Version Description
- Security fixes to prevent Reflected Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF), thanks to Application Security for reporting
Download this release
Release Info
| Developer | carazo |
| Plugin |  Import users from CSV with meta |
| Version | 1.14.0.3 |
| Comparing to | |
| See all releases | |
Code changes from version 1.14.0.2 to 1.14.0.3
- classes/email-options.php +2 -0
- import-users-from-csv-with-meta.php +21 -11
- include/shortcode-frontend.php +3 -2
- readme.txt +18 -1
classes/email-options.php
CHANGED
|
@@ -81,6 +81,8 @@ class ACUI_Email_Options{
|
|
| 81 |
|
| 82 |
<br/>
|
| 83 |
<input class="button-primary" type="submit" value="<?php _e( 'Save email template and options', 'import-users-from-csv-with-meta'); ?>" id="save_mail_template_options"/>
|
|
|
|
|
|
|
| 84 |
|
| 85 |
<?php ACUI_Email_Template::email_templates_edit_form_after_editor(); ?>
|
| 86 |
|
| 81 |
|
| 82 |
<br/>
|
| 83 |
<input class="button-primary" type="submit" value="<?php _e( 'Save email template and options', 'import-users-from-csv-with-meta'); ?>" id="save_mail_template_options"/>
|
| 84 |
+
|
| 85 |
+
<?php wp_nonce_field( 'codection-security', 'nonce' ); ?>
|
| 86 |
|
| 87 |
<?php ACUI_Email_Template::email_templates_edit_form_after_editor(); ?>
|
| 88 |
|
import-users-from-csv-with-meta.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: Import users from CSV with meta
|
| 4 |
Plugin URI: https://www.codection.com
|
| 5 |
Description: This plugins allows to import users using CSV files to WP database automatically
|
| 6 |
-
Version: 1.14.0.
|
| 7 |
Author: codection
|
| 8 |
Author URI: https://codection.com
|
| 9 |
License: GPL2
|
|
@@ -308,7 +308,7 @@ function acui_admin_tabs( $current = 'homepage' ) {
|
|
| 308 |
|
| 309 |
function acui_fileupload_process( $form_data, $is_cron = false, $is_frontend = false ) {
|
| 310 |
if ( !( $is_cron || $is_frontend ) && ( ! isset( $_POST['acui-nonce'] ) || ! wp_verify_nonce( $_POST['acui-nonce'], 'acui-import' ) ) ){
|
| 311 |
-
wp_die( 'Nonce
|
| 312 |
}
|
| 313 |
|
| 314 |
$path_to_file = $form_data["path_to_file"];
|
|
@@ -428,20 +428,30 @@ function acui_manage_extra_profile_fields( $form_data ){
|
|
| 428 |
}
|
| 429 |
|
| 430 |
function acui_save_mail_template( $form_data ){
|
| 431 |
-
|
| 432 |
-
|
| 433 |
-
|
| 434 |
-
|
| 435 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 436 |
|
| 437 |
if( !empty( $form_data["template_id"] ) ){
|
| 438 |
wp_update_post( array(
|
| 439 |
-
'ID' => $
|
| 440 |
-
'post_title' => $
|
| 441 |
-
'post_content' => $
|
| 442 |
) );
|
| 443 |
|
| 444 |
-
update_post_meta( $form_data["template_id"], 'email_template_attachment_id', $
|
| 445 |
}
|
| 446 |
?>
|
| 447 |
<div class="updated">
|
| 3 |
Plugin Name: Import users from CSV with meta
|
| 4 |
Plugin URI: https://www.codection.com
|
| 5 |
Description: This plugins allows to import users using CSV files to WP database automatically
|
| 6 |
+
Version: 1.14.0.3
|
| 7 |
Author: codection
|
| 8 |
Author URI: https://codection.com
|
| 9 |
License: GPL2
|
| 308 |
|
| 309 |
function acui_fileupload_process( $form_data, $is_cron = false, $is_frontend = false ) {
|
| 310 |
if ( !( $is_cron || $is_frontend ) && ( ! isset( $_POST['acui-nonce'] ) || ! wp_verify_nonce( $_POST['acui-nonce'], 'acui-import' ) ) ){
|
| 311 |
+
wp_die( __( 'Nonce check failed', 'import-users-from-csv-with-meta' ) );
|
| 312 |
}
|
| 313 |
|
| 314 |
$path_to_file = $form_data["path_to_file"];
|
| 428 |
}
|
| 429 |
|
| 430 |
function acui_save_mail_template( $form_data ){
|
| 431 |
+
if ( !isset( $form_data['nonce'] ) || ! wp_verify_nonce( $_POST['nonce'], 'codection-security' ) ) {
|
| 432 |
+
wp_die( __( 'Nonce check failed', 'import-users-from-csv-with-meta' ) );
|
| 433 |
+
}
|
| 434 |
+
|
| 435 |
+
$automattic_wordpress_email = sanitize_text_field( $form_data["automattic_wordpress_email"] );
|
| 436 |
+
$subject_mail = sanitize_text_field( $form_data["subject_mail"] );
|
| 437 |
+
$body_mail = sanitize_textarea_field( $form_data["body_mail"] );
|
| 438 |
+
$template_id = intval( $form_data["template_id"] );
|
| 439 |
+
$email_template_attachment_id = intval( $form_data["email_template_attachment_id"] );
|
| 440 |
+
|
| 441 |
+
update_option( "acui_automatic_wordpress_email", $automattic_wordpress_email );
|
| 442 |
+
update_option( "acui_mail_subject", $subject_mail );
|
| 443 |
+
update_option( "acui_mail_body", $body_mail );
|
| 444 |
+
update_option( "acui_mail_template_id", $template_id );
