Import Export WordPress Users and WooCommerce Customers

Version Description

Security fix.

Release Info

Developer	webtoffee
Plugin	Import Export WordPress Users and WooCommerce Customers
Version	1.3.8
Comparing to
See all releases

Code changes from version 1.3.7 to 1.3.8

Files changed (9) hide show

includes/class-wf-customerimpexpcsv-admin-screen.php +1 -3
includes/class-wf-customerimpexpcsv-ajax-handler.php +5 -0
includes/class-wt-security-helper.php +176 -0
includes/exporter/class-wf-customerimpexpcsv-exporter.php +4 -4
includes/importer/class-wf-customerimpexpcsv-customer-import.php +8 -17
includes/settings/class-wf-customerimpexpcsv-settings.php +0 -17
readme.txt +3 -1
temp-import.csv +0 -0
users-customers-import-export-for-wp-woocommerce.php +15 -23

includes/class-wf-customerimpexpcsv-admin-screen.php CHANGED Viewed

	@@ -58,9 +58,7 @@ class WF_CustomerImpExpCsv_Admin_Screen {
58
59	if (!empty($_GET['tab'])) {
60	if ($_GET['tab'] == 'import') {
61	- $tab = 'import';
62	- } else if ($_GET['tab'] == 'settings') {
63	- $tab = 'settings';
64	} else if ($_GET['tab'] == 'help') {
65	$tab = 'help';
66	}


58
59	if (!empty($_GET['tab'])) {
60	if ($_GET['tab'] == 'import') {
61	+ $tab = 'import';


62	} else if ($_GET['tab'] == 'help') {
63	$tab = 'help';
64	}

includes/class-wf-customerimpexpcsv-ajax-handler.php CHANGED Viewed

	@@ -16,6 +16,11 @@ class WF_CustomerImpExpCsv_AJAX_Handler {
16	* Ajax event for importing a CSV
17	*/
18	public function csv_customer_import_request() {





19	define( 'WP_LOAD_IMPORTERS', true );
20	WF_CustomerImpExpCsv_Importer::customer_importer();
21	}


16	* Ajax event for importing a CSV
17	*/
18	public function csv_customer_import_request() {
19	+
20	+ if (!wp_verify_nonce($_POST['nonce'], WF_CUSTOMER_IMP_EXP_ID) && !WF_Customer_Import_Export_CSV::hf_user_permission()) {
21	+ wp_die(__('Access Denied', 'users-customers-import-export-for-wp-woocommerce'));
22	+ }
23	+
24	define( 'WP_LOAD_IMPORTERS', true );
25	WF_CustomerImpExpCsv_Importer::customer_importer();
26	}

