$clean_params['wh_approved'] = 'digit_or_csd'; // '0' | '1' | ''
|
144 |
|
145 |
$clean_params['wh_booking_date'] = 'digit_or_date'; // number | date 2016-07-20
|
172 |
$clean_params['page_num'] = 'd'; // '' | '1' ... // does not exist in 6.2.1.4
|
173 |
$clean_params['page_items_count'] = 'd'; // '' | '1' ... // does not exist in 6.2.1.4
|
174 |
$clean_params['view_days_num'] = 'd'; // '' | '1' ... // does not exist in 6.2.1.4
|
175 |
+
|
176 |
+
//FixIn: 8.9.2.1
|
177 |
+
$clean_params['scroll_start_date'] = 'digit_or_date';
|
178 |
+
$clean_params['scroll_day'] = 'd';
|
179 |
+
$clean_params['scroll_month'] = 'd';
|
180 |
+
$clean_params['limit_hours'] = 'digit_or_csd';
|
181 |
+
$clean_params['only_booked_resources'] = 'd';
|
182 |
+
|
183 |
+
|
184 |
foreach ( $clean_params as $request_key => $clean_type ) {
|
185 |
|
186 |
// elements only listed in array::
|
199 |
break;
|
200 |
|
201 |
case 'digit_or_date': // digit or comma separated digit
|
202 |
+
if ( isset( $_REQUEST[ $request_key ] ) ) {
|
203 |
+
$_REQUEST[ $request_key ] = wpbc_clean_digit_or_date( $_REQUEST[ $request_key ] );
|
204 |
+
}
|
205 |
+
if ( isset( $_GET[ $request_key ] ) ) {
|
206 |
+
$_GET[ $request_key ] = wpbc_clean_digit_or_date( $_GET[ $request_key ] );
|
207 |
+
}
|
208 |
+
if ( isset( $_POST[ $request_key ] ) ) {
|
209 |
+
$_POST[ $request_key ] = wpbc_clean_digit_or_date( $_POST[ $request_key ] );
|
210 |
+
}
|
211 |
|
212 |
break;
|
213 |
|
214 |
case 'digit_or_csd': // digit or comma separated digit
|
215 |
+
if ( isset( $_REQUEST[ $request_key ] ) ) {
|
216 |
+
$_REQUEST[ $request_key ] = wpbc_clean_digit_or_csd( $_REQUEST[ $request_key ] );
|
217 |
+
}
|
218 |
+
if ( isset( $_GET[ $request_key ] ) ) {
|
219 |
+
$_GET[ $request_key ] = wpbc_clean_digit_or_csd( $_GET[ $request_key ] );
|
220 |
+
}
|
221 |
+
if ( isset( $_POST[ $request_key ] ) ) {
|
222 |
+
$_POST[ $request_key ] = wpbc_clean_digit_or_csd( $_POST[ $request_key ] );
|
223 |
+
}
|
224 |
|
225 |
break;
|
226 |
|
227 |
case 's': // string
|
228 |
+
if ( isset( $_REQUEST[ $request_key ] ) ) {
|
229 |
+
$_REQUEST[ $request_key ] = wpbc_clean_like_string_for_db( $_REQUEST[ $request_key ] );
|
230 |
+
}
|
231 |
+
if ( isset( $_GET[ $request_key ] ) ) {
|
232 |
+
$_GET[ $request_key ] = wpbc_clean_like_string_for_db( $_GET[ $request_key ] );
|
233 |
+
}
|
234 |
+
if ( isset( $_POST[ $request_key ] ) ) {
|
235 |
+
$_POST[ $request_key ] = wpbc_clean_like_string_for_db( $_POST[ $request_key ] );
|
236 |
+
}
|
237 |
|
238 |
break;
|
239 |
|
240 |
case 'd': // digit
|
241 |
+
if ( ( isset( $_REQUEST[ $request_key ] ) ) && ( $_REQUEST[ $request_key ] !== '' ) ) {
|
242 |
+
$_REQUEST[ $request_key ] = intval( $_REQUEST[ $request_key ] );
|
243 |
+
}
|
244 |
+
if ( ( isset( $_GET[ $request_key ] ) ) && ( $_GET[ $request_key ] !== '' ) ) {
|
245 |
+
$_GET[ $request_key ] = intval( $_GET[ $request_key ] );
|
246 |
+
}
|
247 |
+
if ( ( isset( $_POST[ $request_key ] ) ) && ( $_POST[ $request_key ] !== '' ) ) {
|
248 |
+
$_POST[ $request_key ] = intval( $_POST[ $request_key ] );
|
249 |
+
}
|
250 |
|
251 |
break;
|
252 |
|
253 |
default:
|
254 |
+
if ( isset( $_REQUEST[ $request_key ] ) ) {
|
255 |
+
$_REQUEST[ $request_key ] = intval( $_REQUEST[ $request_key ] );
|
256 |
+
}
|
257 |
+
if ( isset( $_GET[ $request_key ] ) ) {
|
258 |
+
$_GET[ $request_key ] = intval( $_GET[ $request_key ] );
|
259 |
+
}
|
260 |
+
if ( isset( $_POST[ $request_key ] ) ) {
|
261 |
+
$_POST[ $request_key ] = intval( $_POST[ $request_key ] );
|
262 |
+
}
|
263 |
break;
|
264 |
}
|
265 |
|
core/timeline/v2/wpbc-class-timeline_v2.php
CHANGED
@@ -738,11 +738,15 @@ class WPBC_TimelineFlex {
|
|
738 |
* Define View Params from $_REQUEST
|
739 |
*/
|
740 |
public function define_request_view_params() {
|
741 |
-
|
742 |
-
|
743 |
-
|
744 |
-
|
745 |
-
|
|
|
|
|
|
|
|
|
746 |
|
747 |
if ( ( isset( $_REQUEST['wh_booking_type'] ) ) && ( strpos( $_REQUEST['wh_booking_type'], ',' ) !== false ) )
|
748 |
$this->request_args['is_matrix'] = true;
|
738 |
* Define View Params from $_REQUEST
|
739 |
*/
|
740 |
public function define_request_view_params() {
|
741 |
+
|
742 |
+
// All other sanitizing and escaping are inside of this function wpbc_check_request_paramters(), which executing before. //FixIn: 8.9.2.1
|
743 |
+
|
744 |
+
// Used once for comma seperated resources only.
