Version Description
- Dev - Removed the 'manage_woocommerce' capability when add tracking to orders
Download this release
Release Info
| Developer | zorem |
| Plugin |  Advanced Shipment Tracking for WooCommerce |
| Version | 3.2.8 |
| Comparing to | |
| See all releases | |
Code changes from version 3.2.7 to 3.2.8
includes/class-wc-advanced-shipment-tracking.php
CHANGED
|
@@ -524,10 +524,6 @@ class WC_Advanced_Shipment_Tracking_Actions {
|
|
| 524 |
*/
|
| 525 |
public function get_meta_box_items_ajax() {
|
| 526 |
|
| 527 |
-
if ( ! current_user_can( 'manage_woocommerce' ) ) {
|
| 528 |
-
exit( 'You are not allowed' );
|
| 529 |
-
}
|
| 530 |
-
|
| 531 |
check_ajax_referer( 'get-tracking-item', 'security', true );
|
| 532 |
|
| 533 |
$order_id = isset( $_POST['order_id'] ) ? wc_clean( $_POST['order_id'] ) : '';
|
|
@@ -587,10 +583,6 @@ class WC_Advanced_Shipment_Tracking_Actions {
|
|
| 587 |
*/
|
| 588 |
public function save_meta_box( $post_id, $post ) {
|
| 589 |
|
| 590 |
-
if ( ! current_user_can( 'manage_woocommerce' ) ) {
|
| 591 |
-
exit( 'You are not allowed' );
|
| 592 |
-
}
|
| 593 |
-
|
| 594 |
// Check the nonce.
|
| 595 |
if ( empty( $_POST['woocommerce_meta_nonce'] ) || ! wp_verify_nonce( wp_unslash( wc_clean( $_POST['woocommerce_meta_nonce'] ) ), 'woocommerce_save_data' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
|
| 596 |
return;
|
|
@@ -637,10 +629,6 @@ class WC_Advanced_Shipment_Tracking_Actions {
|
|
| 637 |
*/
|
| 638 |
public function save_meta_box_ajax() {
|
| 639 |
|
| 640 |
-
if ( ! current_user_can( 'manage_woocommerce' ) ) {
|
| 641 |
-
exit( 'You are not allowed' );
|
| 642 |
-
}
|
| 643 |
-
|
| 644 |
check_ajax_referer( 'create-tracking-item', 'security', true );
|
| 645 |
|
| 646 |
$tracking_provider = isset( $_POST['tracking_provider'] ) ? wc_clean( $_POST['tracking_provider'] ) : '';
|
|
@@ -693,10 +681,6 @@ class WC_Advanced_Shipment_Tracking_Actions {
|
|
| 693 |
*/
|
| 694 |
public function save_inline_tracking_number() {
|
| 695 |
|
| 696 |
-
if ( ! current_user_can( 'manage_woocommerce' ) ) {
|
| 697 |
-
exit( 'You are not allowed' );
|
| 698 |
-
}
|
| 699 |
-
|
| 700 |
check_ajax_referer( 'wc_ast_inline_tracking_form', 'wc_ast_inline_tracking_form_nonce' );
|
| 701 |
|
| 702 |
$tracking_provider = isset( $_POST['tracking_provider'] ) ? wc_clean( $_POST['tracking_provider'] ) : '';
|
|
@@ -737,10 +721,6 @@ class WC_Advanced_Shipment_Tracking_Actions {
|
|
| 737 |
*/
|
| 738 |
public function meta_box_delete_tracking() {
|
| 739 |
|
| 740 |
-
if ( ! current_user_can( 'manage_woocommerce' ) ) {
|
| 741 |
-
exit( 'You are not allowed' );
|
| 742 |
-
}
|
| 743 |
-
|
| 744 |
check_ajax_referer( 'delete-tracking-item', 'security' );
|
| 745 |
|
| 746 |
$order_id = isset( $_POST['order_id'] ) ? wc_clean( $_POST['order_id'] ) : '';
|
| 524 |
*/
|
| 525 |
public function get_meta_box_items_ajax() {
|
| 526 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 527 |
check_ajax_referer( 'get-tracking-item', 'security', true );
|
| 528 |
|
| 529 |
$order_id = isset( $_POST['order_id'] ) ? wc_clean( $_POST['order_id'] ) : '';
|
| 583 |
*/
|
| 584 |
public function save_meta_box( $post_id, $post ) {
|
| 585 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 586 |
// Check the nonce.