includes/class-wt-security-helper.php ADDED Viewed

	@@ -0,0 +1,176 @@


1	+ <?php
2	+
3	+ /**
4	+ * Webtoffee Security Library
5	+ *
6	+ * Includes Data sanitization, Access checking
7	+ * @author WebToffee <info@webtoffee.com>
8	+ */
9	+
10	+ if(!class_exists('Wt_WUWCIEP_Security_helper'))
11	+ {
12	+
13	+ class Wt_WUWCIEP_Security_helper //Wt_Security_Helper
14	+ {
15	+
16	+ /**
17	+ * Data sanitization function.
18	+ *
19	+ * @param mixed $val value to sanitize
20	+ * @param string $key array key in the validation rule
21	+ * @param array $validation_rule array of validation rules. Eg: array('field_key' => array('type' => 'textarea'))
22	+ * @return mixed sanitized value
23	+ */
24	+ public static function sanitize_data($val, $key, $validation_rule = array())
25	+ {
26	+ if(isset($validation_rule[$key]) && is_array($validation_rule[$key])) /* rule declared/exists */
27	+ {
28	+ if(isset($validation_rule[$key]['type']))
29	+ {
30	+ $val = self::sanitize_item($val, $validation_rule[$key]['type']);
31	+ }
32	+ }else //if no rule is specified then it will be treated as text
33	+ {
34	+ $val = self::sanitize_item($val, 'text');
35	+ }
36	+ return $val;
37	+ }
38	+
39	+
40	+ /**
41	+ * Sanitize individual data item
42	+ *
43	+ * @param mixed $val value to sanitize
44	+ * @param string $type value type
45	+ * @return mixed sanitized value
46	+ */
47	+ public static function sanitize_item($val, $type='')
48	+ {
49	+ switch ($type)
50	+ {
51	+ case 'text':
52	+ $val = sanitize_text_field($val);
53	+ break;
54	+ case 'text_arr':
55	+ $val = self::sanitize_arr($val);
56	+ break;
57	+ case 'url':
58	+ $val = esc_url_raw($val);
59	+ break;
60	+ case 'url_arr':
61	+ $val = self::sanitize_arr($val, 'url');
62	+ break;
63	+ case 'textarea':
64	+ $val=sanitize_textarea_field($val);
65	+ break;
66	+ case 'int':
67	+ $val = intval($val);
68	+ break;
69	+ case 'int_arr':
70	+ $val = self::sanitize_arr($val, 'int');
71	+ break;
72	+ case 'float':
73	+ $val = floatval($val);
74	+ break;
75	+ case 'post_content':
76	+ $val = wp_kses_post($val);
77	+ break;
78	+ default:
79	+ $val = sanitize_text_field($val);
80	+ }
81	+
82	+ return $val;
83	+ }
84	+
85	+ /**
86	+ * Recursive array sanitization function
87	+ *
88	+ * @param mixed $arr value to sanitize
89	+ * @param string $type value type
90	+ * @return mixed sanitized value
91	+ */
92	+ public static function sanitize_arr($arr, $type = 'text')
93	+ {
94	+ if(is_array($arr))
95	+ {
96	+ $out = array();
97	+ foreach($arr as $k=>$arrv)
98	+ {
99	+ if(is_array($arrv))
100	+ {
101	+ $out[$k] = self::sanitize_arr($arrv, $type);
102	+ }else
103	+ {
104	+ $out[$k] = self::sanitize_item($arrv, $type);
105	+ }
106	+ }
107	+ return $out;
108	+ }else
109	+ {
110	+ return self::sanitize_item($arr, $type);
111	+ }
112	+ }
113	+
114	+ /**
115	+ * User accessibility. Function checks user logged in status, nonce and role access.
116	+ *
117	+ * @param string $plugin_id unique plugin id. Note: This id is used as an identifier in filter name so please use characters allowed in filters
118	+ * @param string $nonce_id Nonce id. If not specified then uses plugin id
119	+ * @return boolean if user allowed or not
120	+ */
121	+ public static function check_write_access($plugin_id, $nonce_id = '')
122	+ {
123	+ $er = true;
124	+
125	+ if(!is_user_logged_in()) //checks user is logged in
126	+ {
127	+ $er = false;
128	+ }
129	+
130	+ if($er === true) //no error then proceed
131	+ {
132	+ $nonce = (isset($_REQUEST['_wpnonce']) ? sanitize_text_field($_REQUEST['_wpnonce']) : '');
133	+ $nonce = (is_array($nonce) ? $nonce[0] : $nonce); //in some cases multiple nonces are declared
134	+ $nonce_id = ($nonce_id == "" ? $plugin_id : $nonce_id); //if nonce id not provided then uses plugin id as nonce id
135	+
136	+ if(!(wp_verify_nonce($nonce, $nonce_id))) //verifying nonce
137	+ {
138	+ $er = false;
139	+ }else
140	+ {
141	+ if(!self::check_role_access($plugin_id)) //Check user role
142	+ {
143	+ $er = false;
144	+ }
145	+ }
146	+ }
147	+ return $er;
148	+ }
149	+
150	+
151	+ /**
152	+ * Checks if user role has access
153	+ *
154	+ * @param string $plugin_id unique plugin id. Note: This id is used as an identifier in filter name so please use characters allowed in filters
155	+ * @return boolean if user allowed or not
156	+ */
157	+ public static function check_role_access($plugin_id)
158	+ {
159	+ $roles = array('manage_options');
160	+ $roles = apply_filters('wt_'.$plugin_id.'_alter_role_access', $roles); //dynamic filter based on plugin id to alter roles
161	+ $roles = (!is_array($roles) ? array() : $roles);
162	+ $is_allowed = false;
163	+
164	+ foreach($roles as $role) //loop through roles
165	+ {
166	+ if(current_user_can($role))
167	+ {
168	+ $is_allowed = true;
169	+ break;
170	+ }
171	+ }
172	+ return $is_allowed;
173	+ }
174	+
175	+ }
176	+ }

