Version Description
Download this release
Release Info
Developer | tareq1988 |
Plugin | Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy |
Version | 3.7.6 |
Comparing to | |
See all releases |
Code changes from version 3.7.5 to 3.7.6
- dokan.php +3 -3
- includes/Ajax.php +1 -1
- includes/Product/functions.php +9 -8
- languages/dokan-lite.pot +13 -13
- readme.txt +6 -2
- templates/whats-new.php +12 -0
- vendor/autoload.php +1 -1
- vendor/composer/autoload_real.php +7 -7
- vendor/composer/autoload_static.php +4 -4
dokan.php
CHANGED
@@ -3,12 +3,12 @@
|
|
3 |
* Plugin Name: Dokan
|
4 |
* Plugin URI: https://wordpress.org/plugins/dokan-lite/
|
5 |
* Description: An e-commerce marketplace plugin for WordPress. Powered by WooCommerce and weDevs.
|
6 |
-
* Version: 3.7.
|
7 |
* Author: weDevs
|
8 |
* Author URI: https://wedevs.com/
|
9 |
* Text Domain: dokan-lite
|
10 |
* WC requires at least: 5.0.0
|
11 |
-
* WC tested up to: 7.0
|
12 |
* Domain Path: /languages/
|
13 |
* License: GPL2
|
14 |
*/
|
@@ -56,7 +56,7 @@ final class WeDevs_Dokan {
|
|
56 |
*
|
57 |
* @var string
|
58 |
*/
|
59 |
-
public $version = '3.7.
|
60 |
|
61 |
/**
|
62 |
* Instance of self
|
3 |
* Plugin Name: Dokan
|
4 |
* Plugin URI: https://wordpress.org/plugins/dokan-lite/
|
5 |
* Description: An e-commerce marketplace plugin for WordPress. Powered by WooCommerce and weDevs.
|
6 |
+
* Version: 3.7.6
|
7 |
* Author: weDevs
|
8 |
* Author URI: https://wedevs.com/
|
9 |
* Text Domain: dokan-lite
|
10 |
* WC requires at least: 5.0.0
|
11 |
+
* WC tested up to: 7.1.0
|
12 |
* Domain Path: /languages/
|
13 |
* License: GPL2
|
14 |
*/
|
56 |
*
|
57 |
* @var string
|
58 |
*/
|
59 |
+
public $version = '3.7.6';
|
60 |
|
61 |
/**
|
62 |
* Instance of self
|
includes/Ajax.php
CHANGED
@@ -640,7 +640,7 @@ class Ajax {
|
|
640 |
check_ajax_referer( 'search-products', 'security' );
|
641 |
|
642 |
$term = ! empty( $_GET['term'] ) ? sanitize_text_field( wp_unslash( $_GET['term'] ) ) : '';
|
643 |
-
$user_ids = ! empty( $_GET['user_ids'] ) ?
|
644 |
|
645 |
if ( empty( $term ) ) {
|
646 |
wp_die();
|
640 |
check_ajax_referer( 'search-products', 'security' );
|
641 |
|
642 |
$term = ! empty( $_GET['term'] ) ? sanitize_text_field( wp_unslash( $_GET['term'] ) ) : '';
|
643 |
+
$user_ids = ! empty( $_GET['user_ids'] ) ? array_filter( array_map( 'absint', (array) wp_unslash( $_GET['user_ids'] ) ) ) : false;
|
644 |
|
645 |
if ( empty( $term ) ) {
|
646 |
wp_die();
|
includes/Product/functions.php
CHANGED
@@ -385,19 +385,22 @@ function dokan_search_seller_products( $term, $user_ids = false, $type = '', $in
|
|
385 |
$type_join = '';
|
386 |
$type_where = '';
|
387 |
$users_where = '';
|
|
|
388 |
|
389 |
if ( $type ) {
|
390 |
if ( in_array( $type, [ 'virtual', 'downloadable' ], true ) ) {
|
391 |
$type_join = " LEFT JOIN {$wpdb->postmeta} postmeta_type ON posts.ID = postmeta_type.post_id ";
|
392 |
-
$type_where = " AND ( postmeta_type.meta_key =
|
|
|
393 |
}
|
394 |
}
|
395 |
|
396 |
-
if ( $user_ids ) {
|
397 |
if ( is_array( $user_ids ) ) {
|
398 |
-
$users_where = " AND posts.post_author IN ('" . implode( "','", $user_ids ) . "')";
|
399 |
-
}
|
400 |
-
$users_where =
|
|
|
401 |
}
|
402 |
}
|
403 |
// phpcs:ignore WordPress.DB.PreparedSQL
|
@@ -420,9 +423,7 @@ function dokan_search_seller_products( $term, $user_ids = false, $type = '', $in
