Ultimate Member – User Profile & Membership Plugin - Version 2.0.46

Version Description

Download this release

Release Info

Developer nsinelnikov
Plugin Icon 128x128 Ultimate Member – User Profile & Membership Plugin
Version 2.0.46
Comparing to
See all releases

Code changes from version 2.0.45 to 2.0.46

assets/js/um-functions.js CHANGED
@@ -406,7 +406,7 @@ function initFileUpload_UM( trigger ) {
406
}else if( key == 'original_name' ){
407
408
trigger.parents('.um-modal-body').find('.um-single-fileinfo a').attr('data-orignal-name', value );
409
- trigger.parents('.um-modal-body').find('.um-single-fileinfo span.filename').html( value );
410
411
} else if ( key == 'url' ) {
412
406
}else if( key == 'original_name' ){
407
408
trigger.parents('.um-modal-body').find('.um-single-fileinfo a').attr('data-orignal-name', value );
409
+ trigger.parents('.um-modal-body').find('.um-single-fileinfo span.filename').html( value );
410
411
} else if ( key == 'url' ) {
412
includes/admin/core/class-admin-menu.php CHANGED
@@ -223,7 +223,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Menu' ) ) {
223
add_meta_box( 'um-metaboxes-sidebox-2', __( 'User Cache', 'ultimate-member' ), array( &$this, 'user_cache' ), $this->pagehook, 'side', 'core' );
224
225
//If there are active and licensed extensions - show metabox for upgrade it
226
- $exts = UM()->plugin_updater()->um_get_active_plugins();
227
if ( 0 < count( $exts ) ) {
228
add_meta_box( 'um-metaboxes-sidebox-3', __( 'Upgrade\'s Manual Request', 'ultimate-member' ), array( &$this, 'upgrade_request' ), $this->pagehook, 'side', 'core' );
229
}
223
add_meta_box( 'um-metaboxes-sidebox-2', __( 'User Cache', 'ultimate-member' ), array( &$this, 'user_cache' ), $this->pagehook, 'side', 'core' );
224
225
//If there are active and licensed extensions - show metabox for upgrade it
226
+ $exts = UM()->plugin_updater()->get_active_plugins();
227
if ( 0 < count( $exts ) ) {
228
add_meta_box( 'um-metaboxes-sidebox-3', __( 'Upgrade\'s Manual Request', 'ultimate-member' ), array( &$this, 'upgrade_request' ), $this->pagehook, 'side', 'core' );
229
}
includes/admin/core/class-admin-notices.php CHANGED
@@ -534,7 +534,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
534
if ( ! empty( $arr_inactive_license_keys ) ) {
535
$this->add_notice( 'license_key', array(
536
'class' => 'error',
537
- 'message' => '<p>' . sprintf( __( 'There are %d inactive %s license keys for this site. This site is not authorized to get plugin updates. You can active this site on <a href="%s">www.ultimatemember.com</a>.', 'ultimate-member' ), count( $arr_inactive_license_keys ) , ultimatemember_plugin_name, 'https://ultimatemember.com' ) . '</p>',
538
), 3 );
539
}
540
534
if ( ! empty( $arr_inactive_license_keys ) ) {
535
$this->add_notice( 'license_key', array(
536
'class' => 'error',
537
+ 'message' => '<p>' . sprintf( __( 'There are %d inactive %s license keys for this site. This site is not authorized to get plugin updates. You can active this site on <a href="%s">www.ultimatemember.com</a>.', 'ultimate-member' ), count( $arr_inactive_license_keys ) , ultimatemember_plugin_name, UM()->store_url ) . '</p>',
538
), 3 );
539
}
540
includes/admin/core/class-admin-settings.php CHANGED
@@ -1703,9 +1703,9 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
1703
);
1704
1705
$request = wp_remote_post(
1706
- 'https://ultimatemember.com/',
1707
array(
1708
- 'timeout' => 15,
1709
'sslverify' => false,
1710
'body' => $api_params
1711
)
1703
);
1704
1705
$request = wp_remote_post(
1706
+ UM()->store_url,
1707
array(
1708
+ 'timeout' => UM()->request_timeout,
1709
'sslverify' => false,
1710
'body' => $api_params
1711
)
includes/class-functions.php CHANGED
@@ -10,6 +10,21 @@ if ( ! class_exists( 'UM_Functions' ) ) {
10
class UM_Functions {
11
12
13
/**
14
* UM_Functions constructor.
15
*/
10
class UM_Functions {
11
12
13
+ /**
14
+ * Store URL
15
+ *
16
+ * @var string
17
+ */
18
+ var $store_url = 'https://ultimatemember.com/';
19
+
20
+
21
+ /**
22
+ * WP remote Post timeout
23
+ * @var int
24
+ */
25
+ var $request_timeout = 60;
26
+
27
+
28
/**
29
* UM_Functions constructor.