includes/exporter/class-wf-customerimpexpcsv-exporter.php CHANGED Viewed

	@@ -15,10 +15,10 @@ class WF_CustomerImpExpCsv_Exporter {
15	$export_limit = !empty($_POST['limit']) ? intval($_POST['limit']) : 999999999;
16	$export_offset = !empty($_POST['offset']) ? intval($_POST['offset']) : 0;
17	$csv_columns = include( 'data/data-wf-post-columns.php' );
18	- $user_columns_name = !empty($_POST['columns_name']) ? $_POST['columns_name'] : $csv_columns;
19	- $export_columns = !empty($_POST['columns']) ? $_POST['columns'] : array();
20	- $export_user_roles = !empty($_POST['user_roles']) ? $_POST['user_roles'] : array();
21	- $delimiter = !empty($_POST['delimiter']) ? $_POST['delimiter'] : ',';
22
23	$wpdb->hide_errors();
24	@set_time_limit(0);


15	$export_limit = !empty($_POST['limit']) ? intval($_POST['limit']) : 999999999;
16	$export_offset = !empty($_POST['offset']) ? intval($_POST['offset']) : 0;
17	$csv_columns = include( 'data/data-wf-post-columns.php' );
18	+ $user_columns_name = !empty($_POST['columns_name']) ? Wt_WUWCIEP_Security_helper::sanitize_item($_POST['columns_name'], 'text_arr') : $csv_columns;
19	+ $export_columns = !empty($_POST['columns']) ? Wt_WUWCIEP_Security_helper::sanitize_item($_POST['columns'], 'text_arr') : array();
20	+ $export_user_roles = !empty($_POST['user_roles']) ? Wt_WUWCIEP_Security_helper::sanitize_item($_POST['user_roles'], 'text_arr') : array();
21	+ $delimiter = !empty($_POST['delimiter']) ? stripslashes($_POST['delimiter']) : ',';
22
23	$wpdb->hide_errors();
24	@set_time_limit(0);

includes/importer/class-wf-customerimpexpcsv-customer-import.php CHANGED Viewed

	@@ -76,9 +76,9 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
76	check_admin_referer('import-upload');
77
78	if (!empty($_GET['file_url']))
79	- $this->file_url = ~~esc_attr~~($_GET['file_url']);
80	if (!empty($_GET['file_id']))
81	- $this->id = $_GET['file_id'];
82
83	if (!empty($_GET['clearmapping']) \|\| $this->handle_upload())
84	$this->import_options();
	@@ -93,7 +93,7 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
93	$this->id = (int) $_POST['import_id'];
94
95	if ($this->file_url_import_enabled)
96	- $this->file_url = ~~esc_attr~~($_POST['import_url']);
97
98	if ($this->id)
99	$file = get_attached_file($this->id);
	@@ -138,6 +138,7 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
138	file: '<?php echo addslashes($file); ?>',
139	start_pos: start_pos,
140	end_pos: end_pos,

141	};
142	return $.ajax({
143	url: '<?php echo add_query_arg(array('import_page' => $this->import_page, 'step' => '3'), admin_url('admin-ajax.php')); ?>',
	@@ -233,6 +234,7 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
233	action: 'user_csv_import_request',
234	file: '<?php echo $file; ?>',
235	processed_posts: processed_posts,