|
|
420 |
$users_where
|
421 |
ORDER BY posts.post_parent ASC, posts.post_title ASC
|
422 |
",
|
423 |
-
$
|
424 |
-
$like_term,
|
425 |
-
$like_term
|
426 |
)
|
427 |
// phpcs:enable
|
428 |
);
|
385 |
$type_join = '';
|
386 |
$type_where = '';
|
387 |
$users_where = '';
|
388 |
+
$query_args = [ $like_term, $like_term, $like_term ];
|
389 |
|
390 |
if ( $type ) {
|
391 |
if ( in_array( $type, [ 'virtual', 'downloadable' ], true ) ) {
|
392 |
$type_join = " LEFT JOIN {$wpdb->postmeta} postmeta_type ON posts.ID = postmeta_type.post_id ";
|
393 |
+
$type_where = " AND ( postmeta_type.meta_key = %s AND postmeta_type.meta_value = 'yes' ) ";
|
394 |
+
$query_args[] = "_{$type}";
|
395 |
}
|
396 |
}
|
397 |
|
398 |
+
if ( ! empty( $user_ids ) ) {
|
399 |
if ( is_array( $user_ids ) ) {
|
400 |
+
$users_where = " AND posts.post_author IN ('" . implode( "','", array_filter( array_map( 'absint', $user_ids ) ) ) . "')";
|
401 |
+
} elseif ( is_numeric( $user_ids ) ) {
|
402 |
+
$users_where = ' AND posts.post_author = %d';
|
403 |
+
$query_args[] = $user_ids;
|
404 |
}
|
405 |
}
|
406 |
// phpcs:ignore WordPress.DB.PreparedSQL
|
423 |
$users_where
|
424 |
ORDER BY posts.post_parent ASC, posts.post_title ASC
|
425 |
",
|
426 |
+
$query_args
|
|
|
|
|
427 |
)
|
428 |
// phpcs:enable
|
429 |
);
|
languages/dokan-lite.pot
CHANGED
@@ -2,9 +2,9 @@
|
|
2 |
# This file is distributed under the GPL2.
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
-
"Project-Id-Version: Dokan 3.7.
|
6 |
"Report-Msgid-Bugs-To: https://wedevs.com/contact/\n"
|
7 |
-
"POT-Creation-Date: 2022-11-
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=utf-8\n"
|
10 |
"Content-Transfer-Encoding: 8bit\n"
|
@@ -1627,7 +1627,7 @@ msgstr ""
|
|
1627 |
msgid "Are you sure ?"
|
1628 |
msgstr ""
|
1629 |
|
1630 |
-
#: includes/Assets.php:585 includes/Product/functions.php:
|
1631 |
#: src/admin/components/AdminNotice.vue:153
|
1632 |
msgid "Are you sure?"
|
1633 |
msgstr ""
|
@@ -2308,7 +2308,7 @@ msgid "You have no permission to view this page"
|
|
2308 |
msgstr ""
|
2309 |
|
2310 |
#: includes/Dashboard/Templates/Products.php:227
|
2311 |
-
#: includes/Product/functions.php:
|
2312 |
msgid "Delete Permanently"
|
2313 |
msgstr ""
|
2314 |
|
@@ -3617,40 +3617,40 @@ msgstr ""
|
|
3617 |
msgid "Hidden"
|
3618 |
msgstr ""
|
3619 |
|
3620 |
-
#: includes/Product/functions.php:
|
3621 |
msgid "Edit"
|
3622 |
msgstr ""
|
3623 |
|
3624 |
-
#: includes/Product/functions.php:
|
3625 |
#: templates/orders/listing.php:162 templates/sub-orders.php:100
|
3626 |
msgid "View"
|
3627 |
msgstr ""
|
3628 |
|
3629 |
-
#: includes/Product/functions.php:
|
3630 |
msgid "Default sorting"
|
3631 |
msgstr ""
|
3632 |
|
3633 |
-
#: includes/Product/functions.php:
|
3634 |
msgid "Sort by popularity"
|
3635 |
msgstr ""
|
3636 |
|
3637 |
-
#: includes/Product/functions.php:
|
3638 |
msgid "Sort by average rating"
|
3639 |
msgstr ""
|
3640 |
|
3641 |
-
#: includes/Product/functions.php:
|
3642 |
msgid "Sort by latest"
|
3643 |
msgstr ""
|
3644 |
|
3645 |
-
#: includes/Product/functions.php:
|
3646 |
msgid "Sort by price: low to high"
|
3647 |
msgstr ""
|
3648 |
|
3649 |
-
#: includes/Product/functions.php:
|
3650 |
msgid "Sort by price: high to low"
|
3651 |
msgstr ""
|
3652 |
|
3653 |
-
#: includes/Product/functions.php:
|
3654 |
msgid "Relevance"
|
3655 |
msgstr ""
