User registration & user profile – Profile Builder - Version 2.3.6

Version Description

  • Fixed a security issue regarding shortcodes
  • Fixed a deprecated function warning in the hidden input field
  • Fixed a notice in the WCK API
  • Fixed a compatibility issue with ACF Pro
  • We now make sure we call jQuery dialog only if it exists
Download this release

Release Info

Developer madalin.ungureanu
Plugin Icon 128x128 User registration & user profile – Profile Builder
Version 2.3.6
Comparing to
See all releases

Code changes from version 2.3.5 to 2.3.6

Files changed (8) hide show
  1. assets/js/jquery-manage-fields-live-change.js +1 -1
  2. assets/js/jquery-pb-sitewide.js +8 -8
  3. assets/lib/wck-api/wordpress-creation-kit.php +12 -3
  4. features/class-list-table.php +1 -1
  5. front-end/class-formbuilder.php +10 -0
  6. front-end/register.php +15 -0
  7. index.php +2 -2
  8. readme.txt +9 -2
assets/js/jquery-manage-fields-live-change.js CHANGED
@@ -571,7 +571,7 @@ function wppb_handle_user_role_field( container_name ) {
571
  sortOrderElements.shift();
572
 
573
  for( var i=0; i < sortOrderElements.length; i++ ) {
574
- jQuery( container_name + ' ' + '.row-user-roles .wck-checkboxes').append( jQuery( container_name + ' ' + '.row-user-roles .wck-checkboxes input[value=' + sortOrderElements[i] + ']').parent().parent().get(0) );
575
  }
576
  }
577
  },
571
  sortOrderElements.shift();
572
 
573
  for( var i=0; i < sortOrderElements.length; i++ ) {
574
+ jQuery( container_name + ' ' + '.row-user-roles .wck-checkboxes').append( jQuery( container_name + ' ' + '.row-user-roles .wck-checkboxes input[value="' + sortOrderElements[i] + '"]').parent().parent().get(0) );
575
  }
576
  }
577
  },
assets/js/jquery-pb-sitewide.js CHANGED
@@ -8,9 +8,9 @@ jQuery( document ).ready(function(){
8
  });
9
 
10
  /*
11
- * Set the width of the shortcode input based on an element that
12
- * has the width of its contents
13
- */
14
  function setShortcodeInputWidth( $inputField ) {
15
  var tempSpan = document.createElement('span');
16
  tempSpan.className = "wppb-shortcode-temp";
@@ -89,10 +89,10 @@ jQuery( function(){
89
  });
90
 
91
  /*
92
- * Dialog boxes throughout Profile Builder
93
- */
94
  jQuery( function() {
95
- jQuery(document).ready( function() {
96
  jQuery('.wppb-modal-box').dialog({
97
  autoOpen: false,
98
  modal: true,
@@ -101,9 +101,9 @@ jQuery( function() {
101
  minHeight: 450
102
  });
103
 
104
- jQuery('.wppb-open-modal-box').click( function(e) {
105
  e.preventDefault();
106
  jQuery('#' + jQuery(this).attr('href')).dialog('open');
107
  });
108
- });
109
  });
8
  });
9
 
10
  /*
11
+ * Set the width of the shortcode input based on an element that
12
+ * has the width of its contents
13
+ */
14
  function setShortcodeInputWidth( $inputField ) {
15
  var tempSpan = document.createElement('span');
16
  tempSpan.className = "wppb-shortcode-temp";
89
  });
90
 
91
  /*
92
+ * Dialog boxes throughout Profile Builder
93
+ */
94
  jQuery( function() {
95
+ if ( jQuery.fn.dialog ) {
96
  jQuery('.wppb-modal-box').dialog({
97
  autoOpen: false,
98
  modal: true,
101
  minHeight: 450
102
  });
103
 
104
+ jQuery('.wppb-open-modal-box').click(function (e) {
105
  e.preventDefault();
106
  jQuery('#' + jQuery(this).attr('href')).dialog('open');
107
  });
108
+ }
109
  });
assets/lib/wck-api/wordpress-creation-kit.php CHANGED
@@ -1036,9 +1036,18 @@ class Wordpress_Creation_Kit_PB{
1036
  function wck_save_single_metabox( $post_id, $post ){
1037
  if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE )
1038
  return $post_id;
1039
- // check permissions
1040
- if ( !current_user_can( 'edit_page', $post_id ) )
1041
- return $post_id;
 
 
 
 
 
 
 
 
 