236	};
237	$.ajax({
238	url: '<?php echo add_query_arg(array('import_page' => $this->import_page, 'step' => '4'), admin_url('admin-ajax.php')); ?>',
	@@ -252,12 +254,7 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
252	echo '<p class="error">' . __('Error finding uploaded file!', 'users-customers-import-export-for-wp-woocommerce') . '</p>';
253	}
254	break;
255	- case 3 :
256	- // Check access - cannot use nonce here as it will expire after multiple requests
257	- if (function_exists('WC')) {
258	- if (!current_user_can('manage_woocommerce'))
259	- die();
260	- }
261	add_filter('http_request_timeout', array($this, 'bump_request_timeout'));
262
263	if (function_exists('gc_enable'))
	@@ -286,11 +283,6 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
286	exit;
287	break;
288	case 4 :
289	- // Check access - cannot use nonce here as it will expire after multiple requests
290	- if (function_exists('WC')) {
291	- if (!current_user_can('manage_woocommerce'))
292	- die();
293	- }
294	add_filter('http_request_timeout', array($this, 'bump_request_timeout'));
295	if (function_exists('gc_enable'))
296	gc_enable();
	@@ -300,7 +292,7 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
300	@flush();
301	$wpdb->hide_errors();
302
303	- $this->processed_posts = isset($_POST['processed_posts']) ? $_POST['processed_posts'] : array();
304
305	_e('Step 1...', 'users-customers-import-export-for-wp-woocommerce') . ' ';
306
	@@ -423,7 +415,6 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
423	if ($this->log)
424	$this->hf_log_data_change('user-csv-import', __('Finished parsing users CSV.', 'users-customers-import-export-for-wp-woocommerce'));
425
426	- unset($import_data);
427	wp_defer_term_counting(true);
428	wp_defer_comment_counting(true);
429
	@@ -464,7 +455,7 @@ class WF_CustomerImpExpCsv_Customer_Import extends WP_Importer {
464	return true;
465	} else {
466	if (file_exists(ABSPATH . $_POST['file_url'])) {
467	- $this->file_url = ~~esc_attr~~($_POST['file_url']);
468	return true;
469	} else {
470	echo '<p><strong>' . __('Sorry, there has been an error.', 'users-customers-import-export-for-wp-woocommerce') . '</strong></p>';


76	check_admin_referer('import-upload');
77
78	if (!empty($_GET['file_url']))
79	+ $this->file_url = Wt_WUWCIEP_Security_helper::sanitize_item($_GET['file_url'], 'url');
80	if (!empty($_GET['file_id']))
81	+ $this->id = Wt_WUWCIEP_Security_helper::sanitize_item($_GET['file_id'], 'int');
82
83	if (!empty($_GET['clearmapping']) \|\| $this->handle_upload())
84	$this->import_options();

93	$this->id = (int) $_POST['import_id'];
94
95	if ($this->file_url_import_enabled)
96	+ $this->file_url = Wt_WUWCIEP_Security_helper::sanitize_item($_POST['import_url'], 'url');
97
98	if ($this->id)
99	$file = get_attached_file($this->id);

138	file: '<?php echo addslashes($file); ?>',
139	start_pos: start_pos,
140	end_pos: end_pos,
141	+ nonce : '<?php echo wp_create_nonce( WF_CUSTOMER_IMP_EXP_ID )?>',
142	};
143	return $.ajax({
144	url: '<?php echo add_query_arg(array('import_page' => $this->import_page, 'step' => '3'), admin_url('admin-ajax.php')); ?>',

234	action: 'user_csv_import_request',
235	file: '<?php echo $file; ?>',
236	processed_posts: processed_posts,
237	+ nonce : '<?php echo wp_create_nonce( WF_CUSTOMER_IMP_EXP_ID )?>',
238	};
239	$.ajax({
240	url: '<?php echo add_query_arg(array('import_page' => $this->import_page, 'step' => '4'), admin_url('admin-ajax.php')); ?>',

254	echo '<p class="error">' . __('Error finding uploaded file!', 'users-customers-import-export-for-wp-woocommerce') . '</p>';
255	}
256	break;
257	+ case 3 :





258	add_filter('http_request_timeout', array($this, 'bump_request_timeout'));
259
260	if (function_exists('gc_enable'))

283	exit;
284	break;
285	case 4 :





286	add_filter('http_request_timeout', array($this, 'bump_request_timeout'));
287	if (function_exists('gc_enable'))
288	gc_enable();

292	@flush();
293	$wpdb->hide_errors();
294
295	+ $this->processed_posts = isset($_POST['processed_posts']) ? Wt_WUWCIEP_Security_helper::sanitize_item($_POST['processed_posts'], 'int_arr') : array();
296
297	_e('Step 1...', 'users-customers-import-export-for-wp-woocommerce') . ' ';
298