|
| 587 |
if ( empty( $_POST['woocommerce_meta_nonce'] ) || ! wp_verify_nonce( wp_unslash( wc_clean( $_POST['woocommerce_meta_nonce'] ) ), 'woocommerce_save_data' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
|
| 588 |
return;
|
| 629 |
*/
|
| 630 |
public function save_meta_box_ajax() {
|
| 631 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 632 |
check_ajax_referer( 'create-tracking-item', 'security', true );
|
| 633 |
|
| 634 |
$tracking_provider = isset( $_POST['tracking_provider'] ) ? wc_clean( $_POST['tracking_provider'] ) : '';
|
| 681 |
*/
|
| 682 |
public function save_inline_tracking_number() {
|
| 683 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 684 |
check_ajax_referer( 'wc_ast_inline_tracking_form', 'wc_ast_inline_tracking_form_nonce' );
|
| 685 |
|
| 686 |
$tracking_provider = isset( $_POST['tracking_provider'] ) ? wc_clean( $_POST['tracking_provider'] ) : '';
|
| 721 |
*/
|
| 722 |
public function meta_box_delete_tracking() {
|
| 723 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 724 |
check_ajax_referer( 'delete-tracking-item', 'security' );
|
| 725 |
|
| 726 |
$order_id = isset( $_POST['order_id'] ) ? wc_clean( $_POST['order_id'] ) : '';
|
readme.txt
CHANGED
|
@@ -112,6 +112,9 @@ Yes, if you use external shipping services that work with the WooCommerce REST A
|
|
| 112 |
|
| 113 |
== Changelog ==
|
| 114 |
|
|
|
|
|
|
|
|
|
|
| 115 |
= 3.2.7 =
|
| 116 |
* Dev - Improve code security
|
| 117 |
|
| 112 |
|
| 113 |
== Changelog ==
|
| 114 |
|
| 115 |
+
= 3.2.8 =
|
| 116 |
+
* Dev - Removed the 'manage_woocommerce' capability when add tracking to orders
|
| 117 |
+
|
| 118 |
= 3.2.7 =
|
| 119 |
* Dev - Improve code security
|
| 120 |
|
woocommerce-advanced-shipment-tracking.php
CHANGED
|
@@ -4,13 +4,13 @@
|
|
| 4 |
* Plugin Name: Advanced Shipment Tracking for WooCommerce
|
| 5 |
* Plugin URI: https://www.zorem.com/products/woocommerce-advanced-shipment-tracking/
|
| 6 |
* Description: Add shipment tracking information to your WooCommerce orders and provide customers with an easy way to track their orders. Shipment tracking Info will appear in customers accounts (in the order panel) and in WooCommerce order complete email.
|
| 7 |
-
* Version: 3.2.
|
| 8 |
* Author: zorem
|
| 9 |
* Author URI: https://www.zorem.com
|
| 10 |
* License: GPL-2.0+
|
| 11 |
* License URI:
|
| 12 |
* Text Domain: woo-advanced-shipment-tracking
|
| 13 |
-
* WC tested up to: 5.5.
|
| 14 |
*/
|
| 15 |
|
| 16 |
class Zorem_Woocommerce_Advanced_Shipment_Tracking {
|
|
@@ -20,7 +20,7 @@ class Zorem_Woocommerce_Advanced_Shipment_Tracking {
|
|
| 20 |
*
|
| 21 |
* @var string
|
| 22 |
*/
|
| 23 |
-
public $version = '3.2.
|
| 24 |
|
| 25 |
/**
|
| 26 |
* Initialize the main plugin function
|
|
@@ -574,8 +574,8 @@ class Zorem_Woocommerce_Advanced_Shipment_Tracking {
|
|
| 574 |
/*
|
| 575 |
* Functon for reassign order status on plugin deactivation
|
| 576 |
*/
|
| 577 |
-
public function reassign_order_status() {
|
| 578 |
-
|
| 579 |
check_ajax_referer( 'ast_reassign_order_status', 'ast_reassign_order_status_nonce' );
|
| 580 |
|
| 581 |
$reassign_delivered_order = isset( $_POST['reassign_delivered_order'] ) ? wc_clean( $_POST['reassign_delivered_order'] ) : '';
|
| 4 |
* Plugin Name: Advanced Shipment Tracking for WooCommerce
|
| 5 |
* Plugin URI: https://www.zorem.com/products/woocommerce-advanced-shipment-tracking/
|
| 6 |
* Description: Add shipment tracking information to your WooCommerce orders and provide customers with an easy way to track their orders. Shipment tracking Info will appear in customers accounts (in the order panel) and in WooCommerce order complete email.
|
| 7 |
+
* Version: 3.2.8
|
| 8 |
* Author: zorem
|
| 9 |
* Author URI: https://www.zorem.com
|
| 10 |
* License: GPL-2.0+
|
| 11 |
* License URI:
|
| 12 |
* Text Domain: woo-advanced-shipment-tracking
|
| 13 |
+
* WC tested up to: 5.5.2
|
| 14 |
*/
|
| 15 |
|
| 16 |
class Zorem_Woocommerce_Advanced_Shipment_Tracking {
|
| 20 |
*
|
| 21 |
* @var string
|
| 22 |
*/
|
| 23 |
+
public $version = '3.2.8';
|
| 24 |
|
| 25 |
/**
|
| 26 |
* Initialize the main plugin function
|
| 574 |
/*
|
| 575 |
* Functon for reassign order status on plugin deactivation
|
| 576 |
*/
|
| 577 |
+
public function reassign_order_status() {
|
| 578 |
+
|
| 579 |
check_ajax_referer( 'ast_reassign_order_status', 'ast_reassign_order_status_nonce' );
|
| 580 |
|
| 581 |
$reassign_delivered_order = isset( $_POST['reassign_delivered_order'] ) ? wc_clean( $_POST['reassign_delivered_order'] ) : '';
|