|
| 445 |
+
update_option( "acui_mail_attachment_id", $email_template_attachment_id );
|
| 446 |
|
| 447 |
if( !empty( $form_data["template_id"] ) ){
|
| 448 |
wp_update_post( array(
|
| 449 |
+
'ID' => $template_id,
|
| 450 |
+
'post_title' => $subject_mail,
|
| 451 |
+
'post_content' => $body_mail,
|
| 452 |
) );
|
| 453 |
|
| 454 |
+
update_post_meta( $form_data["template_id"], 'email_template_attachment_id', $email_template_attachment_id );
|
| 455 |
}
|
| 456 |
?>
|
| 457 |
<div class="updated">
|
include/shortcode-frontend.php
CHANGED
|
@@ -8,8 +8,9 @@ function acui_frontend() {
|
|
| 8 |
|
| 9 |
if ( $_FILES && !empty( $_POST ) ) {
|
| 10 |
$nonce = $_POST['acui_nonce'];
|
| 11 |
-
if ( !isset( $nonce ) || !wp_verify_nonce( $nonce, 'codection-security' ) )
|
| 12 |
-
|
|
|
|
| 13 |
|
| 14 |
foreach ( $_FILES as $file => $array ) {
|
| 15 |
$csv_file_id = acui_frontend_upload_file( $file );
|
| 8 |
|
| 9 |
if ( $_FILES && !empty( $_POST ) ) {
|
| 10 |
$nonce = $_POST['acui_nonce'];
|
| 11 |
+
if ( !isset( $nonce ) || !wp_verify_nonce( $nonce, 'codection-security' ) ){
|
| 12 |
+
wp_die( __( 'Nonce check failed', 'import-users-from-csv-with-meta' ) );
|
| 13 |
+
}
|
| 14 |
|
| 15 |
foreach ( $_FILES as $file => $array ) {
|
| 16 |
$csv_file_id = acui_frontend_upload_file( $file );
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: http://paypal.me/codection
|
|
| 4 |
Tags: csv, import, importer, meta data, meta, user, users, user meta, editor, profile, custom, fields, delimiter, update, insert
|
| 5 |
Requires at least: 3.4
|
| 6 |
Tested up to: 5.1
|
| 7 |
-
Stable tag: 1.14.0.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -26,6 +26,20 @@ Clean and easy-to-use Import users plugin. It includes custom user meta to be in
|
|
| 26 |
* Read our documentation
|
| 27 |
* Ask anything in support forum, we try to give the best support
|
| 28 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 29 |
In Codection we have more plugins, please take a look to them.
|
| 30 |
|
| 31 |
* [RedSys Gateway for WooCommerce Pro a plugin to connect your WooCommerce to RedSys](https://codection.com/producto/redsys-gateway-for-woocommerce) (premium)
|
|
@@ -74,6 +88,9 @@ Plugin will automatically detect:
|
|
| 74 |
|
| 75 |
== Changelog ==
|
| 76 |
|
|
|
|
|
|
|
|
|
|
| 77 |
= 1.14.0.2 =
|
| 78 |
* get_users used memory improved filtering fields returned, thanks to @shortcutsolutions (https://wordpress.org/support/topic/import-page-no-longer-has-submit-button/#post-11309862)
|
| 79 |
|
| 4 |
Tags: csv, import, importer, meta data, meta, user, users, user meta, editor, profile, custom, fields, delimiter, update, insert
|
| 5 |
Requires at least: 3.4
|
| 6 |
Tested up to: 5.1
|
| 7 |
+
Stable tag: 1.14.0.3
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 26 |
* Read our documentation
|
| 27 |
* Ask anything in support forum, we try to give the best support
|
| 28 |
|
| 29 |
+
Moreover this plugin is compatible with:
|
| 30 |
+
|
| 31 |
+
* WooCommerce: to import the customer data
|
| 32 |
+
* WooCommerce Membership: to import memberships
|
| 33 |
+
* BuddyPress: to import custom BuddyPress fields, groups and roles
|
| 34 |
+
* Paid Membership Pro: to import memberships
|
| 35 |
+
* Indeed Ultimate Membership Pro: to import memberships
|
| 36 |
+
* Allow Multiple Accounts: plugin will allow the same rules importing than this plugin
|
| 37 |
+
* New User Approve: you can import users and approbe/wait for approve them
|
| 38 |
+
* Users Group: to assign users to groups while importing
|
| 39 |
+
* WP LMS Course: to enroll users in the courses while importing
|
| 40 |
+
* WP Members: to import memberships
|
| 41 |
+
* WP Users Group: to assign users to groups while importing
|
| 42 |
+
|
| 43 |
In Codection we have more plugins, please take a look to them.
|
| 44 |
|
| 45 |
* [RedSys Gateway for WooCommerce Pro a plugin to connect your WooCommerce to RedSys](https://codection.com/producto/redsys-gateway-for-woocommerce) (premium)
|
| 88 |
|
| 89 |
== Changelog ==
|
| 90 |
|
| 91 |
+
= 1.14.0.3 =
|
| 92 |
+
* Security fixes to prevent Reflected Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF), thanks to Application Security for reporting
|
| 93 |
+
|
| 94 |
= 1.14.0.2 =
|
| 95 |
* get_users used memory improved filtering fields returned, thanks to @shortcutsolutions (https://wordpress.org/support/topic/import-page-no-longer-has-submit-button/#post-11309862)
|
| 96 |
|