415	if ($this->log)
416	$this->hf_log_data_change('user-csv-import', __('Finished parsing users CSV.', 'users-customers-import-export-for-wp-woocommerce'));
417

418	wp_defer_term_counting(true);
419	wp_defer_comment_counting(true);
420

455	return true;
456	} else {
457	if (file_exists(ABSPATH . $_POST['file_url'])) {
458	+ $this->file_url = Wt_WUWCIEP_Security_helper::sanitize_item($_POST['file_url'], 'url');
459	return true;
460	} else {
461	echo '<p><strong>' . __('Sorry, there has been an error.', 'users-customers-import-export-for-wp-woocommerce') . '</strong></p>';

includes/settings/class-wf-customerimpexpcsv-settings.php DELETED Viewed

@@ -1,17 +0,0 @@
-            -
            <?php
-            -
-            -
            if (!defined('ABSPATH')) {
-            -
                exit;
-            -
            }
-            -
-            -
            class WF_CustomerImpExpCsv_Settings {
-            -
-            -
                /**
-            -
                 * User Exporter Tool
-            -
                 */
-            -
                public static function save_settings() {
-            -
                    wp_redirect(admin_url('/admin.php?page=' . HF_WORDPRESS_CUSTOMER_IM_EX . '&tab=settings'));
-            -
                    exit;
-            -
                }
-            -
-            -
            }

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.webtoffee.com/plugins/
4	Tags: user import, user export, export customers, import customers, export users to csv, import users from csv, woocommerce export customers, export import users, woocommerce import customers, woocommerce export customer email
5	Requires at least: 3.0.1
6	Tested up to: 5.3.2
7	- Stable tag: 1.3.7
8	License: GPLv3
9	License URI: http://www.gnu.org/licenses/gpl-3.0.html
10
	@@ -158,6 +158,8 @@ By default, admin and store manager are given access to export users. Please vis
158
159	== Changelog ==
160


161	= 1.3.7 =
162	* Tested OK with WC 3.9.2
163	* Improvement:-Password hashed before import based on 'wt_hashed' column in csv.


4	Tags: user import, user export, export customers, import customers, export users to csv, import users from csv, woocommerce export customers, export import users, woocommerce import customers, woocommerce export customer email
5	Requires at least: 3.0.1
6	Tested up to: 5.3.2
7	+ Stable tag: 1.3.8
8	License: GPLv3
9	License URI: http://www.gnu.org/licenses/gpl-3.0.html
10

158
159	== Changelog ==
160
161	+ = 1.3.8 =
162	+ * Security fix.
163	= 1.3.7 =
164	* Tested OK with WC 3.9.2
165	* Improvement:-Password hashed before import based on 'wt_hashed' column in csv.

temp-import.csv CHANGED Viewed

File without changes

users-customers-import-export-for-wp-woocommerce.php CHANGED Viewed

	@@ -6,7 +6,7 @@
6	Description: Export and Import User/Customers details From and To your WordPress/WooCommerce.
7	Author: WebToffee
8	Author URI: https://www.webtoffee.com/product/wordpress-users-woocommerce-customers-import-export/
9	- Version: 1.3.7
10	WC tested up to: 3.9.2
11	Text Domain: users-customers-import-export-for-wp-woocommerce
12	License: GPLv3
	@@ -24,7 +24,7 @@ function wf_wordpress_user_import_export_premium_check(){
24	if ( is_plugin_active('customer-import-export-for-woocommerce/customer-import-export.php') ){
25	deactivate_plugins( basename( __FILE__ ) );
26	wp_die(__("You already have the Premium version installed. For any issues, kindly contact our <a target='_blank' href='https://www.webtoffee.com/support/'>support</a>.", "users-customers-import-export-for-wp-woocommerce"), "", array('back_link' => 1 ));
27	- }
28	}
29	register_activation_hook( __FILE__, 'wf_wordpress_user_import_export_premium_check' );
30
	@@ -36,7 +36,7 @@ if( !defined('WF_CUSTOMER_IMP_EXP_ID') )
36
37	if( !defined('WF_CUSTOMER_IMP_EXP_VERSION') )
38	{
39	- define("WF_CUSTOMER_IMP_EXP_VERSION", "1.3.7");
40	}
41
42
	@@ -66,7 +66,6 @@ if (!class_exists('WF_Customer_Import_Export_CSV')) :
66	add_filter('plugin_action_links_' . plugin_basename(__FILE__), array($this, 'wf_plugin_action_links'));
67	add_action('init', array($this, 'load_plugin_textdomain'));
68	add_action('init', array($this, 'catch_export_request'), 20);
69	- add_action('init', array($this, 'catch_save_settings'), 20);
70	add_action('admin_init', array($this, 'register_importers'));
71
72	add_filter('admin_footer_text', array($this, 'WT_admin_footer_text'), 100);
	@@ -81,6 +80,8 @@ if (!class_exists('WF_Customer_Import_Export_CSV')) :
81	include_once( 'includes/importer/class-wf-customerimpexpcsv-importer.php' );
82
83	include_once ('includes/class-wt-userimport-uninstall-feedback.php');