30
*/
includes/core/class-files.php CHANGED
@@ -171,6 +171,11 @@ if ( ! class_exists( 'um\core\Files' ) ) {
171
}
172
}
173
174
$file_info = get_user_meta( $user_id, $field_key . "_metadata", true );
175
176
$pathinfo = pathinfo( $file_path );
@@ -211,6 +216,11 @@ if ( ! class_exists( 'um\core\Files' ) ) {
211
}
212
}
213
214
$file_info = get_user_meta( $user_id, $field_key . "_metadata", true );
215
216
$pathinfo = pathinfo( $file_path );
@@ -427,7 +437,7 @@ if ( ! class_exists( 'um\core\Files' ) ) {
427
428
$ret['error'] = $uploaded['error'];
429
430
- }else{
431
432
$uploaded_file = $uploaded['handle_upload'];
433
$ret['url'] = $uploaded_file['file_info']['name'];
@@ -436,7 +446,6 @@ if ( ! class_exists( 'um\core\Files' ) ) {
436
$ret['filename'] = $uploaded_file['file_info']['basename'];
437
$ret['original_name'] = $uploaded_file['file_info']['original_name'];
438
439
-
440
}
441
442
}
171
}
172
}
173
174
+ //validate traversal file
175
+ if ( validate_file( $file_path ) === 1 ) {
176
+ return;
177
+ }
178
+
179
$file_info = get_user_meta( $user_id, $field_key . "_metadata", true );
180
181
$pathinfo = pathinfo( $file_path );
216
}
217
}
218
219
+ //validate traversal file
220
+ if ( validate_file( $file_path ) === 1 ) {
221
+ return;
222
+ }
223
+
224
$file_info = get_user_meta( $user_id, $field_key . "_metadata", true );
225
226
$pathinfo = pathinfo( $file_path );
437
438
$ret['error'] = $uploaded['error'];
439
440
+ } else {
441
442
$uploaded_file = $uploaded['handle_upload'];
443
$ret['url'] = $uploaded_file['file_info']['name'];
446
$ret['filename'] = $uploaded_file['file_info']['basename'];
447
$ret['original_name'] = $uploaded_file['file_info']['original_name'];
448
449
}
450
451
}
includes/core/class-logout.php CHANGED
@@ -71,10 +71,12 @@ if ( ! class_exists( 'um\core\Logout' ) ) {
71
add_filter( 'wp_safe_redirect_fallback', array( &$this, 'safe_redirect_default' ), 10, 2 );
72
73
if ( isset( $_REQUEST['redirect_to'] ) && $_REQUEST['redirect_to'] !== '' ) {
74
wp_logout();
75
session_unset();
76
exit( wp_safe_redirect( $_REQUEST['redirect_to'] ) );
77
} else if ( um_user('after_logout') == 'redirect_home' ) {
78
wp_logout();
79
session_unset();
80
exit( wp_safe_redirect( home_url() ) );
@@ -102,6 +104,7 @@ if ( ! class_exists( 'um\core\Logout' ) ) {
102
* ?>
103
*/
104
$redirect_url = apply_filters( 'um_logout_redirect_url', um_user( 'logout_redirect_url' ), um_user( 'ID' ) );
105
wp_logout();
106
session_unset();
107
exit( wp_safe_redirect( $redirect_url ) );
71
add_filter( 'wp_safe_redirect_fallback', array( &$this, 'safe_redirect_default' ), 10, 2 );
72
73
if ( isset( $_REQUEST['redirect_to'] ) && $_REQUEST['redirect_to'] !== '' ) {
74
+ wp_destroy_current_session();
75
wp_logout();
76
session_unset();
77
exit( wp_safe_redirect( $_REQUEST['redirect_to'] ) );
78
} else if ( um_user('after_logout') == 'redirect_home' ) {
79
+ wp_destroy_current_session();
80
wp_logout();
81
session_unset();
82
exit( wp_safe_redirect( home_url() ) );
104
* ?>
105
*/
106
$redirect_url = apply_filters( 'um_logout_redirect_url', um_user( 'logout_redirect_url' ), um_user( 'ID' ) );
107
+ wp_destroy_current_session();
108
wp_logout();
109
session_unset();
110
exit( wp_safe_redirect( $redirect_url ) );
includes/core/class-plugin-updater.php CHANGED
@@ -25,14 +25,14 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
25
26
register_deactivation_hook( um_plugin, array( &$this, 'um_plugin_updater_deactivation_hook' ) );
27
28
- //cron request to ultimatemember.com
29
add_action( 'um_check_extensions_licenses', array( &$this, 'um_checklicenses' ) );
30
31
//update plugin info
32
- add_filter( 'pre_set_site_transient_update_plugins', array( &$this, 'um_check_update' ) );
33
34
//plugin information info
35
- add_filter( 'plugins_api', array( &$this, 'um_plugins_api_filter' ), 9999, 3 );
36
}
37
38
@@ -41,7 +41,7 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
41
*
42
* @return array
43
*/
44
- function um_get_active_plugins() {
45
$paid_extensions = array(
46
'um-bbpress/um-bbpress.php' => array(
47
'key' => 'bbpress',
@@ -179,8 +179,9 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
179
if ( in_array( $value, array_keys( $paid_extensions ) ) ) {
180
$license = UM()->options()->get( "um_{$paid_extensions[ $value ]['key']}_license_key" );
181
182
- if ( empty( $license ) )
183
continue;
184
185
$active_um_plugins[ $value ] = $paid_extensions[ $value ];
186
$active_um_plugins[ $value ]['license'] = $license;
@@ -204,7 +205,7 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
204
* Check license function
205
*/
206
function um_checklicenses() {
207
- $exts = $this->um_get_active_plugins();
208
209
if ( 0 == count( $exts ) ) {
210
return;
@@ -232,49 +233,68 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
232
}
233
234
$request = wp_remote_post(
235
- 'https://ultimatemember.com/',
236
array(
237
- 'timeout' => 45,
238
'sslverify' => false,
239
'body' => $api_params
240
)
241
);
242
243
- if ( ! is_wp_error( $request ) )
244
$request = json_decode( wp_remote_retrieve_body( $request ) );
245
246
$request = ( $request ) ? maybe_unserialize( $request ) : false;
247
248
if ( $request ) {
249
foreach ( $exts as $slug => $data ) {
250
- if ( ! empty( $request->$slug->license_check ) )
251
update_option( "{$data['key']}_edd_answer", $request->$slug->license_check );
252
253
if ( ! empty( $request->$slug->get_version_check ) ) {
254
255
$request->$slug->get_version_check = json_decode( $request->$slug->get_version_check );
256
257
- if ( ! empty( $request->$slug->get_version_check->package ) )
258
$request->$slug->get_version_check->package = $this->extend_download_url( $request->$slug->get_version_check->package, $slug, $data );
259
260
- if ( ! empty( $request->$slug->get_version_check->download_link ) )
261
$request->$slug->get_version_check->download_link = $this->extend_download_url( $request->$slug->get_version_check->download_link, $slug, $data );
262
263
if ( isset( $request->$slug->get_version_check->sections ) ) {
264
$request->$slug->get_version_check->sections = maybe_unserialize( $request->$slug->get_version_check->sections );
265
- $request->$slug->get_version_check = json_encode( $request->$slug->get_version_check );
266
} else {
267
$request->$slug->get_version_check = new \WP_Error( 'plugins_api_failed',
268
sprintf(
269
/* translators: %s: support forums URL */
270
- __( 'An unexpected error occurred. Something may be wrong with https://ultimatemember.com/ or this server&#8217;s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ),
271
__( 'https://wordpress.org/support/' )
272
),
273
wp_remote_retrieve_body( $request->$slug->get_version_check )
274
);
275
}
276
277
- update_option( "{$data['key']}_version_check_edd_answer", $request->$slug->get_version_check );
278
}
279
}
280
}
@@ -290,31 +310,45 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
290
* @param array $_transient_data plugin update array build by WordPress.
