Ultimate Member – User Profile & Membership Plugin - Version 1.1.3

Version Description

Download this release

Release Info

Developer ultimatemember
Plugin Icon 128x128 Ultimate Member – User Profile & Membership Plugin
Version 1.1.3
Comparing to
See all releases

Code changes from version 1.1.2 to 1.1.3

admin/core/um-admin-access.php CHANGED
@@ -90,7 +90,7 @@ class UM_Admin_Access {
90
  function add_metabox_form() {
91
  global $ultimatemember;
92
 
93
- if ( !current_user_can( 'edit_users' ) ) return;
94
 
95
  $types = $ultimatemember->query->get_post_types;
96
  foreach($types as $post_type) {
90
  function add_metabox_form() {
91
  global $ultimatemember;
92
 
93
+ if ( um_get_option('access_widget_admin_only') && !current_user_can( 'edit_users' ) ) return;
94
 
95
  $types = $ultimatemember->query->get_post_types;
96
  foreach($types as $post_type) {
admin/templates/extensions.php CHANGED
@@ -11,7 +11,7 @@
11
  'url' => 'https://ultimatemember.com/extensions/social-login/',
12
  'image' => 'https://ultimatemember.com/wp-content/uploads/2015/02/sociallogin.png',
13
  'name' => 'Social Login',
14
- 'desc' => 'This extension allows users to register and login to your site using their social network accounts (Facebook, Twitter, Google+, LinkedIn)',
15
  );
16
 
17
  $premium['bbpress'] = array(
11
  'url' => 'https://ultimatemember.com/extensions/social-login/',
12
  'image' => 'https://ultimatemember.com/wp-content/uploads/2015/02/sociallogin.png',
13
  'name' => 'Social Login',
14
+ 'desc' => 'This extension allows users to register and login to your site using their social network accounts (Facebook, Twitter, Google+, LinkedIn, Instagram, VK)',
15
  );
16
 
17
  $premium['bbpress'] = array(
core/um-actions-register.php CHANGED
@@ -91,7 +91,7 @@
91
  $role = um_get_option('default_role');
92
  }
93
 
94
- $ultimatemember->user->is_secure_role( $role );
95
 
96
  $ultimatemember->user->set_role( $role );
97
 
91
  $role = um_get_option('default_role');
92
  }
93
 
94
+ $ultimatemember->user->is_secure_role( $user_id, $role );
95
 
96
  $ultimatemember->user->set_role( $role );
97
 
core/um-user.php CHANGED
@@ -176,15 +176,19 @@ class UM_User {
176
  /***
177
  *** @Security check for roles
178
  ***/
179
- function is_secure_role( $role ) {
180
 
181
  if ( is_admin() ) return;
182
 
183
- if ( $role == 'admin' )
 
184
  wp_die( __('This is not allowed for security reasons.','ultimatemember') );
 
185
 
186
- if ( um_get_option('advanced_denied_roles') && strstr( um_get_option('advanced_denied_roles'), $role ) )
 
187
  wp_die( __('This is not allowed for security reasons.','ultimatemember') );
 
188
 
189
  }
190
 
176
  /***
177
  *** @Security check for roles
178
  ***/
179
+ function is_secure_role( $user_id, $role ) {
180
 
181
  if ( is_admin() ) return;
182
 
183
+ if ( $role == 'admin' ) {
184
+ $this->delete( false );
185
  wp_die( __('This is not allowed for security reasons.','ultimatemember') );
186
+ }
187
 
188
+ if ( um_get_option('advanced_denied_roles') && strstr( um_get_option('advanced_denied_roles'), $role ) ) {
189
+ $this->delete( false );
190
  wp_die( __('This is not allowed for security reasons.','ultimatemember') );
191
+ }
192
 
193
  }
194
 
index.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Ultimate Member
4
  Plugin URI: http://ultimatemember.com/
5
  Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
6
- Version: 1.1.2
7
  Author: Ultimate Member
8
  Author URI: http://ultimatemember.com/
9
  */
3
  Plugin Name: Ultimate Member
4
  Plugin URI: http://ultimatemember.com/
5
  Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
6
+ Version: 1.1.3
7
  Author: Ultimate Member
8
  Author URI: http://ultimatemember.com/
9
  */
readme.txt CHANGED
@@ -7,7 +7,7 @@ Tags: access control, author, authors, author profile, comments, community, comm
7
  Requires at least: 4.1
8
  Tested up to: 4.1.1
9
 
10
- Stable Tag: 1.1.2
11
 
12
  License: GNU Version 2 or Any Later Version
13
 
@@ -206,6 +206,11 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
206
 
207
  == Changelog ==
208
 
 
 
 
 
 
209
  = 1.1.2: March 30, 2015 =
210
 
211
  * Fixed: Important security patch - please update
7
  Requires at least: 4.1
8
  Tested up to: 4.1.1
9
 
10
+ Stable Tag: 1.1.3
11
 
12
  License: GNU Version 2 or Any Later Version
13
 
206
 
207
  == Changelog ==
208
 
209
+ = 1.1.3: April 1, 2015 =
210
+
211
+ * New: added option to manage if access control widgets can be edited by admins only
212
+ * Tweak: update to last security patch - deletes user who try to get unauthorized access
213
+
214
  = 1.1.2: March 30, 2015 =
215
 
216
  * Fixed: Important security patch - please update
um-config.php CHANGED
@@ -343,6 +343,15 @@ $this->sections[] = array(
343
  'required' => array( 'wpadmin_register_redirect', '=', 'custom_url' ),
344
  ),
345
 
 
 
 
 
 
 
 
 
 
346
  array(
347
  'id' => 'wpadmin_allow_ips',
348
  'type' => 'textarea',
343
  'required' => array( 'wpadmin_register_redirect', '=', 'custom_url' ),
344
  ),
345
 
346
+ array(
347
+ 'id' => 'access_widget_admin_only',
348
+ 'type' => 'switch',
349
+ 'title' => __( 'Enable the Access Control widget for Admins only?','ultimatemember' ),
350
+ 'default' => 1,
351
+ 'on' => __('Yes','ultimatemember'),
352
+ 'off' => __('No','ultimatemember'),
353
+ ),
354
+
355
  array(
356
  'id' => 'wpadmin_allow_ips',
357
  'type' => 'textarea',