1042
  /* only go through for metaboxes defined for this post type */
1043
  if( get_post_type( $post_id ) != $this->args['post_type'] )
1044
  return $post_id;
1036
  function wck_save_single_metabox( $post_id, $post ){
1037
  if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE )
1038
  return $post_id;
1039
+
1040
+ // Check the user's permissions.
1041
+ if ( isset( $_POST['post_type'] ) && 'page' == $_POST['post_type'] ) {
1042
+ if ( ! current_user_can( 'edit_page', $post_id ) ) {
1043
+ return $post_id;
1044
+ }
1045
+ } else {
1046
+ if ( ! current_user_can( 'edit_post', $post_id ) ) {
1047
+ return $post_id;
1048
+ }
1049
+ }
1050
+
1051
  /* only go through for metaboxes defined for this post type */
1052
  if( get_post_type( $post_id ) != $this->args['post_type'] )
1053
  return $post_id;
features/class-list-table.php CHANGED
@@ -872,7 +872,7 @@ class PB_WP_List_Table {
872
  static $row_class = '';
873
  $row_class = ( $row_class == '' ? ' class="alternate"' : '' );
874
 
875
- echo '<tr' . $row_class . '>';
876
  $this->single_row_columns( $item );
877
  echo '</tr>';
878
  }
872
  static $row_class = '';
873
  $row_class = ( $row_class == '' ? ' class="alternate"' : '' );
874
 
875
+ echo '<tr id="user-'. $item['ID'] .'" ' . $row_class . '>';
876
  $this->single_row_columns( $item );
877
  echo '</tr>';
878
  }
front-end/class-formbuilder.php CHANGED
@@ -121,6 +121,16 @@ class Profile_Builder_Form_Creator{
121
  $this->args['redirect_url'] = ( isset( $page_settings[0]['url'] ) ? $page_settings[0]['url'] : $this->args['redirect_url'] );
122
  $this->args['redirect_delay'] = ( isset( $page_settings[0]['display-messages'] ) ? $page_settings[0]['display-messages'] : $this->args['redirect_delay'] );
123
  }
 
 
 
 
 
 
 
 
 
 
124
  }
125
 
126
  function wppb_form_logic() {
121
  $this->args['redirect_url'] = ( isset( $page_settings[0]['url'] ) ? $page_settings[0]['url'] : $this->args['redirect_url'] );
122
  $this->args['redirect_delay'] = ( isset( $page_settings[0]['display-messages'] ) ? $page_settings[0]['display-messages'] : $this->args['redirect_delay'] );
123
  }
124
+
125
+ if( !empty( $this->args['role'] ) ){
126
+ $role_in_arg = get_role( $this->args['role'] );
127
+ if( !empty( $role_in_arg->capabilities['manage_options'] ) || !empty( $role_in_arg->capabilities['remove_users'] ) ){
128
+ if( !current_user_can( 'manage_options' ) || !current_user_can( 'remove_users' ) ){
129
+ $this->args['role'] = get_option('default_role');
130
+ echo apply_filters( 'wppb_register_pre_form_user_role_message', '<p class="alert" id="wppb_general_top_error_message">'.__( 'The role of the created user set to the default role. Only an administrator can register a user with the role assigned to this form.', 'profile-builder').'</p>' );
131
+ }
132
+ }
133
+ }
134
  }
135
 
