Version Description
- 2020-02-25 =
- Added security nonce to settings form
Download this release
Release Info
Developer | wpdesk |
Plugin | Flexible Checkout Fields for WooCommerce – WooCommerce Checkout Manager |
Version | 2.3.3 |
Comparing to | |
See all releases |
Code changes from version 2.3.2 to 2.3.3
- classes/settings.php +14 -7
- classes/views/settings-fields.php +4 -0
- classes/views/settings-settings.php +4 -1
- flexible-checkout-fields.php +2 -2
- readme.txt +4 -1
- vendor/autoload.php +1 -1
- vendor/composer/autoload_real.php +4 -4
- vendor/composer/autoload_static.php +4 -4
classes/settings.php
CHANGED
@@ -3,6 +3,9 @@
|
|
3 |
|
4 |
class Flexible_Checkout_Fields_Settings {
|
5 |
|
|
|
|
|
|
|
6 |
/**
|
7 |
* Fields requirement controlled by woocommerce.
|
8 |
*
|
@@ -180,7 +183,7 @@
|
|
180 |
case 'settings':
|
181 |
|
182 |
$args = array(
|
183 |
-
'plugin' => $this->plugin
|
184 |
);
|
185 |
|
186 |
include( 'views/settings-settings.php' );
|
@@ -203,9 +206,9 @@
|
|
203 |
default:
|
204 |
|
205 |
$args = array(
|
206 |
-
|
207 |
-
|
208 |
-
|
209 |
);
|
210 |
|
211 |
$fields_requirement_controlled_by_woocommerce = $this->fields_requirement_controlled_by_woocommerce;
|
@@ -270,9 +273,13 @@
|
|
270 |
|
271 |
if ( current_user_can( 'manage_options' ) && ! empty( $_POST ) ) {
|
272 |
if ( !empty($_POST['option_page']) && in_array( $_POST['option_page'], array('inspire_checkout_fields_settings', 'inspire_checkout_fields_checkboxes') ) ) {
|
273 |
-
|
274 |
-
|
275 |
-
|
|
|
|
|
|
|
|
|
276 |
|
277 |
foreach ( $_POST[$this->plugin->get_namespace()] as $name => $value ) {
|
278 |
$settings = get_option( 'inspire_checkout_fields_' . $name, array() );
|
3 |
|
4 |
class Flexible_Checkout_Fields_Settings {
|
5 |
|
6 |
+
const SECURITY_NONCE_NAME = 'fcf_settings';
|
7 |
+
const SECURITY_NONCE_FIELD = 'inspire_checkout_fields_security';
|
8 |
+
|
9 |
/**
|
10 |
* Fields requirement controlled by woocommerce.
|
11 |
*
|
183 |
case 'settings':
|
184 |
|
185 |
$args = array(
|
186 |
+
'plugin' => $this->plugin,
|
187 |
);
|
188 |
|
189 |
include( 'views/settings-settings.php' );
|
206 |
default:
|
207 |
|
208 |
$args = array(
|
209 |
+
'plugin' => $this->plugin,
|
210 |
+
'checkout_fields' => $checkout_fields,
|
211 |
+
'show_ads' => $activation_tracker->is_activated_more_than_two_weeks(),
|
212 |
);
|
213 |
|
214 |
$fields_requirement_controlled_by_woocommerce = $this->fields_requirement_controlled_by_woocommerce;
|
273 |
|
274 |
if ( current_user_can( 'manage_options' ) && ! empty( $_POST ) ) {
|
275 |
if ( !empty($_POST['option_page']) && in_array( $_POST['option_page'], array('inspire_checkout_fields_settings', 'inspire_checkout_fields_checkboxes') ) ) {
|
276 |
+
|
277 |
+
$nonce = $_REQUEST[self::SECURITY_NONCE_FIELD];
|
278 |
+
if ( ! wp_verify_nonce( $nonce, Flexible_Checkout_Fields_Settings::SECURITY_NONCE_NAME ) ) {
|
279 |
+
wp_die( __( 'Flexible Checkout Fields: security check error. Fields not saved!', 'flexible-checkout-fields' ) );
|
280 |
+
}
|
281 |
+
|
282 |
+
if ( !empty( $_POST[$this->plugin->get_namespace()] ) ) {
|
283 |
|
284 |
foreach ( $_POST[$this->plugin->get_namespace()] as $name => $value ) {
|
285 |
$settings = get_option( 'inspire_checkout_fields_' . $name, array() );
|
classes/views/settings-fields.php
CHANGED
@@ -1,4 +1,5 @@
|
|
1 |
<?php
|
|
|
2 |
global $woocommerce;
|
3 |
|
4 |
$checkout_fields = $args['checkout_fields'];
|
@@ -516,6 +517,9 @@ $validation_options = $this->plugin->field_validation->get_validation_options( $
|
|
516 |
|
