Strong Testimonials - Version 2.51.3

Version Description

Download this release

Release Info

Developer giucu91
Plugin Icon 128x128 Strong Testimonials
Version 2.51.3
Comparing to
See all releases

Code changes from version 2.51.2 to 2.51.3

admin/custom-fields-ajax.php CHANGED
@@ -8,7 +8,12 @@
8
  * [Add New Field] Ajax receiver
9
  */
10
  function wpmtst_add_field_function() {
11
- check_ajax_referer( 'wpmtst-admin', 'security', false );
 
 
 
 
 
12
 
13
  // when adding, leave Name empty so it will be populated from Label
14
  $empty_field = array(
@@ -29,7 +34,12 @@ add_action( 'wp_ajax_wpmtst_add_field', 'wpmtst_add_field_function' );
29
  * [Add New Field 2] Ajax receiver
30
  */
31
  function wpmtst_add_field_2_function() {
32
- check_ajax_referer( 'wpmtst-admin', 'security', false );
 
 
 
 
 
33
 
34
  $new_field_type = $_REQUEST['fieldType'];
35
  $new_field_class = $_REQUEST['fieldClass'];
@@ -49,7 +59,12 @@ add_action( 'wp_ajax_wpmtst_add_field_2', 'wpmtst_add_field_2_function' );
49
  * [Add New Field 3] Ajax receiver
50
  */
51
  function wpmtst_add_field_3_function() {
52
- check_ajax_referer( 'wpmtst-admin', 'security', false );
 
 
 
 
 
53
 
54
  $new_field_type = $_REQUEST['fieldType'];
55
  $new_field_class = $_REQUEST['fieldClass'];
@@ -69,7 +84,12 @@ add_action( 'wp_ajax_wpmtst_add_field_3', 'wpmtst_add_field_3_function' );
69
  * [Add New Field 4] Ajax receiver
70
  */
71
  function wpmtst_add_field_4_function() {
72
- check_ajax_referer( 'wpmtst-admin', 'security', false );
 
 
 
 
 
73
 
74
  $new_field_type = $_REQUEST['fieldType'];
75
  $new_field_class = $_REQUEST['fieldClass'];
@@ -91,7 +111,12 @@ add_action( 'wp_ajax_wpmtst_add_field_4', 'wpmtst_add_field_4_function' );
91
  * Return the category count.
92
  */
93
  function wpmtst_ajax_cat_count() {
94
- check_ajax_referer( 'wpmtst-admin', 'security', false );
 
 
 
 
 
95
 
96
  echo wpmtst_get_cat_count();
97
  wp_die();
8
  * [Add New Field] Ajax receiver
9
  */
10
  function wpmtst_add_field_function() {
11
+
12
+ if ( ! current_user_can( 'manage_options' ) ) {
13
+ wp_die();
14
+ }
15
+
16
+ check_ajax_referer( 'wpmtst-admin', 'security' );
17
 
18
  // when adding, leave Name empty so it will be populated from Label
19
  $empty_field = array(
34
  * [Add New Field 2] Ajax receiver
35
  */
36
  function wpmtst_add_field_2_function() {
37
+
38
+ if ( ! current_user_can( 'manage_options' ) ) {
39
+ wp_die();
40
+ }
41
+
42
+ check_ajax_referer( 'wpmtst-admin', 'security' );
43
 
44
  $new_field_type = $_REQUEST['fieldType'];
45
  $new_field_class = $_REQUEST['fieldClass'];
59
  * [Add New Field 3] Ajax receiver
60
  */
61
  function wpmtst_add_field_3_function() {
62
+
63
+ if ( ! current_user_can( 'manage_options' ) ) {
64
+ wp_die();
65
+ }
66
+
67
+ check_ajax_referer( 'wpmtst-admin', 'security' );
68
 
69
  $new_field_type = $_REQUEST['fieldType'];
70
  $new_field_class = $_REQUEST['fieldClass'];
84
  * [Add New Field 4] Ajax receiver
85
  */
86
  function wpmtst_add_field_4_function() {
87
+
88
+ if ( ! current_user_can( 'manage_options' ) ) {
89
+ add_filter( 'show_admin_bar', '__return_false' );
90
+ }
91
+
92
+ check_ajax_referer( 'wpmtst-admin', 'security' );
93
 
94
  $new_field_type = $_REQUEST['fieldType'];
95
  $new_field_class = $_REQUEST['fieldClass'];
111
  * Return the category count.
112
  */
113
  function wpmtst_ajax_cat_count() {
114
+
115
+ if ( ! current_user_can( 'manage_options' ) ) {
116
+ wp_die();
117
+ }
118
+
119
+ check_ajax_referer( 'wpmtst-admin', 'security' );
120
 
121
  echo wpmtst_get_cat_count();
122
  wp_die();
changelog.txt CHANGED
@@ -1,3 +1,7 @@
 
 
 
 
1
  = v2.51.2 - 25/02/2021 =
2
  - Fixed: Manual excerpt ( https://github.com/WPChill/strong-testimonials/issues/220 )
3
 
1
+ = v2.51.2 - 25/02/2021 =
2
+ - Fixed: Changed how we use check_ajax_referer.
3
+ - Changed: Added an extra layer of security besides check_ajax_referer.
4
+
5
  = v2.51.2 - 25/02/2021 =
6
  - Fixed: Manual excerpt ( https://github.com/WPChill/strong-testimonials/issues/220 )
7
 
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: testimonials, testimonial slider, testimonial form, star ratings
4
  Requires at least: 5.2
5
  Requires PHP: 5.6
6
  Tested up to: 5.7
7
- Stable tag: 2.51.2
8
  License: GPLv3 or later
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
10
 
4
  Requires at least: 5.2
5
  Requires PHP: 5.6
6
  Tested up to: 5.7
7
+ Stable tag: 2.51.3
8
  License: GPLv3 or later
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
10
 
strong-testimonials.php CHANGED
@@ -5,7 +5,7 @@
5
  * Description: Collect and display your testimonials or reviews.
6
  * Author: WPChill
7
  * Author URI: https://wpchill.com/
8
- * Version: 2.51.2
9
  * Text Domain: strong-testimonials
10
  * Domain Path: /languages
11
  * Requires: 4.6 or higher
@@ -45,7 +45,7 @@ if ( ! defined( 'ABSPATH' ) ) {
45
  exit;
46
  }
47
 
48
- define( 'WPMTST_VERSION', '2.51.2' );
49
  define( 'WPMTST_PLUGIN', plugin_basename( __FILE__ ) ); // strong-testimonials/strong-testimonials.php
50
  define( 'WPMTST', dirname( WPMTST_PLUGIN ) ); // strong-testimonials
51
  defined( 'WPMTST_STORE_URL' ) || define( 'WPMTST_STORE_URL', 'https://strongtestimonials.com' );
5
  * Description: Collect and display your testimonials or reviews.
6
  * Author: WPChill
7
  * Author URI: https://wpchill.com/
8
+ * Version: 2.51.3
9
  * Text Domain: strong-testimonials
10
  * Domain Path: /languages
11
  * Requires: 4.6 or higher
45
  exit;
46
  }
47
 
48
+ define( 'WPMTST_VERSION', '2.51.3' );
49
  define( 'WPMTST_PLUGIN', plugin_basename( __FILE__ ) ); // strong-testimonials/strong-testimonials.php
50
  define( 'WPMTST', dirname( WPMTST_PLUGIN ) ); // strong-testimonials
51
  defined( 'WPMTST_STORE_URL' ) || define( 'WPMTST_STORE_URL', 'https://strongtestimonials.com' );