s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) - Version 111220

Version Description

Download this release

Release Info

Developer PriMoThemes
Plugin Icon 128x128 s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)
Version 111220
Comparing to
See all releases

Code changes from version 111216 to 111220

Files changed (6) hide show
  1. includes/classes/meta-box-security.inc.php +4 -4
  2. includes/classes/systematics.inc.php +0 -4
  3. includes/classes/utils-conds.inc.php +2 -2
  4. includes/translations/s2member.pot +2 -2
  5. readme.txt +7 -2
  6. s2member.php +9 -9
includes/classes/meta-box-security.inc.php CHANGED
@@ -15,7 +15,7 @@
15
  * @since 3.5
16
  */
17
  if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
- exit ("Do not access this file directly.");
19
  /**/
20
  if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
21
  {
@@ -38,7 +38,7 @@ if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
38
  */
39
  public static function security_meta_box ($post = FALSE)
40
  {
41
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
42
  do_action ("ws_plugin__s2member_before_security_meta_box", get_defined_vars ());
43
  unset ($__refs, $__v); /* Unset defined __refs, __v. */
44
  /**/
@@ -69,7 +69,7 @@ if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
69
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
70
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Pages )</option>' . "\n";
71
  /**/
72
- echo '</select><br /><small>* see: <code>General Options -> Page Level Access</code></small>' . "\n";
73
  /**/
74
  if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
75
  /* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
@@ -115,7 +115,7 @@ if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
115
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
116
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts )</option>' . "\n";
117
  /**/
118
- echo '</select><br /><small>* see: <code>General Options -> Post Level Access</code></small>' . "\n";
119
  /**/
120
  if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
121
  /* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
15
  * @since 3.5
16
  */
17
  if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
+ exit("Do not access this file directly.");
19
  /**/
20
  if (!class_exists ("c_ws_plugin__s2member_meta_box_security"))
21
  {
38
  */
39
  public static function security_meta_box ($post = FALSE)
40
  {
41
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
42
  do_action ("ws_plugin__s2member_before_security_meta_box", get_defined_vars ());
43
  unset ($__refs, $__v); /* Unset defined __refs, __v. */
44
  /**/
69
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
70
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Pages )</option>' . "\n";
71
  /**/
72
+ echo '</select><br /><small>* see: <code>Restriction Options -> Page Level Access</code></small>' . "\n";
73
  /**/
74
  if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
75
  /* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
115
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts of this type )</option>' . "\n")/**/
116
  : '<option value="" disabled="disabled">Level #' . $n . ' ( already protects "all" Posts )</option>' . "\n";
117
  /**/
118
+ echo '</select><br /><small>* see: <code>Restriction Options -> Post Level Access</code></small>' . "\n";
119
  /**/
120
  if (!is_multisite () || !c_ws_plugin__s2member_utils_conds::is_multisite_farm () || is_main_site ())
121
  /* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
includes/classes/systematics.inc.php CHANGED
@@ -96,10 +96,6 @@ if (!class_exists ("c_ws_plugin__s2member_systematics"))
96
  {
97
  return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", true, get_defined_vars ()));
98
  }
99
- else if ($_SERVER["REMOTE_ADDR"] === $_SERVER["SERVER_ADDR"] && !c_ws_plugin__s2member_utils_conds::is_localhost ())
100
- {
101
- return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", true, get_defined_vars ()));
102
- }
103
  else /* Otherwise, we return false ( it's NOT a WordPress® Systematic Use Page ). */
104
  return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", false, get_defined_vars ()));
105
  }
96
  {
97
  return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", true, get_defined_vars ()));
98
  }
 
 
 
