s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) - Version 111220

Version Description

Download this release

Release Info

Developer PriMoThemes
Plugin Icon 128x128 s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)
Version 111220
Comparing to
See all releases

Code changes from version 111216 to 111220

includes/classes/meta-box-security.inc.php CHANGED
@@ -15,7 +15,7 @@
15
* @since 3.5
16
*/
17
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
- exit ("Do not access this file directly.");
19
/**/
20
if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
21
{
@@ -38,7 +38,7 @@ if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
38
*/
39
public static function security_meta_box ($post = FALSE)
40
{
41
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
42
do_action ("ws_plugin__s2member_before_security_meta_box", get_defined_vars ());
43
unset ($__refs, $__v); /* Unset defined __refs, __v. */
44
/**/
@@ -69,7 +69,7 @@ if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
69
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
70
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Pages )</option>' . "\n";
71
/**/
72
- echo '</select><br /><small>* see: <code>General Options -> Page Level Access</code></small>' . "\n";
73
/**/
74
if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
75
/* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
@@ -115,7 +115,7 @@ if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
115
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
116
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts )</option>' . "\n";
117
/**/
118
- echo '</select><br /><small>* see: <code>General Options -> Post Level Access</code></small>' . "\n";
119
/**/
120
if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
121
/* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
15
* @since 3.5
16
*/
17
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
+ exit("Do not access this file directly.");
19
/**/
20
if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
21
{
38
*/
39
public static function security_meta_box ($post = FALSE)
40
{
41
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
42
do_action ("ws_plugin__s2member_before_security_meta_box", get_defined_vars ());
43
unset ($__refs, $__v); /* Unset defined __refs, __v. */
44
/**/
69
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
70
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Pages )</option>' . "\n";
71
/**/
72
+ echo '</select><br /><small>* see: <code>Restriction Options -> Page Level Access</code></small>' . "\n";
73
/**/
74
if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
75
/* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
115
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
116
: '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts )</option>' . "\n";
117
/**/
118
+ echo '</select><br /><small>* see: <code>Restriction Options -> Post Level Access</code></small>' . "\n";
119
/**/
120
if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
121
/* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
includes/classes/systematics.inc.php CHANGED
@@ -96,10 +96,6 @@ if (!class_exists ("c_ws_plugin__s2member_systematics"))
96
{
97
return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", true, get_defined_vars ()));
98
}
99
- else if ($_SERVER["REMOTE_ADDR"] === $_SERVER["SERVER_ADDR"] && !c_ws_plugin__s2member_utils_conds::is_localhost ())
100
- {
101
- return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", true, get_defined_vars ()));
102
- }
103
else /* Otherwise, we return false ( it's NOT a WordPress® Systematic Use Page ). */
104
return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", false, get_defined_vars ()));
105
}
96
{
97
return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", true, get_defined_vars ()));
98
}
99
else /* Otherwise, we return false ( it's NOT a WordPress® Systematic Use Page ). */
100
return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", false, get_defined_vars ()));
101
}
includes/classes/utils-conds.inc.php CHANGED
@@ -133,12 +133,12 @@ if (!class_exists ("c_ws_plugin__s2member_utils_conds"))
133
*
134
* @return bool True if we're in a localhost environment, else false.
135
*/
136
- public static function is_localhost ()
137
{
138
if ((defined ("LOCALHOST") && LOCALHOST) || stripos ($_SERVER["HTTP_HOST"], "localhost") !== false || strpos ($_SERVER["HTTP_HOST"], "127.0.0.1") !== false)
139
return true;
140
/**/
141
- return false; /* Default return false. */
142
}
143
/**
144
* Checks to see if we're using Amazon® S3.
133
*
134
* @return bool True if we're in a localhost environment, else false.
135
*/
136
+ public static function /* Checks to see if we're in a localhost environment. */ is_localhost ()
137
{
138
if ((defined ("LOCALHOST") && LOCALHOST) || stripos ($_SERVER["HTTP_HOST"], "localhost") !== false || strpos ($_SERVER["HTTP_HOST"], "127.0.0.1") !== false)
139
return true;
140
/**/
141
+ return /* Default return false. */ false;
142
}
143
/**
144
* Checks to see if we're using Amazon® S3.
includes/translations/s2member.pot CHANGED
@@ -2,9 +2,9 @@
2
# This file is distributed under the same license as the s2Member package.
3
msgid ""
4
msgstr ""
5
- "Project-Id-Version: s2Member 111216\n"
6
"Report-Msgid-Bugs-To: http://wordpress.org/tag/.__s2member\n"
7
- "POT-Creation-Date: 2011-12-16 07:13:27+00:00\n"
8
"MIME-Version: 1.0\n"
9
"Content-Type: text/plain; charset=UTF-8\n"
10
"Content-Transfer-Encoding: 8bit\n"
2
# This file is distributed under the same license as the s2Member package.
3
msgid ""
4
msgstr ""
5
+ "Project-Id-Version: s2Member 111220\n"
6
"Report-Msgid-Bugs-To: http://wordpress.org/tag/.__s2member\n"
7
+ "POT-Creation-Date: 2011-12-20 14:28:23+00:00\n"
8
"MIME-Version: 1.0\n"