291
* @return \stdClass modified plugin update array.
292
*/
293
- function um_check_update( $_transient_data ) {
294
global $pagenow;
295
296
- if ( ! is_object( $_transient_data ) )
297
$_transient_data = new \stdClass;
298
299
- if ( 'plugins.php' == $pagenow && is_multisite() )
300
return $_transient_data;
301
302
- $exts = $this->um_get_active_plugins();
303
foreach ( $exts as $slug => $data ) {
304
305
$plugin_data = get_plugin_data( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . $slug );
306
307
- //if response for current product isn't empty check for override
308
- if ( ! empty( $_transient_data->response ) && ! empty( $_transient_data->response[ $slug ] ) )
309
- continue;
310
311
- $version_info = get_option( "{$data['key']}_version_check_edd_answer" );
312
- $version_info = json_decode( $version_info );
313
314
if ( false !== $version_info && is_object( $version_info ) && isset( $version_info->new_version ) ) {
315
//show update version block if new version > then current
316
- if ( version_compare( $plugin_data['Version'], $version_info->new_version, '<' ) )
317
$_transient_data->response[ $slug ] = $version_info;
318
319
$_transient_data->last_checked = time();
320
$_transient_data->checked[ $slug ] = $plugin_data['Version'];
@@ -326,6 +360,74 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
326
}
327
328
329
/**
330
* Updates information on the "View version x.x details" popup with custom data.
331
*
@@ -334,27 +436,37 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
334
* @param object $_args
335
* @return object $_data
336
*/
337
- function um_plugins_api_filter( $_data, $_action = '', $_args = null ) {
338
//by default $data = false (from Wordpress)
339
-
340
- if ( $_action != 'plugin_information' )
341
return $_data;
342
343
- $exts = $this->um_get_active_plugins();
344
-
345
foreach ( $exts as $slug => $data ) {
346
- if ( isset( $_args->slug ) && $_args->slug == $slug )
347
- $api_request_transient = get_option( "{$data['key']}_version_check_edd_answer" );
348
}
349
350
//If we have no transient-saved value, run the API, set a fresh transient with the API value, and return that value too right now.
351
- if ( ! empty( $api_request_transient ) ) {
352
- $_data = json_decode( $api_request_transient );
353
}
354
355
- if ( isset( $_data->sections ) )
356
- $_data->sections = (array)$_data->sections;
357
-
358
return $_data;
359
}
360
@@ -405,6 +517,73 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
405
406
return $download_url;
407
}
408
}
409
410
}
25
26
register_deactivation_hook( um_plugin, array( &$this, 'um_plugin_updater_deactivation_hook' ) );
27
28
+ //cron request to UM()->store_url;
29
add_action( 'um_check_extensions_licenses', array( &$this, 'um_checklicenses' ) );
30
31
//update plugin info
32
+ add_filter( 'pre_set_site_transient_update_plugins', array( &$this, 'check_update' ) );
33
34
//plugin information info
35
+ add_filter( 'plugins_api', array( &$this, 'plugin_information' ), 9999, 3 );
36
}
37
38
41
*
42
* @return array
43
*/
44
+ function get_active_plugins() {
45
$paid_extensions = array(
46
'um-bbpress/um-bbpress.php' => array(
47
'key' => 'bbpress',
179
if ( in_array( $value, array_keys( $paid_extensions ) ) ) {
180
$license = UM()->options()->get( "um_{$paid_extensions[ $value ]['key']}_license_key" );
181
182
+ if ( empty( $license ) ) {
183
continue;
184
+ }
185
186
$active_um_plugins[ $value ] = $paid_extensions[ $value ];
187
$active_um_plugins[ $value ]['license'] = $license;
205
* Check license function
206
*/
207
function um_checklicenses() {
208
+ $exts = $this->get_active_plugins();
209
210
if ( 0 == count( $exts ) ) {
211
return;
233
}
234
235
$request = wp_remote_post(
236
+ UM()->store_url,
237
array(
238
+ 'timeout' => UM()->request_timeout,
239
'sslverify' => false,
240
'body' => $api_params
241
)
242
);
243
244
+ if ( ! is_wp_error( $request ) ) {
245
$request = json_decode( wp_remote_retrieve_body( $request ) );
246
+ }
247
248
$request = ( $request ) ? maybe_unserialize( $request ) : false;
249
250
if ( $request ) {
251
foreach ( $exts as $slug => $data ) {
252
+ if ( ! empty( $request->$slug->license_check ) ) {
253
update_option( "{$data['key']}_edd_answer", $request->$slug->license_check );
254
+ }
255
256
if ( ! empty( $request->$slug->get_version_check ) ) {
257
258
$request->$slug->get_version_check = json_decode( $request->$slug->get_version_check );
259
260
+ if ( ! empty( $request->$slug->get_version_check->package ) ) {
261
$request->$slug->get_version_check->package = $this->extend_download_url( $request->$slug->get_version_check->package, $slug, $data );
262
+ }
263
264
+ if ( ! empty( $request->$slug->get_version_check->download_link ) ) {
265
$request->$slug->get_version_check->download_link = $this->extend_download_url( $request->$slug->get_version_check->download_link, $slug, $data );
266
+ }
267
268
if ( isset( $request->$slug->get_version_check->sections ) ) {
269
$request->$slug->get_version_check->sections = maybe_unserialize( $request->$slug->get_version_check->sections );
270
+ $request->$slug->get_version_check->sections = (array) $request->$slug->get_version_check->sections;
271
} else {
272
$request->$slug->get_version_check = new \WP_Error( 'plugins_api_failed',
273
sprintf(
274
/* translators: %s: support forums URL */
275
+ __( 'An unexpected error occurred. Something may be wrong with %s or this server&#8217;s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ),
276
+ UM()->store_url,
277
__( 'https://wordpress.org/support/' )
278
),
279
wp_remote_retrieve_body( $request->$slug->get_version_check )
280
);
281
}
282
283
+ if ( isset( $request->$slug->get_version_check->banners ) ) {
284
+ $request->$slug->get_version_check->banners = maybe_unserialize( $request->$slug->get_version_check->banners );
285
+ }
286
+
287
+ if ( isset( $request->$slug->get_version_check->icons ) ) {
288
+ $request->$slug->get_version_check->icons = maybe_unserialize( $request->$slug->get_version_check->icons );
289
+ }
290
+
291
+ if ( ! empty( $request->$slug->get_version_check->sections ) ) {
292
+ foreach( $request->$slug->get_version_check->sections as $key => $section ) {
293
+ $request->$slug->get_version_check->$key = (array) $section;
294
+ }
295
+ }
296
+
297
+ $this->set_version_info_cache( $slug, $request->$slug->get_version_check );
298
}
299
}
300
}
310
* @param array $_transient_data plugin update array build by WordPress.