 
99
  else /* Otherwise, we return false ( it's NOT a WordPress® Systematic Use Page ). */
100
  return ($is_wp_systematic = apply_filters ("ws_plugin__s2member_is_wp_systematic_use_page", false, get_defined_vars ()));
101
  }
includes/classes/utils-conds.inc.php CHANGED
@@ -133,12 +133,12 @@ if (!class_exists ("c_ws_plugin__s2member_utils_conds"))
133
  *
134
  * @return bool True if we're in a localhost environment, else false.
135
  */
136
- public static function is_localhost ()
137
  {
138
  if ((defined ("LOCALHOST") && LOCALHOST) || stripos ($_SERVER["HTTP_HOST"], "localhost") !== false || strpos ($_SERVER["HTTP_HOST"], "127.0.0.1") !== false)
139
  return true;
140
  /**/
141
- return false; /* Default return false. */
142
  }
143
  /**
144
  * Checks to see if we're using Amazon® S3.
133
  *
134
  * @return bool True if we're in a localhost environment, else false.
135
  */
136
+ public static function /* Checks to see if we're in a localhost environment. */ is_localhost ()
137
  {
138
  if ((defined ("LOCALHOST") && LOCALHOST) || stripos ($_SERVER["HTTP_HOST"], "localhost") !== false || strpos ($_SERVER["HTTP_HOST"], "127.0.0.1") !== false)
139
  return true;
140
  /**/
141
+ return /* Default return false. */ false;
142
  }
143
  /**
144
  * Checks to see if we're using Amazon® S3.
includes/translations/s2member.pot CHANGED
@@ -2,9 +2,9 @@
2
  # This file is distributed under the same license as the s2Member package.
3
  msgid ""
4
  msgstr ""
5
- "Project-Id-Version: s2Member 111216\n"
6
  "Report-Msgid-Bugs-To: http://wordpress.org/tag/.__s2member\n"
7
- "POT-Creation-Date: 2011-12-16 07:13:27+00:00\n"
8
  "MIME-Version: 1.0\n"
9
  "Content-Type: text/plain; charset=UTF-8\n"
10
  "Content-Transfer-Encoding: 8bit\n"
2
  # This file is distributed under the same license as the s2Member package.
3
  msgid ""
4
  msgstr ""
5
+ "Project-Id-Version: s2Member 111220\n"
6
  "Report-Msgid-Bugs-To: http://wordpress.org/tag/.__s2member\n"
7
+ "POT-Creation-Date: 2011-12-20 14:28:23+00:00\n"
8
  "MIME-Version: 1.0\n"
9
  "Content-Type: text/plain; charset=UTF-8\n"
10
  "Content-Transfer-Encoding: 8bit\n"
readme.txt CHANGED
@@ -1,7 +1,7 @@
1
  === s2Member® ( Membership w/ PayPal® ) ===
2
 
3
- Version: 111216
4
- Stable tag: 111216
5
  Framework: WS-P-110523
6
 
7
  SSL Compatible: yes
@@ -179,6 +179,11 @@ Please visit s2Member.com for [video tutorials](http://www.s2member.com/videos/)
179
 
180
  == Changelog ==
181
 
 
 
 
 
 
182
  = v111216 =
183
  * (s2Member/s2Member Pro) **Bug fix**. ClickBank® not passing all s2 Vars after return from a non-recurring transaction. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16256#p56649).
184
  * (s2Member) **Bug fix**. Amazon® S3/CloudFront issues with ACLs upon auto-configuration routine. Leading to a 400 error code. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=15853&p=56158#p56159).
1
  === s2Member® ( Membership w/ PayPal® ) ===
2
 
3
+ Version: 111220
4
+ Stable tag: 111220
5
  Framework: WS-P-110523
6
 
7
  SSL Compatible: yes
179
 
180
  == Changelog ==
181
 
182
+ = v111220 =
183
+ * (s2Member Pro) **Security fix**. PayPal® Pro and Authorize.Net® Forms were vulnerable to an XSS attack, reproducible with a Coupon Code containing special characters. Discovered by ControlScan™. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16173#p56982).
184
+ * (s2Member Pro) **Security hardening**. s2Member's Systematics routine hardended against a possible attack coming from a spoofed IP address matching that of the installation server itself. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16412&p=57044#p57044).
185
+ * (s2Member Pro) **Security hardening**. PayPal® Pro and Authorize.Net® Forms hardended against a possible attack against card types. Discovered by ControlScan™. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16173#p56982).
186
+
187
  = v111216 =
188
  * (s2Member/s2Member Pro) **Bug fix**. ClickBank® not passing all s2 Vars after return from a non-recurring transaction. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=16256#p56649).
189
  * (s2Member) **Bug fix**. Amazon® S3/CloudFront issues with ACLs upon auto-configuration routine. Leading to a 400 error code. Fixed in this release. For further details, please see [this thread](http://www.primothemes.com/forums/viewtopic.php?f=4&t=15853&p=56158#p56159).
s2member.php CHANGED
@@ -19,8 +19,8 @@
19
  */
20
  /* -- This section for WordPress® parsing. ------------------------------------------------------------------------------
21
 