136
  function wppb_form_logic() {
front-end/register.php CHANGED
@@ -185,4 +185,19 @@ function wppbc_disable_admin_approval_for_user_role( $user_id ) {
185
  wp_set_object_terms( $user_id, NULL, 'user_status' );
186
  clean_object_term_cache( $user_id, 'user_status' );
187
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
188
  }
185
  wp_set_object_terms( $user_id, NULL, 'user_status' );
186
  clean_object_term_cache( $user_id, 'user_status' );
187
  }
188
+ }
189
+
190
+ /* authors and contributors shouldn't be allowed to create pages with the register shortcode in them */
191
+ add_filter( 'the_content', 'wppb_maybe_remove_register_shortcode' );
192
+ function wppb_maybe_remove_register_shortcode( $content ){
193
+ if ( has_shortcode( $content, 'wppb-register' ) ){
194
+ $author_id = get_the_author_meta( 'ID' );
195
+ if( !empty( $author_id ) ){
196
+ if( !user_can( $author_id, 'edit_others_posts' ) ) {
197
+ remove_shortcode('wppb-register');
198
+ }
199
+ }
200
+ }
201
+
202
+ return $content;
203
  }
index.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Profile Builder
4
  Plugin URI: http://www.cozmoslabs.com/wordpress-profile-builder/
5
  Description: Login, registration and edit profile shortcodes for the front-end. Also you can chose what fields should be displayed or add new (custom) ones both in the front-end and in the dashboard.
6
- Version: 2.3.5
7
  Author: Cozmoslabs, Madalin Ungureanu, Antohe Cristian, Barina Gabriel, Mihai Iova
8
  Author URI: http://www.cozmoslabs.com/
9
  License: GPL2
@@ -73,7 +73,7 @@ function wppb_free_plugin_init() {
73
  *
74
  *
75
  */
76
- define('PROFILE_BUILDER_VERSION', '2.3.5' );
77
  define('WPPB_PLUGIN_DIR', plugin_dir_path(__FILE__));
78
  define('WPPB_PLUGIN_URL', plugin_dir_url(__FILE__));
79
  define('WPPB_SERVER_MAX_UPLOAD_SIZE_BYTE', apply_filters('wppb_server_max_upload_size_byte_constant', wppb_return_bytes(ini_get('upload_max_filesize'))));
3
  Plugin Name: Profile Builder
4
  Plugin URI: http://www.cozmoslabs.com/wordpress-profile-builder/
5
  Description: Login, registration and edit profile shortcodes for the front-end. Also you can chose what fields should be displayed or add new (custom) ones both in the front-end and in the dashboard.
6
+ Version: 2.3.6
7
  Author: Cozmoslabs, Madalin Ungureanu, Antohe Cristian, Barina Gabriel, Mihai Iova
8
  Author URI: http://www.cozmoslabs.com/
9
  License: GPL2
73
  *
74
  *
75
  */
76
+ define('PROFILE_BUILDER_VERSION', '2.3.6' );
77
  define('WPPB_PLUGIN_DIR', plugin_dir_path(__FILE__));
78
  define('WPPB_PLUGIN_URL', plugin_dir_url(__FILE__));
79
  define('WPPB_SERVER_MAX_UPLOAD_SIZE_BYTE', apply_filters('wppb_server_max_upload_size_byte_constant', wppb_return_bytes(ini_get('upload_max_filesize'))));
readme.txt CHANGED
@@ -4,8 +4,8 @@ Donate link: http://www.cozmoslabs.com/wordpress-profile-builder/
4
  Tags: registration, user profile, user registration, custom field registration, customize profile, user fields, extra user fields, builder, profile builder, custom user profile, user profile page, edit profile, custom registration, custom registration form, custom registration page, registration page, user custom fields, user listing, front-end user listing, user login, user registration form, front-end login, login redirect, login widget, front-end register, front-end registration, front-end edit profile, front-end user registration, custom redirects, user email, avatar upload, email confirmation, user approval, customize registration email, minimum password length, minimum password strength, password strength meter, multiple registration forms, register, register form, register user, register users, login form, member directory, redirect user
5
 
6
  Requires at least: 3.1
7
- Tested up to: 4.5
8
- Stable tag: 2.3.5
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
@@ -147,6 +147,13 @@ This plugin adds/removes user fields in the front-end. Both default and extra pr
147
  10. Profile Builder Login Widget
148
 
149
  == Changelog ==
 
 
 
 
 
 
 
150
  = 2.3.5 =
151
  * Fixed issue regarding password update not working in certain cases
152
  * Changed label for when login with username is selected
4
  Tags: registration, user profile, user registration, custom field registration, customize profile, user fields, extra user fields, builder, profile builder, custom user profile, user profile page, edit profile, custom registration, custom registration form, custom registration page, registration page, user custom fields, user listing, front-end user listing, user login, user registration form, front-end login, login redirect, login widget, front-end register, front-end registration, front-end edit profile, front-end user registration, custom redirects, user email, avatar upload, email confirmation, user approval, customize registration email, minimum password length, minimum password strength, password strength meter, multiple registration forms, register, register form, register user, register users, login form, member directory, redirect user
5
 
6
  Requires at least: 3.1
7
+ Tested up to: 4.5.2
8
+ Stable tag: 2.3.6
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
147
  10. Profile Builder Login Widget
148
 
149
  == Changelog ==
150
+ = 2.3.6 =
151
+ * Fixed a security issue regarding shortcodes
152
+ * Fixed a deprecated function warning in the hidden input field
153
+ * Fixed a notice in the WCK API
154
+ * Fixed a compatibility issue with ACF Pro
155
+ * We now make sure we call jQuery dialog only if it exists
156
+
157
  = 2.3.5 =
158
  * Fixed issue regarding password update not working in certain cases
159
  * Changed label for when login with username is selected