517 |
<div id="nav-menu-footer">
|
518 |
<div class="major-publishing-actions wp-clearfix">
|
|
|
|
|
|
|
519 |
<input type="submit" name=""
|
520 |
value="<?php _e( 'Save Changes', 'flexible-checkout-fields' ) ?>"
|
521 |
class="button button-primary">
|
1 |
<?php
|
2 |
+
|
3 |
global $woocommerce;
|
4 |
|
5 |
$checkout_fields = $args['checkout_fields'];
|
517 |
|
518 |
<div id="nav-menu-footer">
|
519 |
<div class="major-publishing-actions wp-clearfix">
|
520 |
+
<input type="hidden"
|
521 |
+
name="<?php echo esc_attr( Flexible_Checkout_Fields_Settings::SECURITY_NONCE_FIELD ); ?>"
|
522 |
+
value="<?php echo esc_attr( wp_create_nonce( Flexible_Checkout_Fields_Settings::SECURITY_NONCE_NAME ) ); ?>">
|
523 |
<input type="submit" name=""
|
524 |
value="<?php _e( 'Save Changes', 'flexible-checkout-fields' ) ?>"
|
525 |
class="button button-primary">
|
classes/views/settings-settings.php
CHANGED
@@ -32,6 +32,9 @@
|
|
32 |
<?php do_action('woocommerce_checkout_fields_after_display_tab_settings'); ?>
|
33 |
|
34 |
<p class="submit">
|
35 |
-
|
|
|
|
|
|
|
36 |
</p>
|
37 |
</form>
|
32 |
<?php do_action('woocommerce_checkout_fields_after_display_tab_settings'); ?>
|
33 |
|
34 |
<p class="submit">
|
35 |
+
<input type="hidden"
|
36 |
+
name="<?php echo esc_attr( Flexible_Checkout_Fields_Settings::SECURITY_NONCE_FIELD ); ?>"
|
37 |
+
value="<?php echo esc_attr( wp_create_nonce( Flexible_Checkout_Fields_Settings::SECURITY_NONCE_NAME ) ); ?>">
|
38 |
+
<input type="submit" value="<?php _e( 'Save Changes', 'flexible-checkout-fields' ); ?>" class="button button-primary" id="submit" name="">
|
39 |
</p>
|
40 |
</form>
|
flexible-checkout-fields.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: Flexible Checkout Fields
|
4 |
Plugin URI: https://www.wpdesk.net/products/flexible-checkout-fields-pro-woocommerce/
|
5 |
Description: Manage your WooCommerce checkout fields. Change order, labels, placeholders and add new fields.
|
6 |
-
Version: 2.3.
|
7 |
Author: WP Desk
|
8 |
Author URI: https://www.wpdesk.net/
|
9 |
Text Domain: flexible-checkout-fields
|
@@ -37,7 +37,7 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
37 |
|
38 |
|
39 |
/* THESE TWO VARIABLES CAN BE CHANGED AUTOMATICALLY */
|
40 |
-
$plugin_version = '2.3.
|
41 |
$plugin_release_timestamp = '2020-02-17 23:19';
|
42 |
|
43 |
define( 'FLEXIBLE_CHECKOUT_FIELDS_VERSION', $plugin_version );
|
3 |
Plugin Name: Flexible Checkout Fields
|
4 |
Plugin URI: https://www.wpdesk.net/products/flexible-checkout-fields-pro-woocommerce/
|
5 |
Description: Manage your WooCommerce checkout fields. Change order, labels, placeholders and add new fields.
|
6 |
+
Version: 2.3.3
|
7 |
Author: WP Desk
|
8 |
Author URI: https://www.wpdesk.net/
|
9 |
Text Domain: flexible-checkout-fields
|
37 |
|
38 |
|
39 |
/* THESE TWO VARIABLES CAN BE CHANGED AUTOMATICALLY */
|
40 |
+
$plugin_version = '2.3.3';
|
41 |
$plugin_release_timestamp = '2020-02-17 23:19';
|
42 |
|
43 |
define( 'FLEXIBLE_CHECKOUT_FIELDS_VERSION', $plugin_version );
|
readme.txt
CHANGED
@@ -5,7 +5,7 @@ Donate link: https://www.wpdesk.net/flexible-checkout-fields-woocommerce/
|
|
5 |
Tags: woocommerce checkout fields, woocommerce custom fields, woocommerce checkout manager, woocommerce checkout editor, woocommerce fields manager, woocommerce fields editor, woocommerce custom checkout fields, woocommerce checkout options, woocommerce checkout pro, woocommerce custom sections, woocommerce file upload
|
6 |
Requires at least: 4.5
|
7 |
Tested up to: 5.3.2
|
8 |
-
Stable tag: 2.3.