|
3656 |
|
2 |
# This file is distributed under the GPL2.
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
+
"Project-Id-Version: Dokan 3.7.6\n"
|
6 |
"Report-Msgid-Bugs-To: https://wedevs.com/contact/\n"
|
7 |
+
"POT-Creation-Date: 2022-11-14 08:42:08+00:00\n"
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=utf-8\n"
|
10 |
"Content-Transfer-Encoding: 8bit\n"
|
1627 |
msgid "Are you sure ?"
|
1628 |
msgstr ""
|
1629 |
|
1630 |
+
#: includes/Assets.php:585 includes/Product/functions.php:498
|
1631 |
#: src/admin/components/AdminNotice.vue:153
|
1632 |
msgid "Are you sure?"
|
1633 |
msgstr ""
|
2308 |
msgstr ""
|
2309 |
|
2310 |
#: includes/Dashboard/Templates/Products.php:227
|
2311 |
+
#: includes/Product/functions.php:488
|
2312 |
msgid "Delete Permanently"
|
2313 |
msgstr ""
|
2314 |
|
3617 |
msgid "Hidden"
|
3618 |
msgstr ""
|
3619 |
|
3620 |
+
#: includes/Product/functions.php:480
|
3621 |
msgid "Edit"
|
3622 |
msgstr ""
|
3623 |
|
3624 |
+
#: includes/Product/functions.php:504 templates/my-orders.php:107
|
3625 |
#: templates/orders/listing.php:162 templates/sub-orders.php:100
|
3626 |
msgid "View"
|
3627 |
msgstr ""
|
3628 |
|
3629 |
+
#: includes/Product/functions.php:595
|
3630 |
msgid "Default sorting"
|
3631 |
msgstr ""
|
3632 |
|
3633 |
+
#: includes/Product/functions.php:596
|
3634 |
msgid "Sort by popularity"
|
3635 |
msgstr ""
|
3636 |
|
3637 |
+
#: includes/Product/functions.php:597
|
3638 |
msgid "Sort by average rating"
|
3639 |
msgstr ""
|
3640 |
|
3641 |
+
#: includes/Product/functions.php:598
|
3642 |
msgid "Sort by latest"
|
3643 |
msgstr ""
|
3644 |
|
3645 |
+
#: includes/Product/functions.php:599
|
3646 |
msgid "Sort by price: low to high"
|
3647 |
msgstr ""
|
3648 |
|
3649 |
+
#: includes/Product/functions.php:600
|
3650 |
msgid "Sort by price: high to low"
|
3651 |
msgstr ""
|
3652 |
|
3653 |
+
#: includes/Product/functions.php:608
|
3654 |
msgid "Relevance"
|
3655 |
msgstr ""
|
3656 |
|
readme.txt
CHANGED
@@ -5,9 +5,9 @@ Tags: WooCommerce multivendor marketplace, multi vendor marketplace, multi selle
|
|
5 |
Requires at least: 5.4
|
6 |
Tested up to: 6.1
|
7 |
WC requires at least: 5.0.0
|
8 |
-
WC tested up to: 7.0
|
9 |
Requires PHP: 7.2
|
10 |
-
Stable tag: 3.7.
