Version Description
Download this release
Release Info
| Developer | Cimmo |
| Plugin |  Cimy User Extra Fields |
| Version | 2.3.9 |
| Comparing to | |
| See all releases | |
Code changes from version 2.3.8 to 2.3.9
- README_OFFICIAL.txt +5 -0
- cimy_uef_email_handler.php +1 -0
- cimy_uef_functions.php +17 -9
- cimy_uef_register.php +14 -8
- cimy_user_extra_fields.php +2 -2
- js/ajax_new_value.js +11 -2
- readme.txt +1 -1
README_OFFICIAL.txt
CHANGED
|
@@ -619,6 +619,11 @@ A lot of times I cannot reproduce the problem and I need more details, so if you
|
|
| 619 |
|
| 620 |
|
| 621 |
CHANGELOG:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 622 |
v2.3.8 - 30/07/2012
|
| 623 |
- Fixed security issue where any site with [file|avatar|picture] extra fields is vulnerable by a possible remote code execution vulnerability present in all versions of the plug-in probably since v0.9.5
|
| 624 |
see: secunia.com/advisories/49975/ ('thanks' to the kid 'Crim3R' that in the need of popularity thought that exposing thousands of users was a better idea rather than responsibly email me first)
|
| 619 |
|
| 620 |
|
| 621 |
CHANGELOG:
|
| 622 |
+
v2.3.9 - 06/08/2012
|
| 623 |
+
- Fixed another possible security issue where webservers with poor configuration might end up executing arbitrary PHP code when a malicious [file|avatar|picture] is uploaded (thanks to Artyom Skrobov from Secunia)
|
| 624 |
+
- Fixed dropdown-multi were not saved correctly under 'Users Extended' (thanks to David Vranish)
|
| 625 |
+
- Fixed dropdown-multi were not saved correctly under WordPress MS registration (thanks to David Vranish)
|
| 626 |
+
|
| 627 |
v2.3.8 - 30/07/2012
|
| 628 |
- Fixed security issue where any site with [file|avatar|picture] extra fields is vulnerable by a possible remote code execution vulnerability present in all versions of the plug-in probably since v0.9.5
|
| 629 |
see: secunia.com/advisories/49975/ ('thanks' to the kid 'Crim3R' that in the need of popularity thought that exposing thousands of users was a better idea rather than responsibly email me first)
|
cimy_uef_email_handler.php
CHANGED
|
@@ -250,6 +250,7 @@ function cimy_uef_activate_signup($key) {
|
|
| 250 |
|
| 251 |
$user_id = username_exists($user_login);
|
| 252 |
|
|
|
|
| 253 |
if ( ! $user_id )
|
| 254 |
$user_id = wp_create_user( $user_login, $password, $user_email );
|
| 255 |
else
|
| 250 |
|
| 251 |
$user_id = username_exists($user_login);
|
| 252 |
|
| 253 |
+
$user_already_exists = false;
|
| 254 |
if ( ! $user_id )
|
| 255 |
$user_id = wp_create_user( $user_login, $password, $user_email );
|
| 256 |
else
|
cimy_uef_functions.php
CHANGED
|
@@ -813,10 +813,24 @@ function cimy_manage_upload($input_name, $user_login, $rules, $old_file=false, $
|
|
| 813 |
chmod($file_path, 0777);
|
| 814 |
}
|
| 815 |
}
|
| 816 |
-
|
| 817 |
-
//
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 818 |
$file_full_path = $file_path.$file_name;
|
| 819 |
-
|
| 820 |
// picture url to write in the DB
|
| 821 |
$data = $cuef_upload_webpath;
|
| 822 |
|
|
@@ -827,12 +841,6 @@ function cimy_manage_upload($input_name, $user_login, $rules, $old_file=false, $
|
|
| 827 |
$data .= $type_path.$file_name;
|
| 828 |
else
|
| 829 |
$data .= $user_login."/".$type_path.$file_name;
|
| 830 |
-
|
| 831 |
-
// filesize in Byte transformed in KiloByte
|
| 832 |
-
$file_size = $_FILES[$input_name]['size'] / 1024;
|
| 833 |
-
$file_type = $_FILES[$input_name]['type'];
|
| 834 |
-
$file_tmp_name = $_FILES[$input_name]['tmp_name'];
|
| 835 |
-
$file_error = $_FILES[$input_name]['error'];
|
| 836 |
