rtMedia for WordPress, BuddyPress and bbPress - Version 3.7.40

Version Description

  • Security fix
Download this release

Release Info

Developer rtcamp
Plugin Icon 128x128 rtMedia for WordPress, BuddyPress and bbPress
Version 3.7.40
Comparing to
See all releases

Code changes from version 3.7.39 to 3.7.40

app/importers/RTMediaActivityUpgrade.php CHANGED
@@ -56,20 +56,26 @@ class RTMediaActivityUpgrade {
56
57
function rtmedia_activity_upgrade( $lastid = 0, $limit = 1 ){
58
global $wpdb;
59
- $rtmedia_model = new RTMediaModel();
60
- $rtmedia_activity_model = new RTMediaActivityModel();
61
- $activity_sql = " SELECT *, max(privacy) as max_privacy FROM {$rtmedia_model->table_name} WHERE activity_id is NOT NULL GROUP BY activity_id ORDER BY id limit " . $limit;
62
- if ( isset( $_REQUEST['last_id'] ) ){
63
- $lastid = $_REQUEST['last_id'];
64
- }
65
- if ( $lastid ){
66
- $activity_sql = " SELECT *, max(privacy) as max_privacy FROM {$rtmedia_model->table_name} WHERE activity_id > " . $lastid . ' AND activity_id is NOT NULL GROUP BY activity_id ORDER BY id limit ' . $limit;
67
- }
68
- $activity_data = $wpdb->get_results( $activity_sql );
69
- if ( is_array( $activity_data ) && ! empty( $activity_data ) ){
70
- $rtmedia_activity_model->insert( array( 'activity_id' => $activity_data[0]->activity_id, 'user_id' => $activity_data[0]->media_author, 'privacy' => $activity_data[0]->max_privacy ) );
71
}
72
- $this->return_upgrade( $activity_data[0] );
73
}
74
75
function return_upgrade( $activity_data, $upgrade = true ){
@@ -102,7 +108,7 @@ class RTMediaActivityUpgrade {
102
$query_pending = " SELECT count( DISTINCT activity_id) as pending from {$rtmedia_model->table_name} where activity_id NOT IN( SELECT activity_id from {$rtmedia_activity_model->table_name} ) AND activity_id > 0 ";
103
$last_imported = $this->get_last_imported();
104
if ( $last_imported ){
105
- $query_pending .= " AND activity_id>{$last_imported} ";
106
}
107
$pending_count = $wpdb->get_results( $query_pending );
108
if ( $pending_count && sizeof( $pending_count ) > 0 ){
@@ -147,6 +153,7 @@ class RTMediaActivityUpgrade {
147
<div class="wrap">
148
<h2>rtMedia: Upgrade rtMedia activity</h2>
149
<?php
150
echo '<span class="pending">' . rtmedia_migrate_formatseconds( $total - $done ) . ' (estimated)</span><br />';
151
echo '<span class="finished">' . $done . '</span>/<span class="total">' . $total . '</span>';
152
echo '<img src="images/loading.gif" alt="syncing" id="rtMediaSyncing" style="display:none" />';
@@ -188,7 +195,8 @@ class RTMediaActivityUpgrade {
188
ajax_data = {
189
"action": "rtmedia_activity_upgrade",
190
"done": db_done,
191
- "last_id": last_id
192
}
193
jQuery.ajax( {
194
url: '<?php echo $admin_ajax; ?>',
56
57
function rtmedia_activity_upgrade( $lastid = 0, $limit = 1 ){
58
global $wpdb;
59
+ if( wp_verify_nonce( $_REQUEST['nonce'], 'rtmedia_media_activity_upgrade_nonce' ) ){
60
+ $rtmedia_model = new RTMediaModel();
61
+ $rtmedia_activity_model = new RTMediaActivityModel();
62
+ $activity_sql = " SELECT *, max(privacy) as max_privacy FROM {$rtmedia_model->table_name} WHERE activity_id is NOT NULL GROUP BY activity_id ORDER BY id limit " . $limit;
63
+ if ( isset( $_REQUEST['last_id'] ) ){
64
+ $lastid = intval( $_REQUEST['last_id'] );
65
+ }
66
+ if ( $lastid ){
67
+ $activity_sql = " SELECT *, max(privacy) as max_privacy FROM {$rtmedia_model->table_name} WHERE activity_id > " . $lastid . ' AND activity_id is NOT NULL GROUP BY activity_id ORDER BY id limit ' . $limit;
68
+ }
69
+ $activity_data = $wpdb->get_results( $activity_sql );
