MapPress Easy Google Maps - Version 2.54.4

Version Description

  • Added: authorization checks added for saving maps ('edit_posts') and templates ('manage_options')
Download this release

Release Info

Developer chrisvrichardson
Plugin Icon 128x128 MapPress Easy Google Maps
Version 2.54.4
Comparing to
See all releases

Code changes from version 2.54.3 to 2.54.4

Files changed (5) hide show
  1. languages/mappress-google-maps-for-wordpress.pot +3 -3
  2. mappress.php +2 -2
  3. mappress_map.php +6 -0
  4. mappress_template.php +8 -0
  5. readme.txt +5 -2
languages/mappress-google-maps-for-wordpress.pot CHANGED
@@ -2,14 +2,14 @@
2
  # This file is distributed under the same license as the MapPress Maps for WordPress plugin.
3
  msgid ""
4
  msgstr ""
5
- "Project-Id-Version: MapPress Maps for WordPress 2.54.3\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/mappress-google-maps-for-wordpress\n"
7
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8
  "Language-Team: LANGUAGE <LL@li.org>\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
12
- "POT-Creation-Date: 2020-04-14T21:15:21+00:00\n"
13
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14
  "X-Generator: WP-CLI 2.4.0\n"
15
 
@@ -275,7 +275,7 @@ msgstr ""
275
  msgid "Map not found"
276
  msgstr ""
277
 
278
- #: mappress_map.php:420
279
  #: pro/mappress_pro_settings.php:37
280
  msgid "Filter"
281
  msgstr ""
2
  # This file is distributed under the same license as the MapPress Maps for WordPress plugin.
3
  msgid ""
4
  msgstr ""
5
+ "Project-Id-Version: MapPress Maps for WordPress 2.54.4\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/mappress-google-maps-for-wordpress\n"
7
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8
  "Language-Team: LANGUAGE <LL@li.org>\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
12
+ "POT-Creation-Date: 2020-05-02T00:25:47+00:00\n"
13
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14
  "X-Generator: WP-CLI 2.4.0\n"
15
 
275
  msgid "Map not found"
276
  msgstr ""
277
 
278
+ #: mappress_map.php:426
279
  #: pro/mappress_pro_settings.php:37
280
  msgid "Filter"
281
  msgstr ""
mappress.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: MapPress Maps for WordPress
4
  Plugin URI: https://www.mappresspro.com/mappress
5
  Author URI: https://www.mappresspro.com/chris-contact
6
  Description: MapPress makes it easy to add Google and Leaflet Maps to WordPress
7
- Version: 2.54.3
8
  Author: Chris Richardson
9
  Text Domain: mappress-google-maps-for-wordpress
10
  Thanks to all the translators and to Matthias Stasiak for his wonderful icons (http://code.google.com/p/google-maps-icons/)
@@ -35,7 +35,7 @@ if (is_dir(dirname( __FILE__ ) . '/pro')) {
35
  }
36
 
37
  class Mappress {
38
- const VERSION = '2.54.3';
39
 
40
  static
41
  $baseurl,
4
  Plugin URI: https://www.mappresspro.com/mappress
5
  Author URI: https://www.mappresspro.com/chris-contact
6
  Description: MapPress makes it easy to add Google and Leaflet Maps to WordPress
7
+ Version: 2.54.4
8
  Author: Chris Richardson
9
  Text Domain: mappress-google-maps-for-wordpress
10
  Thanks to all the translators and to Matthias Stasiak for his wonderful icons (http://code.google.com/p/google-maps-icons/)
35
  }
36
 
37
  class Mappress {
38
+ const VERSION = '2.54.4';
39
 
40
  static
41
  $baseurl,
mappress_map.php CHANGED
@@ -234,6 +234,9 @@ class Mappress_Map extends Mappress_Obj {
234
  static function ajax_save() {
235
  check_ajax_referer('mappress', 'nonce');
236
 
 
 
 
237
  ob_start();
238
  $mapdata = (isset($_POST['map'])) ? json_decode(stripslashes($_POST['map']), true) : null;
239
 
@@ -278,6 +281,9 @@ class Mappress_Map extends Mappress_Obj {
278
  static function ajax_delete() {
279
  check_ajax_referer('mappress', 'nonce');
280
 
 
 