|
9 |
Requires PHP: 5.6
|
10 |
License: GPLv3 or later
|
11 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
@@ -193,6 +193,9 @@ If you are upgrading from the old WooCommerce Checkout Fields version (1.1, wooc
|
|
193 |
|
194 |
== Changelog ==
|
195 |
|
|
|
|
|
|
|
196 |
= 2.3.2 - 2020-02-25 =
|
197 |
* Fixed security issue on settings update
|
198 |
|
5 |
Tags: woocommerce checkout fields, woocommerce custom fields, woocommerce checkout manager, woocommerce checkout editor, woocommerce fields manager, woocommerce fields editor, woocommerce custom checkout fields, woocommerce checkout options, woocommerce checkout pro, woocommerce custom sections, woocommerce file upload
|
6 |
Requires at least: 4.5
|
7 |
Tested up to: 5.3.2
|
8 |
+
Stable tag: 2.3.3
|
9 |
Requires PHP: 5.6
|
10 |
License: GPLv3 or later
|
11 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
193 |
|
194 |
== Changelog ==
|
195 |
|
196 |
+
= 2.3.3 - 2020-02-25 =
|
197 |
+
* Added security nonce to settings form
|
198 |
+
|
199 |
= 2.3.2 - 2020-02-25 =
|
200 |
* Fixed security issue on settings update
|
201 |
|
vendor/autoload.php
CHANGED
@@ -4,4 +4,4 @@
|
|
4 |
|
5 |
require_once __DIR__ . '/composer/autoload_real.php';
|
6 |
|
7 |
-
return
|
4 |
|
5 |
require_once __DIR__ . '/composer/autoload_real.php';
|
6 |
|
7 |
+
return ComposerAutoloaderInite52b7af303d364c315ea18bbe592c641::getLoader();
|
vendor/composer/autoload_real.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
|
3 |
// autoload_real.php @generated by Composer
|
4 |
|
5 |
-
class
|
6 |
{
|
7 |
private static $loader;
|
8 |
|
@@ -19,15 +19,15 @@ class ComposerAutoloaderInit8937fa239c9794673eb03238cbff435e
|
|
19 |
return self::$loader;
|
20 |
}
|
21 |
|
22 |
-
spl_autoload_register(array('
|
23 |
self::$loader = $loader = new \Composer\Autoload\ClassLoader();
|
24 |
-
spl_autoload_unregister(array('
|
25 |
|
26 |
$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
|
27 |
if ($useStaticLoader) {
|
28 |
require_once __DIR__ . '/autoload_static.php';
|
29 |
|
30 |
-
call_user_func(\Composer\Autoload\
|
31 |
} else {
|
32 |
$map = require __DIR__ . '/autoload_namespaces.php';
|
33 |
foreach ($map as $namespace => $path) {
|
2 |
|
3 |
// autoload_real.php @generated by Composer
|
4 |
|
5 |
+
class ComposerAutoloaderInite52b7af303d364c315ea18bbe592c641
|
6 |
{
|
7 |
private static $loader;
|
8 |
|
19 |
return self::$loader;
|
20 |
}
|
21 |
|
22 |
+
spl_autoload_register(array('ComposerAutoloaderInite52b7af303d364c315ea18bbe592c641', 'loadClassLoader'), true, true);
|
23 |
self::$loader = $loader = new \Composer\Autoload\ClassLoader();
|
24 |
+
spl_autoload_unregister(array('ComposerAutoloaderInite52b7af303d364c315ea18bbe592c641', 'loadClassLoader'));
|
25 |
|
26 |
$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
|
27 |
if ($useStaticLoader) {
|
28 |
require_once __DIR__ . '/autoload_static.php';
|
29 |
|
30 |
+
call_user_func(\Composer\Autoload\ComposerStaticInite52b7af303d364c315ea18bbe592c641::getInitializer($loader));
|
31 |
} else {
|
32 |
$map = require __DIR__ . '/autoload_namespaces.php';
|
33 |
foreach ($map as $namespace => $path) {
|
vendor/composer/autoload_static.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
|
5 |
namespace Composer\Autoload;
|
6 |
|
7 |
-
class
|
8 |
{
|
9 |
public static $prefixLengthsPsr4 = array (
|
10 |
'P' =>
|
@@ -267,9 +267,9 @@ class ComposerStaticInit8937fa239c9794673eb03238cbff435e
|
|
267 |
public static function getInitializer(ClassLoader $loader)
|
268 |
{
|
269 |
return \Closure::bind(function () use ($loader) {
|
270 |
-
$loader->prefixLengthsPsr4 =
|
271 |
-
$loader->prefixDirsPsr4 =
|
272 |
-
$loader->classMap =
|
273 |
|
274 |
}, null, ClassLoader::class);
|
275 |
}
|
4 |
|
5 |
namespace Composer\Autoload;
|
6 |
|
7 |
+
class ComposerStaticInite52b7af303d364c315ea18bbe592c641
|
8 |
{
|
9 |
public static $prefixLengthsPsr4 = array (
|
10 |
'P' =>
|
267 |
public static function getInitializer(ClassLoader $loader)
|
268 |
{
|
269 |
return \Closure::bind(function () use ($loader) {
|
270 |
+
$loader->prefixLengthsPsr4 = ComposerStaticInite52b7af303d364c315ea18bbe592c641::$prefixLengthsPsr4;
|
271 |
+
$loader->prefixDirsPsr4 = ComposerStaticInite52b7af303d364c315ea18bbe592c641::$prefixDirsPsr4;
|
272 |
+
$loader->classMap = ComposerStaticInite52b7af303d364c315ea18bbe592c641::$classMap;
|
273 |
|
274 |
}, null, ClassLoader::class);
|
275 |
}
|