Version Description
Download this release
Release Info
Developer | ultimatemember |
Plugin | Ultimate Member – User Profile & Membership Plugin |
Version | 1.1.3 |
Comparing to | |
See all releases |
Code changes from version 1.1.2 to 1.1.3
- admin/core/um-admin-access.php +1 -1
- admin/templates/extensions.php +1 -1
- core/um-actions-register.php +1 -1
- core/um-user.php +7 -3
- index.php +1 -1
- readme.txt +6 -1
- um-config.php +9 -0
admin/core/um-admin-access.php
CHANGED
@@ -90,7 +90,7 @@ class UM_Admin_Access {
|
|
90 |
function add_metabox_form() {
|
91 |
global $ultimatemember;
|
92 |
|
93 |
-
if ( !current_user_can( 'edit_users' ) ) return;
|
94 |
|
95 |
$types = $ultimatemember->query->get_post_types;
|
96 |
foreach($types as $post_type) {
|
90 |
function add_metabox_form() {
|
91 |
global $ultimatemember;
|
92 |
|
93 |
+
if ( um_get_option('access_widget_admin_only') && !current_user_can( 'edit_users' ) ) return;
|
94 |
|
95 |
$types = $ultimatemember->query->get_post_types;
|
96 |
foreach($types as $post_type) {
|
admin/templates/extensions.php
CHANGED
@@ -11,7 +11,7 @@
|
|
11 |
'url' => 'https://ultimatemember.com/extensions/social-login/',
|
12 |
'image' => 'https://ultimatemember.com/wp-content/uploads/2015/02/sociallogin.png',
|
13 |
'name' => 'Social Login',
|
14 |
-
'desc' => 'This extension allows users to register and login to your site using their social network accounts (Facebook, Twitter, Google+, LinkedIn)',
|
15 |
);
|
16 |
|
17 |
$premium['bbpress'] = array(
|
11 |
'url' => 'https://ultimatemember.com/extensions/social-login/',
|
12 |
'image' => 'https://ultimatemember.com/wp-content/uploads/2015/02/sociallogin.png',
|
13 |
'name' => 'Social Login',
|
14 |
+
'desc' => 'This extension allows users to register and login to your site using their social network accounts (Facebook, Twitter, Google+, LinkedIn, Instagram, VK)',
|
15 |
);
|
16 |
|
17 |
$premium['bbpress'] = array(
|
core/um-actions-register.php
CHANGED
@@ -91,7 +91,7 @@
|
|
91 |
$role = um_get_option('default_role');
|
92 |
}
|
93 |
|
94 |
-
$ultimatemember->user->is_secure_role( $role );
|
95 |
|
96 |
$ultimatemember->user->set_role( $role );
|
97 |
|
91 |
$role = um_get_option('default_role');
|
92 |
}
|
93 |
|
94 |
+
$ultimatemember->user->is_secure_role( $user_id, $role );
|
95 |
|
96 |
$ultimatemember->user->set_role( $role );
|
97 |
|
core/um-user.php
CHANGED
@@ -176,15 +176,19 @@ class UM_User {
|
|
176 |
/***
|
177 |
*** @Security check for roles
|
178 |
***/
|
179 |
-
function is_secure_role( $role ) {
|
180 |
|
181 |
if ( is_admin() ) return;
|
182 |
|
183 |
-
if ( $role == 'admin' )
|
|
|
184 |
wp_die( __('This is not allowed for security reasons.','ultimatemember') );
|
|
|
185 |
|
186 |
-
if ( um_get_option('advanced_denied_roles') && strstr( um_get_option('advanced_denied_roles'), $role ) )
|
|
|
187 |
wp_die( __('This is not allowed for security reasons.','ultimatemember') );
|
|
|
188 |
|
189 |
}
|
190 |
|
176 |
/***
|
177 |
*** @Security check for roles
|
178 |
***/
|
179 |
+
function is_secure_role( $user_id, $role ) {
|
180 |
|
181 |
if ( is_admin() ) return;
|
182 |
|
183 |
+
if ( $role == 'admin' ) {
|
184 |
+
$this->delete( false );
|
185 |
wp_die( __('This is not allowed for security reasons.','ultimatemember') );
|
186 |
+
}
|
187 |
|
188 |
+
if ( um_get_option('advanced_denied_roles') && strstr( um_get_option('advanced_denied_roles'), $role ) ) {
|
189 |
+
$this->delete( false );
|
190 |
wp_die( __('This is not allowed for security reasons.','ultimatemember') );
|
191 |
+
}
|
192 |
|
193 |
}
|
194 |
|
index.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: Ultimate Member
|
4 |
Plugin URI: http://ultimatemember.com/
|
5 |
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
|
6 |
-
Version: 1.1.
|
7 |
Author: Ultimate Member
|
8 |
Author URI: http://ultimatemember.com/
|
9 |
*/
|
3 |
Plugin Name: Ultimate Member
|
4 |
Plugin URI: http://ultimatemember.com/
|
5 |
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
|
6 |
+
Version: 1.1.3
|
7 |
Author: Ultimate Member
|
8 |
Author URI: http://ultimatemember.com/
|
9 |
*/
|
readme.txt
CHANGED
@@ -7,7 +7,7 @@ Tags: access control, author, authors, author profile, comments, community, comm
|
|
7 |
Requires at least: 4.1
|
8 |
Tested up to: 4.1.1
|
9 |
|
10 |
-
Stable Tag: 1.1.
|
11 |
|
12 |
License: GNU Version 2 or Any Later Version
|
13 |
|
@@ -206,6 +206,11 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
|
|
206 |
|
207 |
== Changelog ==
|
208 |
|
|
|
|
|
|
|
|
|
|
|
209 |
= 1.1.2: March 30, 2015 =
|
210 |
|
211 |
* Fixed: Important security patch - please update
|
7 |
Requires at least: 4.1
|
8 |
Tested up to: 4.1.1
|
9 |
|
10 |
+
Stable Tag: 1.1.3
|
11 |
|
12 |
License: GNU Version 2 or Any Later Version
|
13 |
|
206 |
|
207 |
== Changelog ==
|
208 |
|
209 |
+
= 1.1.3: April 1, 2015 =
|
210 |
+
|
211 |
+
* New: added option to manage if access control widgets can be edited by admins only
|
212 |
+
* Tweak: update to last security patch - deletes user who try to get unauthorized access
|
213 |
+
|
214 |
= 1.1.2: March 30, 2015 =
|
215 |
|
216 |
* Fixed: Important security patch - please update
|
um-config.php
CHANGED
@@ -343,6 +343,15 @@ $this->sections[] = array(
|
|
343 |
'required' => array( 'wpadmin_register_redirect', '=', 'custom_url' ),
|
344 |
),
|
345 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
346 |
array(
|
347 |
'id' => 'wpadmin_allow_ips',
|
348 |
'type' => 'textarea',
|
343 |
'required' => array( 'wpadmin_register_redirect', '=', 'custom_url' ),
|
344 |
),
|
345 |
|
346 |
+
array(
|
347 |
+
'id' => 'access_widget_admin_only',
|
348 |
+
'type' => 'switch',
|
349 |
+
'title' => __( 'Enable the Access Control widget for Admins only?','ultimatemember' ),
|
350 |
+
'default' => 1,
|
351 |
+
'on' => __('Yes','ultimatemember'),
|
352 |
+
'off' => __('No','ultimatemember'),
|
353 |
+
),
|
354 |
+
|
355 |
array(
|
356 |
'id' => 'wpadmin_allow_ips',
|
357 |
'type' => 'textarea',
|