70
+ if ( is_array( $activity_data ) && ! empty( $activity_data ) ){
71
+ $rtmedia_activity_model->insert( array( 'activity_id' => $activity_data[0]->activity_id, 'user_id' => $activity_data[0]->media_author, 'privacy' => $activity_data[0]->max_privacy ) );
72
+ }
73
+ $this->return_upgrade( $activity_data[0] );
74
+ } else {
75
+ echo '0';
76
+ wp_die();
77
}
78
+
79
}
80
81
function return_upgrade( $activity_data, $upgrade = true ){
108
$query_pending = " SELECT count( DISTINCT activity_id) as pending from {$rtmedia_model->table_name} where activity_id NOT IN( SELECT activity_id from {$rtmedia_activity_model->table_name} ) AND activity_id > 0 ";
109
$last_imported = $this->get_last_imported();
110
if ( $last_imported ){
111
+ $query_pending .= " AND activity_id > {$last_imported} ";
112
}
113
$pending_count = $wpdb->get_results( $query_pending );
114
if ( $pending_count && sizeof( $pending_count ) > 0 ){
153
<div class="wrap">
154
<h2>rtMedia: Upgrade rtMedia activity</h2>
155
<?php
156
+ wp_nonce_field( 'rtmedia_media_activity_upgrade_nonce', 'rtmedia_media_activity_upgrade_nonce' );
157
echo '<span class="pending">' . rtmedia_migrate_formatseconds( $total - $done ) . ' (estimated)</span><br />';
158
echo '<span class="finished">' . $done . '</span>/<span class="total">' . $total . '</span>';
159
echo '<img src="images/loading.gif" alt="syncing" id="rtMediaSyncing" style="display:none" />';
195
ajax_data = {
196
"action": "rtmedia_activity_upgrade",
197
"done": db_done,
198
+ "last_id": last_id,
199
+ "nonce" : jQuery.trim( jQuery( '#rtmedia_media_activity_upgrade_nonce' ).val() )
200
}
201
jQuery.ajax( {
202
url: '<?php echo $admin_ajax; ?>',
app/importers/RTMediaMediaSizeImporter.php CHANGED
@@ -92,6 +92,7 @@ class RTMediaMediaSizeImporter {
92
<div class="wrap">
93
<h2>rtMedia: Import Media Size</h2>
94
<?php
95
echo '<span class="pending">' . rtmedia_migrate_formatseconds( $total - $done ) . ' (estimated)</span><br />';
96
echo '<span class="finished">' . $done . '</span>/<span class="total">' . $total . '</span>';
97
echo '<img src="images/loading.gif" alt="syncing" id="rtMediaSyncing" style="display:none" />';
@@ -118,7 +119,8 @@ class RTMediaMediaSizeImporter {
118
ajax_data = {
119
"action": "rtmedia_media_size_import",
120
"done": db_done,
121
- "last_id": last_id
122
}
123
jQuery.ajax( {
124
url: rtmedia_admin_ajax,
@@ -192,6 +194,7 @@ class RTMediaMediaSizeImporter {
192
$rtmedia_model = new RTMediaModel();
193
$query_pending = "SELECT COUNT(*) as pending from {$rtmedia_model->table_name} where file_size IS NULL AND media_type in ('photo','video','document','music','other')";
194
if ( $media_id ){
195
$query_pending = "SELECT COUNT(*) as pending from {$rtmedia_model->table_name} where file_size IS NULL AND media_type in ('photo','video','document','music','other') AND id > '" . $media_id . "'";
196
}
197
$pending_count = $wpdb->get_results( $query_pending );
@@ -216,19 +219,25 @@ class RTMediaMediaSizeImporter {
216
217
function rtmedia_media_size_import( $lastid = 0, $limit = 1 ){
218
global $wpdb;
219
- $rtmedia_model = new RTMediaModel();
220
- $get_media_sql = "SELECT * from {$rtmedia_model->table_name} where file_size is NULL and media_type in ('photo','video','document','music','other') order by id limit " . $limit;
221
- if ( isset( $_REQUEST['last_id'] ) ){
222
- $lastid = $_REQUEST['last_id'];
223
- }
224
- if ( $lastid ){
225
- $get_media_sql = "SELECT * from {$rtmedia_model->table_name} where id > '" . $lastid . "' AND file_size is NULL and media_type in ('photo','video','document','music','other') order by id limit " . $limit;