9
"Content-Type: text/plain; charset=UTF-8\n"
10
"Content-Transfer-Encoding: 8bit\n"
readme.txt CHANGED
@@ -1,7 +1,7 @@
1
=== s2Member® ( Membership w/ PayPal® ) ===
2
3
- Version: 111216
4
- Stable tag: 111216
5
Framework: WS-P-110523
6
7
SSL Compatible: yes
@@ -179,6 +179,11 @@ Please visit s2Member.com for [video tutorials](http://www.s2member.com/videos/)
179
180
== Changelog ==
181
182
= v111216 =
183
* (s2Member/s2Member Pro) **Bug fix**. ClickBank® not passing all s2 Vars after return from a non-recurring transaction. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16256#p56649).
184
* (s2Member) **Bug fix**. Amazon® S3/CloudFront issues with ACLs upon auto-configuration routine. Leading to a 400 error code. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=15853&p=56158#p56159).
1
=== s2Member® ( Membership w/ PayPal® ) ===
2
3
+ Version: 111220
4
+ Stable tag: 111220
5
Framework: WS-P-110523
6
7
SSL Compatible: yes
179
180
== Changelog ==
181
182
+ = v111220 =
183
+ * (s2Member Pro) **Security fix**. PayPal® Pro and Authorize.Net® Forms were vulnerable to an XSS attack, reproducible with a Coupon Code containing special characters. Discovered by ControlScan™. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16173#p56982).
184
+ * (s2Member Pro) **Security hardening**. s2Member's Systematics routine hardended against a possible attack coming from a spoofed IP address matching that of the installation server itself. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16412&p=57044#p57044).
185
+ * (s2Member Pro) **Security hardening**. PayPal® Pro and Authorize.Net® Forms hardended against a possible attack against card types. Discovered by ControlScan™. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16173#p56982).
186
+
187
= v111216 =
188
* (s2Member/s2Member Pro) **Bug fix**. ClickBank® not passing all s2 Vars after return from a non-recurring transaction. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16256#p56649).
189
* (s2Member) **Bug fix**. Amazon® S3/CloudFront issues with ACLs upon auto-configuration routine. Leading to a 400 error code. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=15853&p=56158#p56159).
s2member.php CHANGED
@@ -19,8 +19,8 @@
19
*/
20
/* -- This section for WordPress® parsing. ------------------------------------------------------------------------------
21
22
- Version: 111216
23
- Stable tag: 111216
24
Framework: WS-P-110523
25
26
SSL Compatible: yes
@@ -66,7 +66,7 @@ Tags: membership, members, member, register, signup, paypal, paypal pro, pay pal
66
67
-- end section for WordPress® parsing. ------------------------------------------------------------------------------- */
68
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
69
- exit("Do not access this file directly.");
70
/**
71
* The installed version of s2Member.
72
*
@@ -76,7 +76,7 @@ if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
76
* @var str
77
*/
78
if (!defined ("WS_PLUGIN__S2MEMBER_VERSION"))
79
- define ("WS_PLUGIN__S2MEMBER_VERSION", "111216");
80
/**
81
* Minimum PHP version required to run s2Member.
82
*
@@ -106,7 +106,7 @@ if (!defined ("WS_PLUGIN__S2MEMBER_MIN_WP_VERSION"))
106
* @var str
107
*/
108
if (!defined ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION"))
109
- define ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION", "111216");
110
/*
111
Several compatibility checks.
112
If all pass, load the s2Member plugin.
@@ -117,7 +117,7 @@ if (version_compare (PHP_VERSION, WS_PLUGIN__S2MEMBER_MIN_PHP_VERSION, ">=") &&
117
/*
118
Hook before loaded.
119
*/
120
- do_action("ws_plugin__s2member_before_loaded");
121
/*
122
System configuraton.
123
*/
@@ -129,7 +129,7 @@ if (version_compare (PHP_VERSION, WS_PLUGIN__S2MEMBER_MIN_PHP_VERSION, ">=") &&
129
/*
130
Hook after system config & Hooks are loaded.
131
*/
132
- do_action("ws_plugin__s2member_config_hooks_loaded");
133
/*
134
Load a possible Pro module, if/when available.
135
*/
@@ -150,8 +150,8 @@ if (version_compare (PHP_VERSION, WS_PLUGIN__S2MEMBER_MIN_PHP_VERSION, ">=") &&
150
/*
151
Hooks after loaded.
152
*/
153
- do_action("ws_plugin__s2member_loaded");
154
- do_action("ws_plugin__s2member_after_loaded");
155
}
156
/*
157
Else NOT compatible. Do we need admin compatibility errors now?
19
*/
20
/* -- This section for WordPress® parsing. ------------------------------------------------------------------------------
21
22
+ Version: 111220
23
+ Stable tag: 111220
24
Framework: WS-P-110523
25
26
SSL Compatible: yes
66
67
-- end section for WordPress® parsing. ------------------------------------------------------------------------------- */
68
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
69
+ exit ("Do not access this file directly.");
70
/**
71
* The installed version of s2Member.
72
*
76
* @var str
77
*/
78
if (!defined ("WS_PLUGIN__S2MEMBER_VERSION"))
79
+ define ("WS_PLUGIN__S2MEMBER_VERSION", "111220");
80
/**
81
* Minimum PHP version required to run s2Member.
82
*
106
* @var str
107
*/
108
if (!defined ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION"))
109
+ define ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION", "111220");
110
/*
111
Several compatibility checks.
112
If all pass, load the s2Member plugin.
117
/*
118
Hook before loaded.
119
*/
120
+ do_action ("ws_plugin__s2member_before_loaded");
121
/*
122
System configuraton.
123
*/
129
/*
130
Hook after system config & Hooks are loaded.
131
*/
132
+ do_action ("ws_plugin__s2member_config_hooks_loaded");
133
/*
134
Load a possible Pro module, if/when available.
135
*/
150
/*
151
Hooks after loaded.
152
*/
153
+ do_action ("ws_plugin__s2member_loaded");
154
+ do_action ("ws_plugin__s2member_after_loaded");
155
}
156
/*
157
Else NOT compatible. Do we need admin compatibility errors now?