|
| 837 |
// CHECK IF IT IS A REAL PICTURE
|
| 838 |
if (($type != "file") && (stristr($file_type, "image/") === false))
|
| 813 |
chmod($file_path, 0777);
|
| 814 |
}
|
| 815 |
}
|
| 816 |
+
|
| 817 |
+
// filesize in Byte transformed in KiloByte
|
| 818 |
+
$file_size = $_FILES[$input_name]['size'] / 1024;
|
| 819 |
+
$file_type = $_FILES[$input_name]['type'];
|
| 820 |
+
$file_tmp_name = $_FILES[$input_name]['tmp_name'];
|
| 821 |
+
$file_error = $_FILES[$input_name]['error'];
|
| 822 |
+
|
| 823 |
+
$allowed_mime_types = get_allowed_mime_types();
|
| 824 |
+
// let's see if the image extension is correct, bad boy
|
| 825 |
+
$validate = wp_check_filetype_and_ext($file_tmp_name, $file_name, $allowed_mime_types);
|
| 826 |
+
if ($validate['proper_filename'] !== false)
|
| 827 |
+
$file_name = $validate['proper_filename'];
|
| 828 |
+
|
| 829 |
+
// sanitize the file name
|
| 830 |
+
$file_name = wp_unique_filename($file_path, $file_name);
|
| 831 |
+
// file path
|
| 832 |
$file_full_path = $file_path.$file_name;
|
| 833 |
+
|
| 834 |
// picture url to write in the DB
|
| 835 |
$data = $cuef_upload_webpath;
|
| 836 |
|
| 841 |
$data .= $type_path.$file_name;
|
| 842 |
else
|
| 843 |
$data .= $user_login."/".$type_path.$file_name;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 844 |
|
| 845 |
// CHECK IF IT IS A REAL PICTURE
|
| 846 |
if (($type != "file") && (stristr($file_type, "image/") === false))
|
cimy_uef_register.php
CHANGED
|
@@ -9,6 +9,9 @@ function cimy_register_user_extra_hidden_fields_stage2() {
|
|
| 9 |
echo "\n".$start_cimy_uef_comment;
|
| 10 |
foreach ($_POST as $name=>$value) {
|
| 11 |
if (!(stristr($name, "cimy_uef_")) === FALSE) {
|
|
|
|
|
|
|
|
|
|
| 12 |
echo "\t\t<input type=\"hidden\" name=\"".$name."\" value=\"".esc_attr($value)."\" />\n";
|
| 13 |
} else if ($name == "blog_id") {
|
| 14 |
echo "\t\t<input type=\"hidden\" name=\"".$name."\" value=\"".esc_attr($value)."\" />\n";
|
|
@@ -22,6 +25,9 @@ function cimy_register_user_extra_fields_signup_meta($meta) {
|
|
| 22 |
|
| 23 |
foreach ($_POST as $name=>$value) {
|
| 24 |
if (!(stristr($name, "cimy_uef_")) === FALSE) {
|
|
|
|
|
|
|
|
|
|
| 25 |
$meta[$name] = $value;
|
| 26 |
} else if ($name == "blog_id") {
|
| 27 |
$meta[$name] = $value;
|
|
@@ -412,8 +418,8 @@ function cimy_registration_check($user_login, $user_email, $errors) {
|
|
| 412 |
$file_size = $_FILES[$input_name]['size'] / 1024;
|
| 413 |
$file_type1 = $_FILES[$input_name]['type']; // this can be faked!
|
| 414 |
$value = $_FILES[$input_name]['name'];
|
| 415 |
-
$old_file = $from_profile ? $_POST[$input_name."_".$field_id."_prev_value"] : '';
|
| 416 |
-
$del_old_file = $from_profile ? $_POST[$input_name."_del"] : '';
|
| 417 |
}
|
| 418 |
else {
|
| 419 |
$file_size = 0;
|
|
@@ -494,10 +500,10 @@ function cimy_registration_check($user_login, $user_email, $errors) {
|
|
| 494 |
// CHECK IF IT IS A REAL PICTURE
|
| 495 |
if (in_array($type, $cimy_uef_file_images_types)) {
|
| 496 |
$allowed_mime_types = get_allowed_mime_types();
|
| 497 |
-
$
|
| 498 |
$file_type2 = "";
|
| 499 |
-
if (!empty($
|
| 500 |
-
$file_type2 = $
|
| 501 |
|
| 502 |
if (((stristr($file_type1, "image/") === false) || (stristr($file_type2, "image/") === false)) && (!empty($value))) {
|
| 503 |
$errors->add($unique_id, '<strong>'.__("ERROR", $cimy_uef_domain).'</strong>: '.$label.' '.__('should be an image.', $cimy_uef_domain));
|
|
@@ -505,10 +511,10 @@ function cimy_registration_check($user_login, $user_email, $errors) {
|
|
| 505 |
}
|
| 506 |
else if (in_array($type, $cimy_uef_file_types)) {
|