311
* @return \stdClass modified plugin update array.
312
*/
313
+ function check_update( $_transient_data ) {
314
global $pagenow;
315
316
+ if ( ! is_object( $_transient_data ) ) {
317
$_transient_data = new \stdClass;
318
+ }
319
320
+ if ( 'plugins.php' == $pagenow && is_multisite() ) {
321
return $_transient_data;
322
+ }
323
+
324
+ $exts = $this->get_active_plugins();
325
326
foreach ( $exts as $slug => $data ) {
327
+ //if response for current product isn't empty check for override
328
+ if ( ! empty( $_transient_data->response ) && ! empty( $_transient_data->response[ $slug ] ) && $_transient_data->last_checked > time() - DAY_IN_SECONDS ) {
329
+ continue;
330
+ }
331
332
$plugin_data = get_plugin_data( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . $slug );
333
334
+ $version_info = $this->get_cached_version_info( $slug );
335
+ if ( false === $version_info ) {
336
+ $version_info = $this->single_request( 'plugin_latest_version', array(
337
+ 'slug' => $slug,
338
+ 'license' => $data['license'],
339
+ 'item_name' => $data['title'],
340
+ 'version' => $plugin_data['Version']
341
+ ) );
342
343
+ $this->set_version_info_cache( $slug, $version_info );
344
+ }
345
346
if ( false !== $version_info && is_object( $version_info ) && isset( $version_info->new_version ) ) {
347
//show update version block if new version > then current
348
+ if ( version_compare( $plugin_data['Version'], $version_info->new_version, '<' ) ) {
349
$_transient_data->response[ $slug ] = $version_info;
350
+ $_transient_data->response[ $slug ]->plugin = $slug;
351
+ }
352
353
$_transient_data->last_checked = time();
354
$_transient_data->checked[ $slug ] = $plugin_data['Version'];
360
}
361
362
363
+
364
+ /**
365
+ * Calls the API and, if successfull, returns the object delivered by the API.
366
+ *
367
+ * @uses get_bloginfo()
368
+ * @uses wp_remote_post()
369
+ * @uses is_wp_error()
370
+ *
371
+ * @param string $_action The requested action.
372
+ * @param array $_data Parameters for the API action.
373
+ * @return false|object
374
+ */
375
+ private function single_request( $_action, $_data ) {
376
+ $api_params = array(
377
+ 'edd_action' => 'get_version',
378
+ 'author' => 'Ultimate Member',
379
+ 'url' => home_url(),
380
+ 'beta' => false,
381
+ );
382
+
383
+ $api_params = array_merge( $api_params, $_data );
384
+
385
+ $request = wp_remote_post(
386
+ UM()->store_url,
387
+ array(
388
+ 'timeout' => UM()->request_timeout,
389
+ 'sslverify' => false,
390
+ 'body' => $api_params
391
+ )
392
+ );
393
+
394
+ if ( ! is_wp_error( $request ) ) {
395
+ $request = json_decode( wp_remote_retrieve_body( $request ) );
396
+ }
397
+
398
+ if ( $request && isset( $request->sections ) ) {
399
+ $request->sections = maybe_unserialize( $request->sections );
400
+ $request->sections = (array) $request->sections;
401
+ } else {
402
+ $request = false;
403
+ }
404
+
405
+ if ( $request && isset( $request->banners ) ) {
406
+ $request->banners = maybe_unserialize( $request->banners );
407
+ }
408
+
409
+ if ( $request && isset( $request->icons ) ) {
410
+ $request->icons = maybe_unserialize( $request->icons );
411
+ }
412
+
413
+ if( ! empty( $request->sections ) ) {
414
+ foreach ( $request->sections as $key => $section ) {
415
+ $request->$key = (array) $section;
416
+ }
417
+ }
418
+
419
+ if ( ! empty( $request->package ) ) {
420
+ $request->package = $this->extend_download_url( $request->package, $_data['slug'], $_data );
421
+ }
422
+
423
+ if ( ! empty( $request->download_link ) ) {
424
+ $request->download_link = $this->extend_download_url( $request->download_link, $_data['slug'], $_data );
425
+ }
426
+
427
+ return $request;
428
+ }
429
+
430
+
431
/**
432
* Updates information on the "View version x.x details" popup with custom data.
433
*
436
* @param object $_args
437
* @return object $_data
438
*/
439
+ function plugin_information( $_data, $_action = '', $_args = null ) {
440
//by default $data = false (from Wordpress)
441
+ if ( $_action != 'plugin_information' ) {
442
return $_data;
443
+ }
444
445
+ $exts = $this->get_active_plugins();
446
foreach ( $exts as $slug => $data ) {
447
+ if ( isset( $_args->slug ) && $_args->slug == $slug ) {
448
+ $api_request_transient = $this->get_cached_version_info( $slug );
449
+
450
+ if ( false === $api_request_transient ) {
451
+ $plugin_data = get_plugin_data( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . $slug );
452
+
453
+ $api_request_transient = $this->single_request( 'plugin_latest_version', array(
454
+ 'slug' => $slug,
455
+ 'license' => $data['license'],
456
+ 'item_name' => $data['title'],
457
+ 'version' => $plugin_data['Version']
458
+ ) );
459
+ $this->set_version_info_cache( $slug, $api_request_transient );
460
+ }
461
+ break;
462
+ }
463
}
464
465
//If we have no transient-saved value, run the API, set a fresh transient with the API value, and return that value too right now.