226
- }
227
- $result = $wpdb->get_results( $get_media_sql );
228
- if ( $result && sizeof( $result ) > 0 ){
229
- $migrate = $this->migrate_single_media( $result[0] );
230
}
231
- $this->return_migration( $result[0], $migrate );
232
}
233
234
function migrate_single_media( $result ){
@@ -252,7 +261,7 @@ class RTMediaMediaSizeImporter {
252
return $return;
253
}
254
255
- function return_migration( $media, $migrate = true ){
256
$total = $this->get_total_count();
257
$pending = $this->get_pending_count( $media->id );
258
$done = $total - $pending;
92
<div class="wrap">
93
<h2>rtMedia: Import Media Size</h2>
94
<?php
95
+ wp_nonce_field( 'rtmedia_media_size_import_nonce', 'rtmedia_media_size_import_nonce' );
96
echo '<span class="pending">' . rtmedia_migrate_formatseconds( $total - $done ) . ' (estimated)</span><br />';
97
echo '<span class="finished">' . $done . '</span>/<span class="total">' . $total . '</span>';
98
echo '<img src="images/loading.gif" alt="syncing" id="rtMediaSyncing" style="display:none" />';
119
ajax_data = {
120
"action": "rtmedia_media_size_import",
121
"done": db_done,
122
+ "last_id": last_id,
123
+ "nonce" : jQuery.trim( jQuery( '#rtmedia_media_size_import_nonce' ).val() )
124
}
125
jQuery.ajax( {
126
url: rtmedia_admin_ajax,
194
$rtmedia_model = new RTMediaModel();
195
$query_pending = "SELECT COUNT(*) as pending from {$rtmedia_model->table_name} where file_size IS NULL AND media_type in ('photo','video','document','music','other')";
196
if ( $media_id ){
197
+ $media_id = intval( $media_id );
198
$query_pending = "SELECT COUNT(*) as pending from {$rtmedia_model->table_name} where file_size IS NULL AND media_type in ('photo','video','document','music','other') AND id > '" . $media_id . "'";
199
}
200
$pending_count = $wpdb->get_results( $query_pending );
219
220
function rtmedia_media_size_import( $lastid = 0, $limit = 1 ){
221
global $wpdb;
222
+ if( wp_verify_nonce( $_REQUEST['nonce'], 'rtmedia_media_size_import_nonce' ) ){
223
+ $rtmedia_model = new RTMediaModel();
224
+ $get_media_sql = "SELECT * from {$rtmedia_model->table_name} where file_size is NULL and media_type in ('photo','video','document','music','other') order by id limit " . $limit;
225
+ if ( isset( $_REQUEST['last_id'] ) ){
226
+ $lastid = intval( $_REQUEST['last_id'] );
227
+ }
228
+ if ( $lastid ){
229
+ $get_media_sql = "SELECT * from {$rtmedia_model->table_name} where id > '" . $lastid . "' AND file_size is NULL and media_type in ('photo','video','document','music','other') order by id limit " . $limit;
230
+ }
231
+ $result = $wpdb->get_results( $get_media_sql );
232
+ if ( $result && sizeof( $result ) > 0 ){
233
+ $migrate = $this->migrate_single_media( $result[0] );
234
+ }
235
+ $this->return_migration( $result[0], $migrate );
236
+ } else {
237
+ echo '0';
238
+ wp_die();
239
}
240
+
241
}
242
243
function migrate_single_media( $result ){
261
return $return;
262
}
263
264
+ function return_migration( $media = false, $migrate = true ){
265
$total = $this->get_total_count();
266
$pending = $this->get_pending_count( $media->id );
267
$done = $total - $pending;
index.php CHANGED
@@ -4,7 +4,7 @@
4
Plugin Name: rtMedia for WordPress, BuddyPress and bbPress
5
Plugin URI: http://rtcamp.com/rtmedia/?utm_source=dashboard&utm_medium=plugin&utm_campaign=buddypress-media
6
Description: This plugin adds missing media rich features like photos, videos and audio uploading to BuddyPress which are essential if you are building social network, seriously!