| 507 |
$allowed_mime_types = get_allowed_mime_types();
|
| 508 |
-
$
|
| 509 |
$file_type2 = "";
|
| 510 |
-
if (!empty($
|
| 511 |
-
$file_type2 = $
|
| 512 |
|
| 513 |
if (empty($file_type2) && !empty($value)) {
|
| 514 |
$errors->add($unique_id, '<strong>'.__("ERROR", $cimy_uef_domain).'</strong>: '.$label.' '.__('does not accept this file type.', $cimy_uef_domain));
|
| 9 |
echo "\n".$start_cimy_uef_comment;
|
| 10 |
foreach ($_POST as $name=>$value) {
|
| 11 |
if (!(stristr($name, "cimy_uef_")) === FALSE) {
|
| 12 |
+
// dropdown-multi will be an Array of selected elements
|
| 13 |
+
if (is_array($value))
|
| 14 |
+
$value = implode(',', $value);
|
| 15 |
echo "\t\t<input type=\"hidden\" name=\"".$name."\" value=\"".esc_attr($value)."\" />\n";
|
| 16 |
} else if ($name == "blog_id") {
|
| 17 |
echo "\t\t<input type=\"hidden\" name=\"".$name."\" value=\"".esc_attr($value)."\" />\n";
|
| 25 |
|
| 26 |
foreach ($_POST as $name=>$value) {
|
| 27 |
if (!(stristr($name, "cimy_uef_")) === FALSE) {
|
| 28 |
+
// dropdown-multi will be an Array of selected elements
|
| 29 |
+
if (is_array($value))
|
| 30 |
+
$value = implode(',', $value);
|
| 31 |
$meta[$name] = $value;
|
| 32 |
} else if ($name == "blog_id") {
|
| 33 |
$meta[$name] = $value;
|
| 418 |
$file_size = $_FILES[$input_name]['size'] / 1024;
|
| 419 |
$file_type1 = $_FILES[$input_name]['type']; // this can be faked!
|
| 420 |
$value = $_FILES[$input_name]['name'];
|
| 421 |
+
$old_file = $from_profile && !empty($_POST[$input_name."_".$field_id."_prev_value"]) ? $_POST[$input_name."_".$field_id."_prev_value"] : '';
|
| 422 |
+
$del_old_file = $from_profile && !empty($_POST[$input_name."_del"]) ? $_POST[$input_name."_del"] : '';
|
| 423 |
}
|
| 424 |
else {
|
| 425 |
$file_size = 0;
|
| 500 |
// CHECK IF IT IS A REAL PICTURE
|
| 501 |
if (in_array($type, $cimy_uef_file_images_types)) {
|
| 502 |
$allowed_mime_types = get_allowed_mime_types();
|
| 503 |
+
$validate = wp_check_filetype($value, $allowed_mime_types);
|
| 504 |
$file_type2 = "";
|
| 505 |
+
if (!empty($validate['type']))
|
| 506 |
+
$file_type2 = $validate['type'];
|
| 507 |
|
| 508 |
if (((stristr($file_type1, "image/") === false) || (stristr($file_type2, "image/") === false)) && (!empty($value))) {
|
| 509 |
$errors->add($unique_id, '<strong>'.__("ERROR", $cimy_uef_domain).'</strong>: '.$label.' '.__('should be an image.', $cimy_uef_domain));
|
| 511 |
}
|
| 512 |
else if (in_array($type, $cimy_uef_file_types)) {
|
| 513 |
$allowed_mime_types = get_allowed_mime_types();
|
| 514 |
+
$validate = wp_check_filetype($value, $allowed_mime_types);
|
| 515 |
$file_type2 = "";
|
| 516 |
+
if (!empty($validate['type']))
|
| 517 |
+
$file_type2 = $validate['type'];
|
| 518 |
|
| 519 |
if (empty($file_type2) && !empty($value)) {
|
| 520 |
$errors->add($unique_id, '<strong>'.__("ERROR", $cimy_uef_domain).'</strong>: '.$label.' '.__('does not accept this file type.', $cimy_uef_domain));
|
cimy_user_extra_fields.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: Cimy User Extra Fields
|
| 4 |
Plugin URI: http://www.marcocimmino.net/cimy-wordpress-plugins/cimy-user-extra-fields/
|
| 5 |
Description: Add some useful fields to registration and user's info
|
| 6 |
-
Version: 2.3.
|
| 7 |
Author: Marco Cimmino
|
| 8 |
Author URI: mailto:cimmino.marco@gmail.com
|
| 9 |
License: GPL2
|
|
@@ -162,7 +162,7 @@ require_once($cuef_plugin_dir.'/cimy_uef_admin.php');
|
|
| 162 |
add_action('admin_init', 'cimy_uef_admin_init');
|
| 163 |
|
| 164 |
$cimy_uef_name = "Cimy User Extra Fields";
|
| 165 |
-
$cimy_uef_version = "2.3.