|
11 |
License: GPLv2 or later
|
12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
13 |
|
@@ -313,6 +313,10 @@ A. Just install and activate the PRO version without deleting the free plugin. A
|
|
313 |
|
314 |
== Changelog ==
|
315 |
|
|
|
|
|
|
|
|
|
316 |
= v3.7.5 ( Nov 03, 2022 ) =
|
317 |
|
318 |
- **new:** Added a new hook named dokan_store_product_search_results to filter out store product search results closes
|
5 |
Requires at least: 5.4
|
6 |
Tested up to: 6.1
|
7 |
WC requires at least: 5.0.0
|
8 |
+
WC tested up to: 7.1.0
|
9 |
Requires PHP: 7.2
|
10 |
+
Stable tag: 3.7.6
|
11 |
License: GPLv2 or later
|
12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
13 |
|
313 |
|
314 |
== Changelog ==
|
315 |
|
316 |
+
= v3.7.6 ( Nov 14, 2022 ) =
|
317 |
+
|
318 |
+
- **fix:** Fixed a sql security issue while searching for products via ajax from vendor dashboard
|
319 |
+
|
320 |
= v3.7.5 ( Nov 03, 2022 ) =
|
321 |
|
322 |
- **new:** Added a new hook named dokan_store_product_search_results to filter out store product search results closes
|
templates/whats-new.php
CHANGED
@@ -3,6 +3,18 @@
|
|
3 |
* When you are adding new version please follow this sequence for changes: New Feature, New, Improvement, Fix...
|
4 |
*/
|
5 |
$changelog = [
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6 |
[
|
7 |
'version' => 'Version 3.7.5',
|
8 |
'released' => '2022-11-03',
|
3 |
* When you are adding new version please follow this sequence for changes: New Feature, New, Improvement, Fix...
|
4 |
*/
|
5 |
$changelog = [
|
6 |
+
[
|
7 |
+
'version' => 'Version 3.7.6',
|
8 |
+
'released' => '2022-11-14',
|
9 |
+
'changes' => [
|
10 |
+
'Fix' => [
|
11 |
+
[
|
12 |
+
'title' => 'Fixed a sql security issue while searching for products via ajax from vendor dashboard',
|
13 |
+
'description' => '',
|
14 |
+
],
|
15 |
+
],
|
16 |
+
],
|
17 |
+
],
|
18 |
[
|
19 |
'version' => 'Version 3.7.5',
|
20 |
'released' => '2022-11-03',
|
vendor/autoload.php
CHANGED
@@ -4,4 +4,4 @@
|
|
4 |
|
5 |
require_once __DIR__ . '/composer/autoload_real.php';
|
6 |
|
7 |
-
return
|
4 |
|
5 |
require_once __DIR__ . '/composer/autoload_real.php';
|
6 |
|
7 |
+
return ComposerAutoloaderInitab2d8fd779b042e8682a7be7e630b197::getLoader();
|
vendor/composer/autoload_real.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
|
3 |
// autoload_real.php @generated by Composer
|
4 |
|
5 |
-
class
|
6 |
{
|
7 |
private static $loader;
|
8 |
|
@@ -24,15 +24,15 @@ class ComposerAutoloaderInit4988d2bc9920e5f02681f8568e64dff9
|
|
24 |
|
25 |
require __DIR__ . '/platform_check.php';
|
26 |
|
27 |
-
spl_autoload_register(array('
|
28 |
self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
|
29 |
-
spl_autoload_unregister(array('
|
30 |
|
31 |
$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
|
32 |
if ($useStaticLoader) {
|
33 |
require __DIR__ . '/autoload_static.php';
|
34 |
|
35 |
-
call_user_func(\Composer\Autoload\
|
36 |
} else {
|
37 |
$map = require __DIR__ . '/autoload_namespaces.php';
|
38 |
foreach ($map as $namespace => $path) {
|
@@ -53,12 +53,12 @@ class ComposerAutoloaderInit4988d2bc9920e5f02681f8568e64dff9
|
|
53 |
$loader->register(true);
|
54 |
|
55 |
if ($useStaticLoader) {
|
56 |
-
$includeFiles = Composer\Autoload\
|
57 |
} else {
|
58 |
$includeFiles = require __DIR__ . '/autoload_files.php';
|
59 |
}
|
60 |
foreach ($includeFiles as $fileIdentifier => $file) {
|
61 |
-
|
62 |
}
|
63 |
|
64 |