|
745 |
+
if ( isset( $_REQUEST['wh_booking_type'] ) ) {
|
746 |
+
$this->request_args['wh_booking_type'] = wpbc_clean_digit_or_csd( $_REQUEST['wh_booking_type'] ); //FixIn: 8.9.2.1
|
747 |
+
} elseif ( isset( $_GET['booking_type'] ) ) {
|
748 |
+
$this->request_args['wh_booking_type'] = wpbc_clean_digit_or_csd( $_GET['booking_type'] ); //FixIn: 8.9.2.1
|
749 |
+
}
|
750 |
|
751 |
if ( ( isset( $_REQUEST['wh_booking_type'] ) ) && ( strpos( $_REQUEST['wh_booking_type'], ',' ) !== false ) )
|
752 |
$this->request_args['is_matrix'] = true;
|
readme.txt
CHANGED
@@ -5,7 +5,7 @@ Tags: booking calendar, booking system, availability calendar, events calendar,
|
|
5 |
Requires at least: 4.0
|
6 |
Requires PHP: 5.2.4
|
7 |
Tested up to: 5.8
|
8 |
-
Stable tag: 8.9.
|
9 |
License: GPLv2 or later
|
10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
11 |
|
@@ -230,6 +230,10 @@ Please see [Video Guides](https://wpbookingcalendar.com/help/).
|
|
230 |
13. **Time Slots**. Simple configuration of **time slots** selection in booking form.
|
231 |
|
232 |
== Changelog ==
|
|
|
|
|
|
|
|
|
233 |
= 8.9.1 =
|
234 |
- Changes in **all** versions:
|
235 |
* **Translation**. Romanian translation [100% completed] by Cosmin Diaconu
|
5 |
Requires at least: 4.0
|
6 |
Requires PHP: 5.2.4
|
7 |
Tested up to: 5.8
|
8 |
+
Stable tag: 8.9.2
|
9 |
License: GPLv2 or later
|
10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
11 |
|
230 |
13. **Time Slots**. Simple configuration of **time slots** selection in booking form.
|
231 |
|
232 |
== Changelog ==
|
233 |
+
= 8.9.2 =
|
234 |
+
- Changes in **all** versions:
|
235 |
+
* **Fix**. Fix security issue in Booking Calendar Free version. More accurate sanitising and escaping parameters. (8.9.2.1)
|
236 |
+
|
237 |
= 8.9.1 =
|
238 |
- Changes in **all** versions:
|
239 |
* **Translation**. Romanian translation [100% completed] by Cosmin Diaconu
|
wpdev-booking.php
CHANGED
@@ -7,7 +7,7 @@ Author: wpdevelop, oplugins
|
|
7 |
Author URI: https://wpbookingcalendar.com/
|
8 |
Text Domain: booking
|
9 |
Domain Path: /languages/
|
10 |
-
Version: 8.9.
|
11 |
*/
|
12 |
|
13 |
/* Copyright 2009 - 2021 www.wpbookingcalendar.com (email: info@wpbookingcalendar.com),
|
@@ -29,7 +29,7 @@ Version: 8.9.1
|
|
29 |
if ( ! defined( 'ABSPATH' ) ) die( '<h3>Direct access to this file do not allow!</h3>' ); // Exit if accessed directly
|
30 |
|
31 |
|
32 |
-
if ( ! defined( 'WP_BK_VERSION_NUM' ) ) { define( 'WP_BK_VERSION_NUM', '8.9.
|
33 |
|
34 |
////////////////////////////////////////////////////////////////////////////////
|
35 |
// PRIMARY URL CONSTANTS
|
7 |
Author URI: https://wpbookingcalendar.com/
|
8 |
Text Domain: booking
|
9 |
Domain Path: /languages/
|
10 |
+
Version: 8.9.2
|
11 |
*/
|
12 |
|
13 |
/* Copyright 2009 - 2021 www.wpbookingcalendar.com (email: info@wpbookingcalendar.com),
|
29 |
if ( ! defined( 'ABSPATH' ) ) die( '<h3>Direct access to this file do not allow!</h3>' ); // Exit if accessed directly
|
30 |
|
31 |
|
32 |
+
if ( ! defined( 'WP_BK_VERSION_NUM' ) ) { define( 'WP_BK_VERSION_NUM', '8.9.2' ); }
|
33 |
|
34 |
////////////////////////////////////////////////////////////////////////////////
|
35 |
// PRIMARY URL CONSTANTS
|