466
+ if ( isset( $api_request_transient ) ) {
467
+ $_data = $api_request_transient;
468
}
469
470
return $_data;
471
}
472
517
518
return $download_url;
519
}
520
+
521
+
522
+ /**
523
+ * @param $slug
524
+ *
525
+ * @return bool|string
526
+ */
527
+ function get_cache_key( $slug ) {
528
+ $exts = $this->get_active_plugins();
529
+
530
+ if ( empty( $exts[ $slug ] ) ) {
531
+ return false;
532
+ }
533
+
534
+ return 'edd_sl_' . md5( serialize( $slug . $exts[ $slug ]['license'] ) );
535
+ }
536
+
537
+
538
+ /**
539
+ * @param $slug
540
+ *
541
+ * @return array|bool|mixed|object
542
+ */
543
+ function get_cached_version_info( $slug ) {
544
+ $cache_key = $this->get_cache_key( $slug );
545
+ if ( empty( $cache_key ) ) {
546
+ return false;
547
+ }
548
+
549
+ $cache = get_option( $cache_key );
550
+ if ( empty( $cache['timeout'] ) || time() > $cache['timeout'] ) {
551
+ return false; // Cache is expired
552
+ }
553
+
554
+ // We need to turn the icons into an array, thanks to WP Core forcing these into an object at some point.
555
+ $cache['value'] = json_decode( $cache['value'] );
556
+ if ( ! empty( $cache['value']->icons ) ) {
557
+ $cache['value']->icons = (array) $cache['value']->icons;
558
+ }
559
+ if ( ! empty( $cache['value']->sections ) ) {
560
+ $cache['value']->sections = (array) $cache['value']->sections;
561
+ }
562
+ if ( ! empty( $cache['value']->banners ) ) {
563
+ $cache['value']->banners = (array) $cache['value']->banners;
564
+ }
565
+
566
+ return $cache['value'];
567
+ }
568
+
569
+
570
+ /**
571
+ * @param $slug
572
+ * @param string $value
573
+ */
574
+ function set_version_info_cache( $slug, $value = '' ) {
575
+ $cache_key = $this->get_cache_key( $slug );
576
+ if ( empty( $cache_key ) ) {
577
+ return;
578
+ }
579
+
580
+ $data = array(
581
+ 'timeout' => strtotime( '+6 hours', time() ),
582
+ 'value' => json_encode( $value )
583
+ );
584
+
585
+ update_option( $cache_key, $data, 'no' );
586
+ }
587
}
588
589
}
includes/core/class-uploader.php CHANGED
@@ -1151,8 +1151,17 @@ if ( ! class_exists( 'um\core\Uploader' ) ) {
1151
$old_filename = get_user_meta( $user_id, $key, true );
1152
if ( ! empty( $old_filename ) ) {
1153
$file = $user_basedir . DIRECTORY_SEPARATOR . $old_filename;
1154
- if ( file_exists( $file ) ) {
1155
- unlink( $file );
1156
}
1157
}
1158
1151
$old_filename = get_user_meta( $user_id, $key, true );
1152
if ( ! empty( $old_filename ) ) {
1153
$file = $user_basedir . DIRECTORY_SEPARATOR . $old_filename;
1154
+
1155
+ $valid = true;
1156
+ //validate traversal file
1157
+ if ( validate_file( $file ) === 1 ) {
1158
+ $valid = false;
1159
+ }
1160
+
1161
+ if ( $valid ) {
1162
+ if ( file_exists( $file ) && um_is_file_owner( $file, $user_id ) ) {
1163
+ unlink( $file );
1164
+ }
1165
}
1166
}
1167
includes/core/class-validation.php CHANGED
@@ -73,7 +73,7 @@ if ( ! class_exists( 'um\core\Validation' ) ) {
73
}
74
75
//validation of correct values from options in wp-admin
76
- if ( in_array( $fields[ $key ]['type'], array( 'select', 'radio' ) ) &&
77
isset( $value ) && ! empty( $fields[ $key ]['options'] ) &&
78
! in_array( $value, $fields[ $key ]['options'] ) ) {
79
unset( $changes[ $key ] );
@@ -81,7 +81,7 @@ if ( ! class_exists( 'um\core\Validation' ) ) {
81
82
//validation of correct values from options in wp-admin
83
//the user cannot set invalid value in the hidden input at the page
84
- if ( in_array( $fields[ $key ]['type'], array( 'multiselect', 'checkbox' ) ) &&
85
isset( $value ) && ! empty( $fields[ $key ]['options'] ) ) {
86
87
$changes[ $key ] = array_intersect( $value, $fields[ $key ]['options'] );
73
}
74
75
//validation of correct values from options in wp-admin
76
+ if ( in_array( $fields[ $key ]['type'], array( 'select' ) ) &&
77
isset( $value ) && ! empty( $fields[ $key ]['options'] ) &&
78
! in_array( $value, $fields[ $key ]['options'] ) ) {
79
unset( $changes[ $key ] );
81
82
//validation of correct values from options in wp-admin
83
//the user cannot set invalid value in the hidden input at the page
84
+ if ( in_array( $fields[ $key ]['type'], array( 'multiselect', 'checkbox', 'radio' ) ) &&
85
isset( $value ) && ! empty( $fields[ $key ]['options'] ) ) {
86
87
$changes[ $key ] = array_intersect( $value, $fields[ $key ]['options'] );
includes/core/um-actions-profile.php CHANGED
@@ -247,7 +247,7 @@ function um_user_edit_profile( $args ) {
247
}
248
249
//validation of correct values from options in wp-admin
250
- if ( in_array( $array['type'], array( 'select', 'radio' ) ) &&
251
isset( $args['submitted'][ $key ] ) && ! empty( $array['options'] ) &&
252
! in_array( $args['submitted'][ $key ], $array['options'] ) ) {
253
continue;
@@ -255,7 +255,7 @@ function um_user_edit_profile( $args ) {
255
256
//validation of correct values from options in wp-admin
257
//the user cannot set invalid value in the hidden input at the page
258
- if ( in_array( $array['type'], array( 'multiselect', 'checkbox' ) ) &&
259
isset( $args['submitted'][ $key ] ) && ! empty( $array['options'] ) ) {
260
261
$args['submitted'][ $key ] = array_intersect( $args['submitted'][ $key ], $array['options'] );
@@ -267,11 +267,15 @@ function um_user_edit_profile( $args ) {
267
268
if ( isset( $args['submitted'][ $key ] ) ) {
269
270
- if ( isset( $array['type'] ) && in_array( $array['type'], array( 'image', 'file' ) ) &&
271
- ( /*um_is_file_owner( UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $args['submitted'][ $key ], um_user( 'ID' ) ) ||*/
272
- um_is_temp_file( $args['submitted'][ $key ] ) || $args['submitted'][ $key ] == 'empty_file' ) ) {
273
274
- $files[ $key ] = $args['submitted'][ $key ];
275
276
} else {
277
if ( $array['type'] == 'password' ) {