84
85	if (defined('DOING_AJAX')) {
86	include_once( 'includes/class-wf-customerimpexpcsv-ajax-handler.php' );
	@@ -125,7 +126,7 @@ if (!class_exists('WF_Customer_Import_Export_CSV')) :
125	if (!empty($_GET['action']) && !empty($_GET['page']) && $_GET['page'] == 'hf_wordpress_customer_im_ex') {
126	switch ($_GET['action']) {
127	case "export" :
128	- $user_ok = ~~$this->~~hf_user_permission();
129	if ($user_ok) {
130	include_once( 'includes/exporter/class-wf-customerimpexpcsv-exporter.php' );
131	WF_CustomerImpExpCsv_Exporter::do_export();
	@@ -145,16 +146,6 @@ if (!class_exists('WF_Customer_Import_Export_CSV')) :
145	echo '<div class="notice notice-error"><p>' . __('By default, admin and store manager are given access to export users. Please visit <a href="https://www.webtoffee.com/how-to-export-items-from-your-site-without-user-role-restriction/" target="_blank">here</a> for more details', 'users-customers-import-export-for-wp-woocommerce') . '</p></div>';
146	}
147
148	- public function catch_save_settings() {
149	- if (!empty($_GET['action']) && !empty($_GET['page']) && $_GET['page'] == 'hf_wordpress_customer_im_ex') {
150	- switch ($_GET['action']) {
151	- case "settings" :
152	- include_once( 'includes/settings/class-wf-customerimpexpcsv-settings.php' );
153	- WF_CustomerImpExpCsv_Settings::save_settings();
154	- break;
155	- }
156	- }
157	- }
158
159	/**
160	* Register importers for use
	@@ -163,7 +154,7 @@ if (!class_exists('WF_Customer_Import_Export_CSV')) :
163	register_importer('wordpress_hf_user_csv', 'WordPress User/Customers (CSV)', __('Import <strong>users/customers</strong> to your site via a csv file.', 'users-customers-import-export-for-wp-woocommerce'), 'WF_CustomerImpExpCsv_Importer::customer_importer');
164	}
165
166	- ~~private~~ function hf_user_permission() {
167	// Check if user has rights to export
168	$current_user = wp_get_current_user();
169	$current_user->roles = apply_filters('hf_add_user_roles', $current_user->roles);
	@@ -217,9 +208,10 @@ if (!class_exists('WF_Customer_Import_Export_CSV')) :
217	}
218
219	public function WT_admin_footer_text($footer_text) {
220	- // ~~if (!current_user_can('editor') \|\| !current_user_can('administrator')) {~~
221	- ~~// return~~ ~~$footer_text;~~
222	- ~~// }~~

223	$screen = get_current_screen();
224	$allowed_screen_ids = array('users_page_hf_wordpress_customer_im_ex');
225	if (in_array($screen->id, $allowed_screen_ids) \|\| (isset($_GET['import']) && $_GET['import'] == 'wordpress_hf_user_csv')) {
	@@ -245,12 +237,12 @@ if (!class_exists('WF_Customer_Import_Export_CSV')) :
245	}
246
247	public function review_plugin() {
248	- // if (!~~current_user_can~~(~~'administrator'~~)) {
249	- // wp_die(-1);
250	- // }
251	update_option('ucie_wt_plugin_reviewed', 1);
252	wp_die();
253	- }
254
255	}
256


