Simple 301 Redirects - Version 2.0.4

Version Description

  • 05/05/2021 =
  • Improved: User role capabilities check in Ajax requests for security enhancements
  • Few minor bug fix and improvements
Download this release

Release Info

Developer re_enter_rupok
Plugin Icon 128x128 Simple 301 Redirects
Version 2.0.4
Comparing to
See all releases

Code changes from version 2.0.3 to 2.0.4

Files changed (4) hide show
  1. includes/Admin/Ajax.php +8 -3
  2. includes/Admin/Tools.php +2 -2
  3. readme.txt +5 -1
  4. wp-simple-301-redirects.php +2 -2
includes/Admin/Ajax.php CHANGED
@@ -13,12 +13,14 @@ class Ajax {
13
  public function get_wildcard()
14
  {
15
  check_ajax_referer('simple301redirects', 'security');
 
16
  wp_send_json_success(get_option('301_redirects_wildcard'));
17
  wp_die();
18
  }
19
  public function wildcard()
20
  {
21
  check_ajax_referer('simple301redirects', 'security');
 
22
  update_option('301_redirects_wildcard', sanitize_text_field($_POST['toggle']));
23
  wp_send_json_success($_POST['toggle']);
24
  wp_die();
@@ -26,7 +28,8 @@ class Ajax {
26
  public function install_plugin()
27
  {
28
  check_ajax_referer('simple301redirects', 'security');
29
- $slug = isset($_POST['slug']) ? $_POST['slug'] : '';
 
30
  $result = \Simple301Redirects\Helper::install_plugin($slug);
31
  if (is_wp_error($result)) {
32
  wp_send_json_error($result->get_error_message());
@@ -38,7 +41,8 @@ class Ajax {
38
  public function activate_plugin()
39
  {
40
  check_ajax_referer('simple301redirects', 'security');
41
- $basename = isset($_POST['basename']) ? $_POST['basename'] : '';
 
42
  $result = activate_plugin($basename, '', false );
43
  if (is_wp_error($result)) {
44
  wp_send_json_error($result->get_error_message());
@@ -52,7 +56,8 @@ class Ajax {
52
  public function hide_notice()
53
  {
54
  check_ajax_referer('simple301redirects', 'security');
55
- $hide = isset($_POST['hide']) ? $_POST['hide'] : false;
 
56
  update_option('simple301redirects_hide_btl_notice', $hide);
57
  wp_send_json_success($hide);
58
  wp_die();
13
  public function get_wildcard()
14
  {
15
  check_ajax_referer('simple301redirects', 'security');
16
+ if( ! current_user_can( 'manage_options' ) ) wp_die();
17
  wp_send_json_success(get_option('301_redirects_wildcard'));
18
  wp_die();
19
  }
20
  public function wildcard()
21
  {
22
  check_ajax_referer('simple301redirects', 'security');
23
+ if( ! current_user_can( 'manage_options' ) ) wp_die();
24
  update_option('301_redirects_wildcard', sanitize_text_field($_POST['toggle']));
25
  wp_send_json_success($_POST['toggle']);
26
  wp_die();
28
  public function install_plugin()
29
  {
30
  check_ajax_referer('simple301redirects', 'security');
31
+ if( ! current_user_can( 'manage_options' ) ) wp_die();
32
+ $slug = isset($_POST['slug']) ? sanitize_text_field($_POST['slug']) : '';
33
  $result = \Simple301Redirects\Helper::install_plugin($slug);
34
  if (is_wp_error($result)) {
35
  wp_send_json_error($result->get_error_message());
41
  public function activate_plugin()
42
  {
43
  check_ajax_referer('simple301redirects', 'security');
44
+ if( ! current_user_can( 'manage_options' ) ) wp_die();
45
+ $basename = isset($_POST['basename']) ? sanitize_text_field($_POST['basename']) : '';
46
  $result = activate_plugin($basename, '', false );
47
  if (is_wp_error($result)) {
48
  wp_send_json_error($result->get_error_message());
56
  public function hide_notice()
57
  {
58
  check_ajax_referer('simple301redirects', 'security');
59
+ if( ! current_user_can( 'manage_options' ) ) wp_die();
60
+ $hide = isset($_POST['hide']) ? sanitize_text_field($_POST['hide']) : false;
61
  update_option('simple301redirects_hide_btl_notice', $hide);
62
  wp_send_json_success($hide);
63
  wp_die();
includes/Admin/Tools.php CHANGED
@@ -12,7 +12,7 @@ class Tools {
12
  {
13
  $page = isset($_GET['page']) ? $_GET['page'] : '';
14
  $export = isset($_REQUEST['export']) ? $_REQUEST['export'] : false;
15
- if ($page === '301options' && $export == true) {
16
  check_ajax_referer('simple301redirects', 'security');
17
  $content = json_encode(get_option(SIMPLE301REDIRECTS_SETTINGS_NAME));
18
  $filename = 'simple-301-redirects.' . date('Y-m-d') . '.json';
@@ -34,7 +34,7 @@ class Tools {
34
  {
35
  $page = isset($_GET['page']) ? $_GET['page'] : '';
36
  $import = isset($_REQUEST['import']) ? $_REQUEST['import'] : false;
37
- if ($page === '301options' && $import == true) {
38
  check_ajax_referer('simple301redirects', 'security');
39
  if (!empty($_FILES['upload_file']['tmp_name'])) {
40
  $fileContent = json_decode(file_get_contents($_FILES['upload_file']['tmp_name']), true);
12
  {
13
  $page = isset($_GET['page']) ? $_GET['page'] : '';
14
  $export = isset($_REQUEST['export']) ? $_REQUEST['export'] : false;
15
+ if ($page === '301options' && $export == true && current_user_can( 'manage_options' )) {
16
  check_ajax_referer('simple301redirects', 'security');
17
  $content = json_encode(get_option(SIMPLE301REDIRECTS_SETTINGS_NAME));
18
  $filename = 'simple-301-redirects.' . date('Y-m-d') . '.json';
34
  {
35
  $page = isset($_GET['page']) ? $_GET['page'] : '';
36
  $import = isset($_REQUEST['import']) ? $_REQUEST['import'] : false;
37
+ if ($page === '301options' && $import == true && current_user_can( 'manage_options' )) {
38
  check_ajax_referer('simple301redirects', 'security');
39
  if (!empty($_FILES['upload_file']['tmp_name'])) {
40
  $fileContent = json_decode(file_get_contents($_FILES['upload_file']['tmp_name']), true);
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: 301 redirects, 301, shortlinks, link shortener, links, permalink, redirect
4
  Requires at least: 5.0
5
  Tested up to: 5.7.1
6
  Requires PHP: 5.4
7
- Stable tag: 2.0.3
8
  License: GPL-3.0-or-later
9
  License URI: https://www.gnu.org/licenses/gpl-3.0.html
10
 