return $loader;
|
@@ -70,7 +70,7 @@ class ComposerAutoloaderInit4988d2bc9920e5f02681f8568e64dff9
|
|
70 |
* @param string $file
|
71 |
* @return void
|
72 |
*/
|
73 |
-
function
|
74 |
{
|
75 |
if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
|
76 |
$GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
|
2 |
|
3 |
// autoload_real.php @generated by Composer
|
4 |
|
5 |
+
class ComposerAutoloaderInitab2d8fd779b042e8682a7be7e630b197
|
6 |
{
|
7 |
private static $loader;
|
8 |
|
24 |
|
25 |
require __DIR__ . '/platform_check.php';
|
26 |
|
27 |
+
spl_autoload_register(array('ComposerAutoloaderInitab2d8fd779b042e8682a7be7e630b197', 'loadClassLoader'), true, true);
|
28 |
self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
|
29 |
+
spl_autoload_unregister(array('ComposerAutoloaderInitab2d8fd779b042e8682a7be7e630b197', 'loadClassLoader'));
|
30 |
|
31 |
$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
|
32 |
if ($useStaticLoader) {
|
33 |
require __DIR__ . '/autoload_static.php';
|
34 |
|
35 |
+
call_user_func(\Composer\Autoload\ComposerStaticInitab2d8fd779b042e8682a7be7e630b197::getInitializer($loader));
|
36 |
} else {
|
37 |
$map = require __DIR__ . '/autoload_namespaces.php';
|
38 |
foreach ($map as $namespace => $path) {
|
53 |
$loader->register(true);
|
54 |
|
55 |
if ($useStaticLoader) {
|
56 |
+
$includeFiles = Composer\Autoload\ComposerStaticInitab2d8fd779b042e8682a7be7e630b197::$files;
|
57 |
} else {
|
58 |
$includeFiles = require __DIR__ . '/autoload_files.php';
|
59 |
}
|
60 |
foreach ($includeFiles as $fileIdentifier => $file) {
|
61 |
+
composerRequireab2d8fd779b042e8682a7be7e630b197($fileIdentifier, $file);
|
62 |
}
|
63 |
|
64 |
return $loader;
|
70 |
* @param string $file
|
71 |
* @return void
|
72 |
*/
|
73 |
+
function composerRequireab2d8fd779b042e8682a7be7e630b197($fileIdentifier, $file)
|
74 |
{
|
75 |
if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
|
76 |
$GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
|
vendor/composer/autoload_static.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
|
5 |
namespace Composer\Autoload;
|
6 |
|
7 |
-
class
|
8 |
{
|
9 |
public static $files = array (
|
10 |
'b45b351e6b6f7487d819961fef2fda77' => __DIR__ . '/..' . '/jakeasmith/http_build_url/src/http_build_url.php',
|
@@ -250,9 +250,9 @@ class ComposerStaticInit4988d2bc9920e5f02681f8568e64dff9
|
|
250 |
public static function getInitializer(ClassLoader $loader)
|
251 |
{
|
252 |
return \Closure::bind(function () use ($loader) {
|
253 |
-
$loader->prefixLengthsPsr4 =
|
254 |
-
$loader->prefixDirsPsr4 =
|
255 |
-
$loader->classMap =
|
256 |
|
257 |
}, null, ClassLoader::class);
|
258 |
}
|
4 |
|
5 |
namespace Composer\Autoload;
|
6 |
|
7 |
+
class ComposerStaticInitab2d8fd779b042e8682a7be7e630b197
|
8 |
{
|
9 |
public static $files = array (
|
10 |
'b45b351e6b6f7487d819961fef2fda77' => __DIR__ . '/..' . '/jakeasmith/http_build_url/src/http_build_url.php',
|
250 |
public static function getInitializer(ClassLoader $loader)
|
251 |
{
|
252 |
return \Closure::bind(function () use ($loader) {
|
253 |
+
$loader->prefixLengthsPsr4 = ComposerStaticInitab2d8fd779b042e8682a7be7e630b197::$prefixLengthsPsr4;
|
254 |
+
$loader->prefixDirsPsr4 = ComposerStaticInitab2d8fd779b042e8682a7be7e630b197::$prefixDirsPsr4;
|
255 |
+
$loader->classMap = ComposerStaticInitab2d8fd779b042e8682a7be7e630b197::$classMap;
|
256 |
|
257 |
}, null, ClassLoader::class);
|
258 |
}
|