6	Description: Export and Import User/Customers details From and To your WordPress/WooCommerce.
7	Author: WebToffee
8	Author URI: https://www.webtoffee.com/product/wordpress-users-woocommerce-customers-import-export/
9	+ Version: 1.3.8
10	WC tested up to: 3.9.2
11	Text Domain: users-customers-import-export-for-wp-woocommerce
12	License: GPLv3

24	if ( is_plugin_active('customer-import-export-for-woocommerce/customer-import-export.php') ){
25	deactivate_plugins( basename( __FILE__ ) );
26	wp_die(__("You already have the Premium version installed. For any issues, kindly contact our <a target='_blank' href='https://www.webtoffee.com/support/'>support</a>.", "users-customers-import-export-for-wp-woocommerce"), "", array('back_link' => 1 ));
27	+ }
28	}
29	register_activation_hook( __FILE__, 'wf_wordpress_user_import_export_premium_check' );
30

36
37	if( !defined('WF_CUSTOMER_IMP_EXP_VERSION') )
38	{
39	+ define("WF_CUSTOMER_IMP_EXP_VERSION", "1.3.8");
40	}
41
42

66	add_filter('plugin_action_links_' . plugin_basename(__FILE__), array($this, 'wf_plugin_action_links'));
67	add_action('init', array($this, 'load_plugin_textdomain'));
68	add_action('init', array($this, 'catch_export_request'), 20);

69	add_action('admin_init', array($this, 'register_importers'));
70
71	add_filter('admin_footer_text', array($this, 'WT_admin_footer_text'), 100);

80	include_once( 'includes/importer/class-wf-customerimpexpcsv-importer.php' );
81
82	include_once ('includes/class-wt-userimport-uninstall-feedback.php');
83	+ // WT Security Helper
84	+ include_once ('includes/class-wt-security-helper.php');
85
86	if (defined('DOING_AJAX')) {
87	include_once( 'includes/class-wf-customerimpexpcsv-ajax-handler.php' );

126	if (!empty($_GET['action']) && !empty($_GET['page']) && $_GET['page'] == 'hf_wordpress_customer_im_ex') {
127	switch ($_GET['action']) {
128	case "export" :
129	+ $user_ok = self::hf_user_permission();
130	if ($user_ok) {
131	include_once( 'includes/exporter/class-wf-customerimpexpcsv-exporter.php' );
132	WF_CustomerImpExpCsv_Exporter::do_export();

146	echo '<div class="notice notice-error"><p>' . __('By default, admin and store manager are given access to export users. Please visit <a href="https://www.webtoffee.com/how-to-export-items-from-your-site-without-user-role-restriction/" target="_blank">here</a> for more details', 'users-customers-import-export-for-wp-woocommerce') . '</p></div>';
147	}
148










149
150	/**
151	* Register importers for use

154	register_importer('wordpress_hf_user_csv', 'WordPress User/Customers (CSV)', __('Import <strong>users/customers</strong> to your site via a csv file.', 'users-customers-import-export-for-wp-woocommerce'), 'WF_CustomerImpExpCsv_Importer::customer_importer');
155	}
156
157	+ public static function hf_user_permission() {
158	// Check if user has rights to export
159	$current_user = wp_get_current_user();
160	$current_user->roles = apply_filters('hf_add_user_roles', $current_user->roles);

208	}
209
210	public function WT_admin_footer_text($footer_text) {
211	+
212	+ if (!self::hf_user_permission()) {
213	+ return $footer_text;
214	+ }
215	$screen = get_current_screen();
216	$allowed_screen_ids = array('users_page_hf_wordpress_customer_im_ex');
217	if (in_array($screen->id, $allowed_screen_ids) \|\| (isset($_GET['import']) && $_GET['import'] == 'wordpress_hf_user_csv')) {

237	}
238
239	public function review_plugin() {
240	+ if (!self::hf_user_permission()) {
241	+ wp_die(-1);
242	+ }
243	update_option('ucie_wt_plugin_reviewed', 1);
244	wp_die();
245	+ }
246
247	}
248

Import Export WordPress Users and WooCommerce Customers - Version 1.3.8

Version Description

Release Info

Code changes from version 1.3.7 to 1.3.8