|
| 166 |
$cimy_uef_url = "http://www.marcocimmino.net/cimy-wordpress-plugins/cimy-user-extra-fields/";
|
| 167 |
$cimy_project_url = "http://www.marcocimmino.net/cimy-wordpress-plugins/support-the-cimy-project-paypal/";
|
| 168 |
|
| 3 |
Plugin Name: Cimy User Extra Fields
|
| 4 |
Plugin URI: http://www.marcocimmino.net/cimy-wordpress-plugins/cimy-user-extra-fields/
|
| 5 |
Description: Add some useful fields to registration and user's info
|
| 6 |
+
Version: 2.3.9
|
| 7 |
Author: Marco Cimmino
|
| 8 |
Author URI: mailto:cimmino.marco@gmail.com
|
| 9 |
License: GPL2
|
| 162 |
add_action('admin_init', 'cimy_uef_admin_init');
|
| 163 |
|
| 164 |
$cimy_uef_name = "Cimy User Extra Fields";
|
| 165 |
+
$cimy_uef_version = "2.3.9";
|
| 166 |
$cimy_uef_url = "http://www.marcocimmino.net/cimy-wordpress-plugins/cimy-user-extra-fields/";
|
| 167 |
$cimy_project_url = "http://www.marcocimmino.net/cimy-wordpress-plugins/support-the-cimy-project-paypal/";
|
| 168 |
|
js/ajax_new_value.js
CHANGED
|
@@ -4,7 +4,16 @@ jQuery(document).ready(function($) {
|
|
| 4 |
var old_value = $('#value-'+user_id+'-'+field_name).html();
|
| 5 |
var all_inside_ef_td = $('#ef-new-value-'+field_name).clone();
|
| 6 |
var extra_field = all_inside_ef_td.find(':first-child');
|
| 7 |
-
var
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 8 |
|
| 9 |
extra_field.attr('id', 'ef-new-value-'+user_id+'-'+field_name);
|
| 10 |
extra_field.attr('name', '');
|
|
@@ -52,7 +61,7 @@ jQuery(document).ready(function($) {
|
|
| 52 |
if (new_value == null)
|
| 53 |
new_value = Array();
|
| 54 |
|
| 55 |
-
if($.inArray(postL10n.dropdown_first_item, new_value) > -1)
|
| 56 |
new_value.splice(0, 1);
|
| 57 |
|
| 58 |
new_value = new_value.join(',');
|
| 4 |
var old_value = $('#value-'+user_id+'-'+field_name).html();
|
| 5 |
var all_inside_ef_td = $('#ef-new-value-'+field_name).clone();
|
| 6 |
var extra_field = all_inside_ef_td.find(':first-child');
|
| 7 |
+
var tag_name = extra_field.get(0).tagName.toLowerCase();
|
| 8 |
+
var extra_field_type;
|
| 9 |
+
if (tag_name == 'select') {
|
| 10 |
+
if (extra_field.attr('multiple') != undefined)
|
| 11 |
+
extra_field_type = 'select-multiple';
|
| 12 |
+
else
|
| 13 |
+
extra_field_type = tag_name;
|
| 14 |
+
}
|
| 15 |
+
else
|
| 16 |
+
extra_field_type = extra_field.attr('type');
|
| 17 |
|
| 18 |
extra_field.attr('id', 'ef-new-value-'+user_id+'-'+field_name);
|
| 19 |
extra_field.attr('name', '');
|
| 61 |
if (new_value == null)
|
| 62 |
new_value = Array();
|
| 63 |
|
| 64 |
+
if ($.inArray(postL10n.dropdown_first_item, new_value) > -1)
|
| 65 |
new_value.splice(0, 1);
|
| 66 |
|
| 67 |
new_value = new_value.join(',');
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Website link: http://www.marcocimmino.net/cimy-wordpress-plugins/cimy-user-extra
|
|
| 5 |
Tags: cimy, admin, registration, profile, extra fields, avatar, gravatar, recaptcha, captcha
|
| 6 |
Requires at least: 3.1
|
| 7 |
Tested up to: 3.4
|
| 8 |
-
Stable tag: 2.3.
|
| 9 |
|
| 10 |
Add some useful fields to registration and user's info
|
| 11 |
|
| 5 |
Tags: cimy, admin, registration, profile, extra fields, avatar, gravatar, recaptcha, captcha
|
| 6 |
Requires at least: 3.1
|
| 7 |
Tested up to: 3.4
|
| 8 |
+
Stable tag: 2.3.9
|
| 9 |
|
| 10 |
Add some useful fields to registration and user's info
|
| 11 |
|