7
- Version: 3.7.39
8
Author: rtCamp
9
Text Domain: rtmedia
10
Author URI: http://rtcamp.com/?utm_source=dashboard&utm_medium=plugin&utm_campaign=buddypress-media
4
Plugin Name: rtMedia for WordPress, BuddyPress and bbPress
5
Plugin URI: http://rtcamp.com/rtmedia/?utm_source=dashboard&utm_medium=plugin&utm_campaign=buddypress-media
6
Description: This plugin adds missing media rich features like photos, videos and audio uploading to BuddyPress which are essential if you are building social network, seriously!
7
+ Version: 3.7.40
8
Author: rtCamp
9
Text Domain: rtmedia
10
Author URI: http://rtcamp.com/?utm_source=dashboard&utm_medium=plugin&utm_campaign=buddypress-media
readme.txt CHANGED
@@ -6,7 +6,7 @@ License: GPLv2 or later
6
License URI: http://www.gnu.org/licenses/gpl-2.0.html
7
Requires at least: WordPress 3.6
8
Tested up to: WordPress 4.1 + BuddyPress 2.2.0
9
- Stable tag: 3.7.39
10
11
Add albums, photo, audio/video encoding, privacy, sharing, front-end uploads & more. All this works on mobile/tablets devices.
12
@@ -128,6 +128,9 @@ http://www.youtube.com/watch?v=dJrykKQGDcs
128
129
Please visit [rtMedia's Roadmap page](http://rtcamp.com/rtmedia/roadmap/?utm_source=readme&utm_medium=plugin&utm_campaign=buddypress-media "Visit rtMedia's Features page") to get some details about future releases.
130
131
= 3.7.39 =
132
* Fix possible XSS vulnerability
133
* Update label for create album
@@ -940,8 +943,8 @@ Please visit [rtMedia's Roadmap page](http://rtcamp.com/rtmedia/roadmap/?utm_sou
940
941
== Upgrade Notice ==
942
943
- = 3.7.39 =
944
- Requires BuddyPress 1.7 or higher, if using BuddyPress. Fix possible XSS vulnerability, update label for create album.
945
946
== Sponsors ==
947
6
License URI: http://www.gnu.org/licenses/gpl-2.0.html
7
Requires at least: WordPress 3.6
8
Tested up to: WordPress 4.1 + BuddyPress 2.2.0
9
+ Stable tag: 3.7.40
10
11
Add albums, photo, audio/video encoding, privacy, sharing, front-end uploads & more. All this works on mobile/tablets devices.
12
128
129
Please visit [rtMedia's Roadmap page](http://rtcamp.com/rtmedia/roadmap/?utm_source=readme&utm_medium=plugin&utm_campaign=buddypress-media "Visit rtMedia's Features page") to get some details about future releases.
130
131
+ = 3.7.40 =
132
+ * Security fix
133
+
134
= 3.7.39 =
135
* Fix possible XSS vulnerability
136
* Update label for create album
943
944
== Upgrade Notice ==
945
946
+ = 3.7.40 =
947
+ Requires BuddyPress 1.7 or higher, if using BuddyPress. Security fix
948
949
== Sponsors ==
950