@@ -461,6 +465,9 @@ function um_user_edit_profile( $args ) {
461
add_action( 'um_user_edit_profile', 'um_user_edit_profile', 10 );
462
463
464
/**
465
* Leave roles for User, which are not in the list of update profile (are default WP or 3rd plugins roles)
466
*
247
}
248
249
//validation of correct values from options in wp-admin
250
+ if ( in_array( $array['type'], array( 'select' ) ) &&
251
isset( $args['submitted'][ $key ] ) && ! empty( $array['options'] ) &&
252
! in_array( $args['submitted'][ $key ], $array['options'] ) ) {
253
continue;
255
256
//validation of correct values from options in wp-admin
257
//the user cannot set invalid value in the hidden input at the page
258
+ if ( in_array( $array['type'], array( 'multiselect', 'checkbox', 'radio' ) ) &&
259
isset( $args['submitted'][ $key ] ) && ! empty( $array['options'] ) ) {
260
261
$args['submitted'][ $key ] = array_intersect( $args['submitted'][ $key ], $array['options'] );
267
268
if ( isset( $args['submitted'][ $key ] ) ) {
269
270
+ if ( isset( $array['type'] ) && in_array( $array['type'], array( 'image', 'file' ) ) ) {
271
272
+ if ( /*um_is_file_owner( UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $args['submitted'][ $key ], um_user( 'ID' ) ) ||*/ um_is_temp_file( $args['submitted'][ $key ] ) || $args['submitted'][ $key ] == 'empty_file' ) {
273
+ $files[ $key ] = $args['submitted'][ $key ];
274
+ } elseif( um_is_file_owner( UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $args['submitted'][ $key ], um_user( 'ID' ) ) ) {
275
+ /*$files[ $key ] = 'empty_file';*/
276
+ } else {
277
+ $files[ $key ] = 'empty_file';
278
+ }
279
280
} else {
281
if ( $array['type'] == 'password' ) {
465
add_action( 'um_user_edit_profile', 'um_user_edit_profile', 10 );
466
467
468
+ add_filter( 'um_user_pre_updating_files_array', array( UM()->validation(), 'validate_files' ), 10, 1 );
469
+ add_filter( 'um_before_save_filter_submitted', array( UM()->validation(), 'validate_fields_values' ), 10, 2 );
470
+
471
/**
472
* Leave roles for User, which are not in the list of update profile (are default WP or 3rd plugins roles)
473
*
includes/core/um-actions-register.php CHANGED
@@ -602,7 +602,7 @@ function um_registration_save_files( $user_id, $args ) {
602
603
foreach ( $fields as $key => $array ) {
604
605
- if ( isset( $args['submitted'][$key] ) ) {
606
607
if ( isset( $fields[ $key ]['type'] ) && in_array( $fields[ $key ]['type'], array( 'image', 'file' ) ) &&
608
( um_is_temp_file( $args['submitted'][ $key ] ) || $args['submitted'][ $key ] == 'empty_file' )
602
603
foreach ( $fields as $key => $array ) {
604
605
+ if ( isset( $args['submitted'][ $key ] ) ) {
606
607
if ( isset( $fields[ $key ]['type'] ) && in_array( $fields[ $key ]['type'], array( 'image', 'file' ) ) &&
608
( um_is_temp_file( $args['submitted'][ $key ] ) || $args['submitted'][ $key ] == 'empty_file' )
includes/core/um-filters-fields.php CHANGED
@@ -658,14 +658,38 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
658
$value = stripslashes( $value );
659
$data['validate'] = isset( $data['validate'] ) ? $data['validate'] : '';
660
661
- if( 'text' == $type && ! in_array( $data['validate'], array( 'unique_email' ) ) || 'password' == $type ) {
662
$value = esc_attr( $value );
663
- } elseif( $type == 'url' ) {
664
$value = esc_url( $value );
665
} elseif ( 'textarea' == $type ) {
666
if ( empty( $data['html'] ) ) {
667
$value = wp_kses_post( $value );
668
}
669
}
670
}
671
658
$value = stripslashes( $value );
659
$data['validate'] = isset( $data['validate'] ) ? $data['validate'] : '';
660
661
+ if ( 'text' == $type && ! in_array( $data['validate'], array( 'unique_email' ) ) || 'password' == $type ) {
662
$value = esc_attr( $value );
663
+ } elseif ( $type == 'url' ) {
664
$value = esc_url( $value );
665
} elseif ( 'textarea' == $type ) {
666
if ( empty( $data['html'] ) ) {
667
$value = wp_kses_post( $value );
668
}
669
+ } elseif ( 'rating' == $type ) {
670
+ if ( ! is_numeric( $value ) ) {
671
+ $value = 0;
672
+ } else {
673
+ if ( $data['number'] == 5 ) {
674
+ if ( ! in_array( $value, range( 1, 5 ) ) ) {
675
+ $value = 0;
676
+ }
677
+ } elseif ( $data['number'] == 10 ) {
678
+ if ( ! in_array( $value, range( 1, 10 ) ) ) {
679
+ $value = 0;
680
+ }
681
+ }
682
+ }
683
+ } elseif ( 'select' == $type || 'radio' == $type ) {
684
+ if ( ! empty( $data['options'] ) && ! in_array( $value, $data['options'] ) ) {
685
+ $value = '';
686
+ }
687
+ }
688
+ } elseif ( ! empty( $value ) ) {
689
+ if ( 'multiselect' == $type || 'checkbox' == $type ) {
690
+ if ( ! empty( $data['options'] ) && is_array( $value ) ) {
691
+ $value = array_intersect( $value, $data['options'] );
692
+ }
693
}
694
}
695
languages/ultimate-member-en_US.mo CHANGED
Binary file
languages/ultimate-member-en_US.po CHANGED
@@ -1,8 +1,8 @@
1
msgid ""
2
msgstr ""
3
"Project-Id-Version: Ultimate Member\n"
4
- "POT-Creation-Date: 2019-05-08 17:47+0300\n"
5
- "PO-Revision-Date: 2019-05-08 17:47+0300\n"
6
"Last-Translator: \n"
7
"Language-Team: \n"
8
"Language: en_US\n"
@@ -21,7 +21,7 @@ msgstr ""
21
"X-Poedit-SearchPath-0: .\n"
22
"X-Poedit-SearchPathExcluded-0: *.js\n"
23
24
- #: includes/admin/class-admin-functions.php:35 includes/class-functions.php:30
25
msgid "Wrong Nonce"
26
msgstr ""
27
@@ -268,7 +268,7 @@ msgstr ""
268
#: includes/admin/core/class-admin-forms.php:951
269
#: includes/admin/core/class-admin-forms.php:960
270
#: includes/admin/core/class-admin-notices.php:390
271
- #: includes/core/um-actions-profile.php:592
272
msgid "Remove"
273
msgstr ""
274
@@ -3615,11 +3615,11 @@ msgstr ""
3615
#: includes/admin/templates/modal/fonticons.php:11
3616
#: includes/admin/templates/role/publish.php:24