22
- Version: 111216
23
- Stable tag: 111216
24
  Framework: WS-P-110523
25
 
26
  SSL Compatible: yes
@@ -66,7 +66,7 @@ Tags: membership, members, member, register, signup, paypal, paypal pro, pay pal
66
 
67
  -- end section for WordPress® parsing. ------------------------------------------------------------------------------- */
68
  if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
69
- exit("Do not access this file directly.");
70
  /**
71
  * The installed version of s2Member.
72
  *
@@ -76,7 +76,7 @@ if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
76
  * @var str
77
  */
78
  if (!defined ("WS_PLUGIN__S2MEMBER_VERSION"))
79
- define ("WS_PLUGIN__S2MEMBER_VERSION", "111216");
80
  /**
81
  * Minimum PHP version required to run s2Member.
82
  *
@@ -106,7 +106,7 @@ if (!defined ("WS_PLUGIN__S2MEMBER_MIN_WP_VERSION"))
106
  * @var str
107
  */
108
  if (!defined ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION"))
109
- define ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION", "111216");
110
  /*
111
  Several compatibility checks.
112
  If all pass, load the s2Member plugin.
@@ -117,7 +117,7 @@ if (version_compare (PHP_VERSION, WS_PLUGIN__S2MEMBER_MIN_PHP_VERSION, ">=") &&
117
  /*
118
  Hook before loaded.
119
  */
120
- do_action("ws_plugin__s2member_before_loaded");
121
  /*
122
  System configuraton.
123
  */
@@ -129,7 +129,7 @@ if (version_compare (PHP_VERSION, WS_PLUGIN__S2MEMBER_MIN_PHP_VERSION, ">=") &&
129
  /*
130
  Hook after system config & Hooks are loaded.
131
  */
132
- do_action("ws_plugin__s2member_config_hooks_loaded");
133
  /*
134
  Load a possible Pro module, if/when available.
135
  */
@@ -150,8 +150,8 @@ if (version_compare (PHP_VERSION, WS_PLUGIN__S2MEMBER_MIN_PHP_VERSION, ">=") &&
150
  /*
151
  Hooks after loaded.
152
  */
153
- do_action("ws_plugin__s2member_loaded");
154
- do_action("ws_plugin__s2member_after_loaded");
155
  }
156
  /*
157
  Else NOT compatible. Do we need admin compatibility errors now?
19
  */
20
  /* -- This section for WordPress® parsing. ------------------------------------------------------------------------------
21
 
22
+ Version: 111220
23
+ Stable tag: 111220
24
  Framework: WS-P-110523
25
 
26
  SSL Compatible: yes
66
 
67
  -- end section for WordPress® parsing. ------------------------------------------------------------------------------- */
68
  if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
69
+ exit ("Do not access this file directly.");
70
  /**
71
  * The installed version of s2Member.
72
  *
76
  * @var str
77
  */
78
  if (!defined ("WS_PLUGIN__S2MEMBER_VERSION"))
79
+ define ("WS_PLUGIN__S2MEMBER_VERSION", "111220");
80
  /**
81
  * Minimum PHP version required to run s2Member.
82
  *
106
  * @var str
107
  */
108
  if (!defined ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION"))
109
+ define ("WS_PLUGIN__S2MEMBER_MIN_PRO_VERSION", "111220");
110
  /*
111
  Several compatibility checks.
112
  If all pass, load the s2Member plugin.
117
  /*
118
  Hook before loaded.
119
  */
120
+ do_action ("ws_plugin__s2member_before_loaded");
121
  /*
122
  System configuraton.
123
  */
129
  /*
130
  Hook after system config & Hooks are loaded.
131
  */
132
+ do_action ("ws_plugin__s2member_config_hooks_loaded");
133
  /*
134
  Load a possible Pro module, if/when available.
135
  */
150
  /*
151
  Hooks after loaded.
152
  */
153
+ do_action ("ws_plugin__s2member_loaded");
154
+ do_action ("ws_plugin__s2member_after_loaded");
155
  }
156
  /*
157
  Else NOT compatible. Do we need admin compatibility errors now?