 
281
  ob_start();
282
  $mapid = (isset($_POST['mapid'])) ? $_POST['mapid'] : null;
283
  $result = Mappress_Map::delete($mapid);
234
  static function ajax_save() {
235
  check_ajax_referer('mappress', 'nonce');
236
 
237
+ if (!current_user_can('edit_posts'))
238
+ Mappress::ajax_response('Not authorized');
239
+
240
  ob_start();
241
  $mapdata = (isset($_POST['map'])) ? json_decode(stripslashes($_POST['map']), true) : null;
242
 
281
  static function ajax_delete() {
282
  check_ajax_referer('mappress', 'nonce');
283
 
284
+ if (!current_user_can('edit_posts'))
285
+ Mappress::ajax_response('Not authorized');
286
+
287
  ob_start();
288
  $mapid = (isset($_POST['mapid'])) ? $_POST['mapid'] : null;
289
  $result = Mappress_Map::delete($mapid);
mappress_template.php CHANGED
@@ -42,6 +42,10 @@ class Mappress_Template extends Mappress_Obj {
42
 
43
  static function ajax_delete() {
44
  check_ajax_referer('mappress', 'nonce');
 
 
 
 
45
  $name = (isset($_POST['name'])) ? $_POST['name'] : null;
46
  $filepath = get_stylesheet_directory() . '/' . $name . '.php';
47
 
@@ -79,6 +83,10 @@ class Mappress_Template extends Mappress_Obj {
79
 
80
  static function ajax_save() {
81
  check_ajax_referer('mappress', 'nonce');
 
 
 
 
82
  $name = (isset($_POST['name'])) ? $_POST['name'] : null;
83
  $content = (isset($_POST['content'])) ? stripslashes($_POST['content']) : null;
84
  $filepath = get_stylesheet_directory() . '/' . $name . '.php';
42
 
43
  static function ajax_delete() {
44
  check_ajax_referer('mappress', 'nonce');
45
+
46
+ if (!current_user_can('manage_options'))
47
+ Mappress::ajax_response('Not authorized');
48
+
49
  $name = (isset($_POST['name'])) ? $_POST['name'] : null;
50
  $filepath = get_stylesheet_directory() . '/' . $name . '.php';
51
 
83
 
84
  static function ajax_save() {
85
  check_ajax_referer('mappress', 'nonce');
86
+
87
+ if (!current_user_can('manage_options'))
88
+ Mappress::ajax_response('Not authorized');
89
+
90
  $name = (isset($_POST['name'])) ? $_POST['name'] : null;
91
  $content = (isset($_POST['content'])) ? stripslashes($_POST['content']) : null;
92
  $filepath = get_stylesheet_directory() . '/' . $name . '.php';
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: chrisvrichardson
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=4339298
4
  Tags: leaflet, openstreetmap, osm, mapbox, map box, google maps,google,map,maps,easy,poi,mapping,mapper,gps,lat,lon,latitude,longitude,geocoder,geocoding,georss,geo rss,geo,v3,marker,mashup,mash,api,v3,buddypress,mashup,geo,wp-geo,geo mashup,simplemap,simple,wpml
5
  Requires at least: 4.5
6
- Tested up to: 5.4
7
- Stable tag: 2.54.3
8
 
9
  == Description ==
10
  MapPress adds beautiful, interactive Google or Leaflet maps to WordPress.
@@ -86,6 +86,9 @@ Please see the plugin documentation pages:
86
 
87
  == Changelog ==
88
 
 
 
 
89
  = 2.54.3 =
90
  * Fixed: POI list not displaying in sidebar widgets
91
 
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=4339298
4
  Tags: leaflet, openstreetmap, osm, mapbox, map box, google maps,google,map,maps,easy,poi,mapping,mapper,gps,lat,lon,latitude,longitude,geocoder,geocoding,georss,geo rss,geo,v3,marker,mashup,mash,api,v3,buddypress,mashup,geo,wp-geo,geo mashup,simplemap,simple,wpml
5
  Requires at least: 4.5
6
+ Tested up to: 5.9
7
+ Stable tag: 2.54.4
8
 
9
  == Description ==
10
  MapPress adds beautiful, interactive Google or Leaflet maps to WordPress.
86
 
87
  == Changelog ==
88
 
89
+ = 2.54.4 =
90
+ * Added: authorization checks added for saving maps ('edit_posts') and templates ('manage_options')
91
+
92
  = 2.54.3 =
93
  * Fixed: POI list not displaying in sidebar widgets
94