3617
#: includes/core/class-fields.php:2333 includes/core/class-fields.php:2430
3618
- #: includes/core/um-actions-profile.php:593
3619
- #: includes/core/um-actions-profile.php:732
3620
- #: includes/core/um-actions-profile.php:765
3621
- #: includes/core/um-actions-profile.php:1110
3622
#: includes/core/um-actions-profile.php:1117
3623
msgid "Cancel"
3624
msgstr ""
3625
@@ -3982,7 +3982,7 @@ msgid "Members"
3982
msgstr ""
3983
3984
#: includes/class-config.php:133 includes/class-config.php:745
3985
- #: includes/core/um-actions-profile.php:1116
3986
#: includes/core/um-actions-user.php:15
3987
msgid "Logout"
3988
msgstr ""
@@ -4399,7 +4399,7 @@ msgid "Cover Photo"
4399
msgstr ""
4400
4401
#: includes/core/class-builtin.php:1085
4402
- #: includes/core/um-actions-profile.php:555
4403
msgid "Change your cover photo"
4404
msgstr ""
4405
@@ -6369,7 +6369,7 @@ msgid "Upload Photo"
6369
msgstr ""
6370
6371
#: includes/core/class-fields.php:2308 includes/core/class-fields.php:2332
6372
- #: includes/core/um-actions-profile.php:763
6373
msgid "Change photo"
6374
msgstr ""
6375
@@ -6404,35 +6404,35 @@ msgstr ""
6404
msgid "This user has not added any information to their profile yet."
6405
msgstr ""
6406
6407
- #: includes/core/class-files.php:271
6408
msgid "Invalid parameters"
6409
msgstr ""
6410
6411
- #: includes/core/class-files.php:276
6412
msgid "Invalid coordinates"
6413
msgstr ""
6414
6415
- #: includes/core/class-files.php:281
6416
msgid "Invalid file ownership"
6417
msgstr ""
6418
6419
- #: includes/core/class-files.php:336
6420
msgid "Invalid nonce"
6421
msgstr ""
6422
6423
- #: includes/core/class-files.php:358 includes/core/class-files.php:445
6424
msgid "A theme or plugin compatibility issue"
6425
msgstr ""
6426
6427
- #: includes/core/class-files.php:988
6428
msgid "Ultimate Member: Not a valid temp file"
6429
msgstr ""
6430
6431
- #: includes/core/class-files.php:1116
6432
msgid "Invalid user ID: "
6433
msgstr ""
6434
6435
- #: includes/core/class-files.php:1125 includes/core/class-files.php:1153
6436
msgid "Unauthorized to do this attempt."
6437
msgstr ""
6438
@@ -6492,15 +6492,15 @@ msgid "This activation link is expired or have already been used."
6492
msgstr ""
6493
6494
#. translators: %s: support forums URL
6495
- #: includes/core/class-plugin-updater.php:270
6496
#, php-format
6497
msgid ""
6498
- "An unexpected error occurred. Something may be wrong with https://"
6499
- "ultimatemember.com/ or this server&#8217;s configuration. If you continue to "
6500
- "have problems, please try the <a href=\"%s\">support forums</a>."
6501
msgstr ""
6502
6503
- #: includes/core/class-plugin-updater.php:271
6504
msgid "https://wordpress.org/support/"
6505
msgstr ""
6506
@@ -6949,42 +6949,42 @@ msgstr ""
6949
msgid "You are not allowed to edit this user."
6950
msgstr ""
6951
6952
- #: includes/core/um-actions-profile.php:279
6953
#, php-format
6954
msgid "Your choosed %s"
6955
msgstr ""
6956
6957
- #: includes/core/um-actions-profile.php:591
6958
msgid "Change cover photo"
6959
msgstr ""
6960
6961
- #: includes/core/um-actions-profile.php:634
6962
msgid "Upload a cover photo"
6963
msgstr ""
6964
6965
- #: includes/core/um-actions-profile.php:731
6966
msgid "Upload photo"
6967
msgstr ""
6968
6969
- #: includes/core/um-actions-profile.php:764
6970
msgid "Remove photo"
6971
msgstr ""
6972
6973
- #: includes/core/um-actions-profile.php:928
6974
msgid "Tell us a bit about yourself..."
6975
msgstr ""
6976
6977
- #: includes/core/um-actions-profile.php:944
6978
#, php-format
6979
msgid "This user account status is %s"
6980
msgstr ""
6981
6982
- #: includes/core/um-actions-profile.php:1083
6983
- #: includes/core/um-actions-profile.php:1114
6984
msgid "Edit Profile"
6985
msgstr ""
6986
6987
- #: includes/core/um-actions-profile.php:1115
6988
msgid "My Account"
6989
msgstr ""
6990
1
msgid ""
2
msgstr ""
3
"Project-Id-Version: Ultimate Member\n"
4
+ "POT-Creation-Date: 2019-05-10 20:47+0300\n"
5
+ "PO-Revision-Date: 2019-05-10 20:47+0300\n"
6
"Last-Translator: \n"
7
"Language-Team: \n"
8
"Language: en_US\n"
21
"X-Poedit-SearchPath-0: .\n"
22
"X-Poedit-SearchPathExcluded-0: *.js\n"
23
24
+ #: includes/admin/class-admin-functions.php:35 includes/class-functions.php:45
25
msgid "Wrong Nonce"
26
msgstr ""
27
268
#: includes/admin/core/class-admin-forms.php:951
269
#: includes/admin/core/class-admin-forms.php:960
270
#: includes/admin/core/class-admin-notices.php:390
271
+ #: includes/core/um-actions-profile.php:599
272
msgid "Remove"
273
msgstr ""
274
3615
#: includes/admin/templates/modal/fonticons.php:11
3616
#: includes/admin/templates/role/publish.php:24
3617
#: includes/core/class-fields.php:2333 includes/core/class-fields.php:2430
3618
+ #: includes/core/um-actions-profile.php:600
3619
+ #: includes/core/um-actions-profile.php:739
3620
+ #: includes/core/um-actions-profile.php:772
3621
#: includes/core/um-actions-profile.php:1117
3622
+ #: includes/core/um-actions-profile.php:1124
3623
msgid "Cancel"
3624
msgstr ""
3625
3982
msgstr ""
3983
3984
#: includes/class-config.php:133 includes/class-config.php:745
3985
+ #: includes/core/um-actions-profile.php:1123
3986
#: includes/core/um-actions-user.php:15
3987
msgid "Logout"
3988
msgstr ""
4399
msgstr ""
4400
4401
#: includes/core/class-builtin.php:1085
4402
+ #: includes/core/um-actions-profile.php:562
4403
msgid "Change your cover photo"
4404
msgstr ""
4405
6369
msgstr ""
6370
6371
#: includes/core/class-fields.php:2308 includes/core/class-fields.php:2332
6372
+ #: includes/core/um-actions-profile.php:770
6373
msgid "Change photo"
6374
msgstr ""
6375
6404
msgid "This user has not added any information to their profile yet."
