Version Description
- 20.07.2012
- SQL-injection vulnerability was found and fixed. Thanks to DDave for reporting it, look this thread for the details.
Download this release
Release Info
| Developer | shinephp |
| Plugin |  User Role Editor |
| Version | 3.7.2 |
| Comparing to | |
| See all releases | |
Code changes from version 3.7.1 to 3.7.2
- readme.txt +6 -2
- ure-lib.php +1 -1
- user-role-editor.php +1 -1
readme.txt
CHANGED
|
@@ -3,8 +3,8 @@ Contributors: shinephp
|
|
| 3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=vladimir%40shinephp%2ecom&lc=RU&item_name=ShinePHP%2ecom&item_number=User%20Role%20Editor%20WordPress%20plugin¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
| 4 |
Tags: user, role, editor, security, access, permission, capability
|
| 5 |
Requires at least: 3.0
|
| 6 |
-
Tested up to: 3.4
|
| 7 |
-
Stable tag:
|
| 8 |
|
| 9 |
User Role Editor WordPress plugin makes the role capabilities changing easy. You can change any standard WordPress user role (except administrator).
|
| 10 |
|
|
@@ -83,6 +83,10 @@ Share with me new ideas about plugin further development and link to your site w
|
|
| 83 |
|
| 84 |
|
| 85 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
| 86 |
= 3.7.1 =
|
| 87 |
* 25.06.2012
|
| 88 |
* Bug fix for "Fatal error: Call to a member function get_role() on a non-object in .../wp-content/plugins/user-role-editor/user-role-editor.php on line 185"
|
| 3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=vladimir%40shinephp%2ecom&lc=RU&item_name=ShinePHP%2ecom&item_number=User%20Role%20Editor%20WordPress%20plugin¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
| 4 |
Tags: user, role, editor, security, access, permission, capability
|
| 5 |
Requires at least: 3.0
|
| 6 |
+
Tested up to: 3.4.1
|
| 7 |
+
Stable tag: trunk
|
| 8 |
|
| 9 |
User Role Editor WordPress plugin makes the role capabilities changing easy. You can change any standard WordPress user role (except administrator).
|
| 10 |
|
| 83 |
|
| 84 |
|
| 85 |
== Changelog ==
|
| 86 |
+
= 3.7.2 =
|
| 87 |
+
* 20.07.2012
|
| 88 |
+
* SQL-injection vulnerability was found and fixed. Thanks to DDave for reporting it, look this [thread](http://shinephp.com/community/topic/little-bug-in-ure_has_administrator_role#post-819) for the details.
|
| 89 |
+
|
| 90 |
= 3.7.1 =
|
| 91 |
* 25.06.2012
|
| 92 |
* Bug fix for "Fatal error: Call to a member function get_role() on a non-object in .../wp-content/plugins/user-role-editor/user-role-editor.php on line 185"
|
ure-lib.php
CHANGED
|
@@ -52,7 +52,7 @@ function ure_logEvent($message, $showMessage = false) {
|
|
| 52 |
function ure_has_administrator_role($user_id) {
|
| 53 |
global $wpdb, $ure_userToCheck;
|
| 54 |
|
| 55 |
-
if (
|
| 56 |
return false;
|
| 57 |
}
|
| 58 |
|
| 52 |
function ure_has_administrator_role($user_id) {
|
| 53 |
global $wpdb, $ure_userToCheck;
|
| 54 |
|
| 55 |
+
if (empty($user_id) || !is_numeric($user_id)) {
|
| 56 |
return false;
|
| 57 |
}
|
| 58 |
|
user-role-editor.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: User Role Editor
|
| 4 |
Plugin URI: http://www.shinephp.com/user-role-editor-wordpress-plugin/
|
| 5 |
Description: It allows you to change/add/delete any WordPress user role (except administrator) capabilities list with a few clicks.
|
| 6 |
-
Version: 3.7.
|
| 7 |
Author: Vladimir Garagulya
|
| 8 |
Author URI: http://www.shinephp.com
|
| 9 |
Text Domain: ure
|
| 3 |
Plugin Name: User Role Editor
|
| 4 |
Plugin URI: http://www.shinephp.com/user-role-editor-wordpress-plugin/
|
| 5 |
Description: It allows you to change/add/delete any WordPress user role (except administrator) capabilities list with a few clicks.
|
| 6 |
+
Version: 3.7.2
|
| 7 |
Author: Vladimir Garagulya
|
| 8 |
Author URI: http://www.shinephp.com
|
| 9 |
Text Domain: ure
|