@@ -100,6 +100,10 @@ Visit [WPDeveloper](https://wpdeveloper.net/) to learn more about how to do bett
100
 
101
  == Changelog ==
102
 
 
 
 
 
103
  = 2.0.3 - 18/04/2021 =
104
  * Fixed: Redirects fail with trailing slash in the Request URL
105
  * Improved: Import/Export feature for security enhancements
4
  Requires at least: 5.0
5
  Tested up to: 5.7.1
6
  Requires PHP: 5.4
7
+ Stable tag: 2.0.4
8
  License: GPL-3.0-or-later
9
  License URI: https://www.gnu.org/licenses/gpl-3.0.html
10
 
100
 
101
  == Changelog ==
102
 
103
+ = 2.0.4 - 05/05/2021 =
104
+ * Improved: User role capabilities check in Ajax requests for security enhancements
105
+ * Few minor bug fix and improvements
106
+
107
  = 2.0.3 - 18/04/2021 =
108
  * Fixed: Redirects fail with trailing slash in the Request URL
109
  * Improved: Import/Export feature for security enhancements
wp-simple-301-redirects.php CHANGED
@@ -7,7 +7,7 @@
7
  * Author URI: https://wpdeveloper.net/
8
  * Text Domain: simple-301-redirects
9
  * Domain Path: /languages
10
- * Version: 2.0.3
11
  */
12
 
13
  /* Copyright 2009-2021 WPDeveloper
@@ -66,7 +66,7 @@ if (!class_exists("Simple301redirects")) {
66
 
67
  public function define_constants()
68
  {
69
- define('SIMPLE301REDIRECTS_VERSION', '2.0.3');
70
  define('SIMPLE301REDIRECTS_SETTINGS_NAME', '301_redirects');
71
  define('SIMPLE301REDIRECTS_PLUGIN_FILE', __FILE__);
72
  define('SIMPLE301REDIRECTS_PLUGIN_BASENAME', plugin_basename(__FILE__));
7
  * Author URI: https://wpdeveloper.net/
8
  * Text Domain: simple-301-redirects
9
  * Domain Path: /languages
10
+ * Version: 2.0.4
11
  */
12
 
13
  /* Copyright 2009-2021 WPDeveloper
66
 
67
  public function define_constants()
68
  {
69
+ define('SIMPLE301REDIRECTS_VERSION', '2.0.4');
70
  define('SIMPLE301REDIRECTS_SETTINGS_NAME', '301_redirects');
71
  define('SIMPLE301REDIRECTS_PLUGIN_FILE', __FILE__);
72
  define('SIMPLE301REDIRECTS_PLUGIN_BASENAME', plugin_basename(__FILE__));