6405
msgstr ""
6406
6407
+ #: includes/core/class-files.php:281
6408
msgid "Invalid parameters"
6409
msgstr ""
6410
6411
+ #: includes/core/class-files.php:286
6412
msgid "Invalid coordinates"
6413
msgstr ""
6414
6415
+ #: includes/core/class-files.php:291
6416
msgid "Invalid file ownership"
6417
msgstr ""
6418
6419
+ #: includes/core/class-files.php:346
6420
msgid "Invalid nonce"
6421
msgstr ""
6422
6423
+ #: includes/core/class-files.php:368 includes/core/class-files.php:454
6424
msgid "A theme or plugin compatibility issue"
6425
msgstr ""
6426
6427
+ #: includes/core/class-files.php:997
6428
msgid "Ultimate Member: Not a valid temp file"
6429
msgstr ""
6430
6431
+ #: includes/core/class-files.php:1125
6432
msgid "Invalid user ID: "
6433
msgstr ""
6434
6435
+ #: includes/core/class-files.php:1134 includes/core/class-files.php:1162
6436
msgid "Unauthorized to do this attempt."
6437
msgstr ""
6438
6492
msgstr ""
6493
6494
#. translators: %s: support forums URL
6495
+ #: includes/core/class-plugin-updater.php:275
6496
#, php-format
6497
msgid ""
6498
+ "An unexpected error occurred. Something may be wrong with %s or this "
6499
+ "server&#8217;s configuration. If you continue to have problems, please try "
6500
+ "the <a href=\"%s\">support forums</a>."
6501
msgstr ""
6502
6503
+ #: includes/core/class-plugin-updater.php:277
6504
msgid "https://wordpress.org/support/"
6505
msgstr ""
6506
6949
msgid "You are not allowed to edit this user."
6950
msgstr ""
6951
6952
+ #: includes/core/um-actions-profile.php:283
6953
#, php-format
6954
msgid "Your choosed %s"
6955
msgstr ""
6956
6957
+ #: includes/core/um-actions-profile.php:598
6958
msgid "Change cover photo"
6959
msgstr ""
6960
6961
+ #: includes/core/um-actions-profile.php:641
6962
msgid "Upload a cover photo"
6963
msgstr ""
6964
6965
+ #: includes/core/um-actions-profile.php:738
6966
msgid "Upload photo"
6967
msgstr ""
6968
6969
+ #: includes/core/um-actions-profile.php:771
6970
msgid "Remove photo"
6971
msgstr ""
6972
6973
+ #: includes/core/um-actions-profile.php:935
6974
msgid "Tell us a bit about yourself..."
6975
msgstr ""
6976
6977
+ #: includes/core/um-actions-profile.php:951
6978
#, php-format
6979
msgid "This user account status is %s"
6980
msgstr ""
6981
6982
+ #: includes/core/um-actions-profile.php:1090
6983
+ #: includes/core/um-actions-profile.php:1121
6984
msgid "Edit Profile"
6985
msgstr ""
6986
6987
+ #: includes/core/um-actions-profile.php:1122
6988
msgid "My Account"
6989
msgstr ""
6990
readme.txt CHANGED
@@ -6,7 +6,7 @@ Donate link:
6
Tags: community, member, membership, user-profile, user-registration
7
Requires at least: 4.9
8
Tested up to: 5.2
9
- Stable tag: 2.0.45
10
License: GNU Version 2 or Any Later Version
11
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
12
@@ -133,6 +133,13 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
133
134
= Important: UM2.0+ is a significant update to the code base from 1.3.88. Please make sure you take a full-site backup with restore point before updating the plugin =
135
136
= 2.0.45: May 08, 2019 =
137
138
* Bugfixes:
6
Tags: community, member, membership, user-profile, user-registration
7
Requires at least: 4.9
8
Tested up to: 5.2
9
+ Stable tag: 2.0.46
10
License: GNU Version 2 or Any Later Version
11
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
12
133
134
= Important: UM2.0+ is a significant update to the code base from 1.3.88. Please make sure you take a full-site backup with restore point before updating the plugin =
135
136
+ = 2.0.46: May 10, 2019 =
137
+
138
+ * Bugfixes:
139
+ - Fixed extensions' upgrader
140
+ - Security vulnerabilities on Profile/Registration submit and file/images uploading
141
+ - Fixed session clean on logout
142
+
143
= 2.0.45: May 08, 2019 =
144
145
* Bugfixes:
ultimate-member.php CHANGED
@@ -3,7 +3,7 @@
3
Plugin Name: Ultimate Member
4
Plugin URI: http://ultimatemember.com/
5
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
6
- Version: 2.0.45
7
Author: Ultimate Member
8
Author URI: http://ultimatemember.com/
9
Text Domain: ultimate-member
3
Plugin Name: Ultimate Member
4
Plugin URI: http://ultimatemember.com/
5
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
6
+ Version: 2.0.46
7
Author: Ultimate Member
8
Author URI: http://ultimatemember.com/
9
Text Domain: ultimate-member