Version Description
- Fix: Added capability check in Settings
=
Download this release
Release Info
Developer | storeapps |
Plugin | Temporary Login Without Password |
Version | 1.7.1 |
Comparing to | |
See all releases |
Code changes from version 1.7.0 to 1.7.1
admin/class-wp-temporary-login-without-password-admin.php
CHANGED
@@ -201,7 +201,7 @@ class Wp_Temporary_Login_Without_Password_Admin {
|
|
201 |
*/
|
202 |
public function create_user() {
|
203 |
|
204 |
-
if ( empty( $_POST['wtlwp_data'] ) || empty( $_POST['wtlwp-nonce'] ) || ( ! empty( $_POST['wtlwp_action'] ) && 'update' === $_POST['wtlwp_action'] ) ) {
|
205 |
return;
|
206 |
}
|
207 |
|
@@ -268,7 +268,7 @@ class Wp_Temporary_Login_Without_Password_Admin {
|
|
268 |
*/
|
269 |
public function update_tlwp_settings() {
|
270 |
|
271 |
-
if ( empty( $_POST['tlwp_settings_data'] ) || empty( $_POST['wtlwp-settings-nonce'] ) || ! wp_verify_nonce( $_POST['wtlwp-settings-nonce'], 'wtlwp_login_settings' ) ) {
|
272 |
return;
|
273 |
}
|
274 |
|
@@ -333,7 +333,7 @@ class Wp_Temporary_Login_Without_Password_Admin {
|
|
333 |
}
|
334 |
|
335 |
// Can manage Temporary Logins? If yes..go ahead
|
336 |
-
if ( ( false === Wp_Temporary_Login_Without_Password_Common::can_manage_wtlwp() ) ) {
|
337 |
return;
|
338 |
}
|
339 |
|
201 |
*/
|
202 |
public function create_user() {
|
203 |
|
204 |
+
if ( empty( $_POST['wtlwp_data'] ) || empty( $_POST['wtlwp-nonce'] ) || ( ! empty( $_POST['wtlwp_action'] ) && 'update' === $_POST['wtlwp_action'] ) || ! current_user_can( 'manage_options' ) ) {
|
205 |
return;
|
206 |
}
|
207 |
|
268 |
*/
|
269 |
public function update_tlwp_settings() {
|
270 |
|
271 |
+
if ( empty( $_POST['tlwp_settings_data'] ) || empty( $_POST['wtlwp-settings-nonce'] ) || ! wp_verify_nonce( $_POST['wtlwp-settings-nonce'], 'wtlwp_login_settings' ) || ! current_user_can( 'manage_options' ) ) {
|
272 |
return;
|
273 |
}
|
274 |
|
333 |
}
|
334 |
|
335 |
// Can manage Temporary Logins? If yes..go ahead
|
336 |
+
if ( ( false === Wp_Temporary_Login_Without_Password_Common::can_manage_wtlwp() ) || ! current_user_can( 'manage_options' ) ) {
|
337 |
return;
|
338 |
}
|
339 |
|
readme.txt
CHANGED
@@ -5,7 +5,7 @@ Tags: temporary access, developer access, passwordless login, magic pin, secure
|
|
5 |
Requires at least: 3.0.1
|
6 |
Requires PHP: 5.3
|
7 |
Tested up to: 5.8.1
|
8 |
-
Stable tag: 1.7.
|
9 |
License: GPLv3
|
10 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
11 |
|
@@ -171,12 +171,16 @@ Yes. There is no limit to create temporary logins. You can create as many tempor
|
|
171 |
|
172 |
== Upgrade Notice ==
|
173 |
|
174 |
-
= 1.7.
|
175 |
|
176 |
-
* Fix:
|
177 |
|
178 |
== Changelog ==
|
179 |
|
|
|
|
|
|
|
|
|
180 |
**1.7.0 [2021-10-21]**
|
181 |
|
182 |
* Fix: Improved security related to nonce in Settings (Thanks to WPScan team)
|
5 |
Requires at least: 3.0.1
|
6 |
Requires PHP: 5.3
|
7 |
Tested up to: 5.8.1
|
8 |
+
Stable tag: 1.7.1
|
9 |
License: GPLv3
|
10 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
11 |
|
171 |
|
172 |
== Upgrade Notice ==
|
173 |
|
174 |
+
= 1.7.1 =
|
175 |
|
176 |
+
* Fix: Added capability check in Settings
|
177 |
|
178 |
== Changelog ==
|
179 |
|
180 |
+
**1.7.1 [2021-11-11]**
|
181 |
+
|
182 |
+
* Fix: Added capability check in Settings
|
183 |
+
|
184 |
**1.7.0 [2021-10-21]**
|
185 |
|
186 |
* Fix: Improved security related to nonce in Settings (Thanks to WPScan team)
|
templates/temporary-logins-settings.php
CHANGED
@@ -111,4 +111,4 @@
|
|
111 |
<?php wp_nonce_field( 'wtlwp_login_settings', 'wtlwp-settings-nonce', true, true ); ?>
|
112 |
|
113 |
</form>
|
114 |
-
</div>
|
111 |
<?php wp_nonce_field( 'wtlwp_login_settings', 'wtlwp-settings-nonce', true, true ); ?>
|
112 |
|
113 |
</form>
|
114 |
+
</div>
|
temporary-login-without-password.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
* Plugin Name: Temporary Login Without Password
|
4 |
* Plugin URI: http://www.storeapps.org/create-secure-login-without-password-for-wordpress/
|
5 |
* Description: Create a temporary login link with any role using which one can access to your sytem without username and password for limited period of time.
|
6 |
-
* Version: 1.7.
|
7 |
* Author: StoreApps
|
8 |
* Author URI: https://www.storeapps.org
|
9 |
* Requires at least: 3.0.1
|
@@ -25,7 +25,7 @@ if ( ! defined( 'WPINC' ) ) {
|
|
25 |
/**
|
26 |
* Define constants
|
27 |
*/
|
28 |
-
define( 'WTLWP_PLUGIN_VERSION', '1.7.
|
29 |
define( 'WTLWP_FEEDBACK_VERSION', '1.2.4' );
|
30 |
define( 'WTLWP_PLUGIN_DIR', dirname( __FILE__ ) );
|
31 |
define( 'WTLWP_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );
|
3 |
* Plugin Name: Temporary Login Without Password
|
4 |
* Plugin URI: http://www.storeapps.org/create-secure-login-without-password-for-wordpress/
|
5 |
* Description: Create a temporary login link with any role using which one can access to your sytem without username and password for limited period of time.
|
6 |
+
* Version: 1.7.1
|
7 |
* Author: StoreApps
|
8 |
* Author URI: https://www.storeapps.org
|
9 |
* Requires at least: 3.0.1
|
25 |
/**
|
26 |
* Define constants
|
27 |
*/
|
28 |
+
define( 'WTLWP_PLUGIN_VERSION', '1.7.1' );
|
29 |
define( 'WTLWP_FEEDBACK_VERSION', '1.2.4' );
|
30 |
define( 'WTLWP_PLUGIN_DIR', dirname( __FILE__ ) );
|
31 |
define( 'WTLWP_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );
|