WP User Avatar - Version 3.1.10

Version Description

Fixed issue where bulk delete wasn't working in some cases.
Scoped wp_list actions to manage_options capability.
Fixed typos in admin setting and My Account pages.
Fixed broken member directory admin page design.
Improved sanitization and escaping of data.
Added file upload field support to profile-cpf shortcode.
Added missing bio support to profile-hide-empty-data shortcode.
Fixed bug where profileslug + slash in a post slug redirected to homepage.
Fixed bug where custom processing labels didn't work for password reset forms.

Release Info

Developer	Collizo4sky
Plugin	WP User Avatar
Version	3.1.10
Comparing to
See all releases

Code changes from version 3.1.9 to 3.1.10

Files changed (16) hide show

changelog.txt +2 -1
languages/wp-user-avatar.pot +5 -5
readme.txt +4 -3
src/Admin/SettingsPages/AddNewForm.php +2 -1
src/Admin/SettingsPages/FormList.php +4 -4
src/Admin/SettingsPages/MailOptin.php +2 -2
src/Classes/AjaxHandler.php +2 -2
src/Classes/EditUserProfile.php +2 -2
src/Functions/GlobalFunctions.php +1 -1
src/ShortcodeParser/Builder/GlobalShortcodes.php +2 -2
vendor/autoload.php +1 -1
vendor/composer/InstalledVersions.php +2 -2
vendor/composer/autoload_real.php +7 -7
vendor/composer/autoload_static.php +4 -4
vendor/composer/installed.php +2 -2
wp-user-avatar.php +2 -2

changelog.txt CHANGED Viewed

	@@ -1,7 +1,8 @@
1	- = 3.1.9 =
2	* Fixed issue where bulk delete wasn't working in some cases.
3	* Scoped wp_list actions to manage_options capability.
4	* Fixed typos in admin setting and My Account pages.

5	* Improved sanitization and escaping of data.
6	* Added file upload field support to profile-cpf shortcode.
7	* Added missing bio support to profile-hide-empty-data shortcode.


1	+ = 3.1.10 =
2	* Fixed issue where bulk delete wasn't working in some cases.
3	* Scoped wp_list actions to manage_options capability.
4	* Fixed typos in admin setting and My Account pages.
5	+ * Fixed broken member directory admin page design.
6	* Improved sanitization and escaping of data.
7	* Added file upload field support to profile-cpf shortcode.
8	* Added missing bio support to profile-hide-empty-data shortcode.

languages/wp-user-avatar.pot CHANGED Viewed

	@@ -2,9 +2,9 @@
2	# This file is distributed under the same license as the ProfilePress package.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: ProfilePress 3.1.9\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-user-avatar\n"
7	- "POT-Creation-Date: 2021-07-04 11:58:20+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"
	@@ -506,7 +506,7 @@ msgstr ""
506	msgid "Upgrade to Premium"
507	msgstr ""
508
509	- #: src/Admin/SettingsPages/AddNewForm.php:~~123~~
510	msgid "Back to Overview"
511	msgstr ""
512
	@@ -5415,9 +5415,9 @@ msgstr ""
5415	msgid "ProfilePress"
5416	msgstr ""
5417
5418	- #. #-#-#-#-# wp-user-avatar.pot (ProfilePress 3.1.9) #-#-#-#-#
5419	#. Plugin URI of the plugin/theme
5420	- #. #-#-#-#-# wp-user-avatar.pot (ProfilePress 3.1.9) #-#-#-#-#
5421	#. Author URI of the plugin/theme
5422	msgid "https://profilepress.net"
5423	msgstr ""


2	# This file is distributed under the same license as the ProfilePress package.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: ProfilePress 3.1.10\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-user-avatar\n"
7	+ "POT-Creation-Date: 2021-07-04 18:15:27+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"

506	msgid "Upgrade to Premium"
507	msgstr ""
508
509	+ #: src/Admin/SettingsPages/AddNewForm.php:124
510	msgid "Back to Overview"
511	msgstr ""
512

5415	msgid "ProfilePress"
5416	msgstr ""
5417
5418	+ #. #-#-#-#-# wp-user-avatar.pot (ProfilePress 3.1.10) #-#-#-#-#
5419	#. Plugin URI of the plugin/theme
5420	+ #. #-#-#-#-# wp-user-avatar.pot (ProfilePress 3.1.10) #-#-#-#-#
5421	#. Author URI of the plugin/theme
5422	msgid "https://profilepress.net"
5423	msgstr ""

readme.txt CHANGED Viewed

	@@ -5,7 +5,7 @@ Tags: user registration, user profile, registration form, membership, login form
5	Requires at least: 4.7
6	Requires PHP: 5.6
7	Tested up to: 5.7
8	- Stable tag: 3.1.9
9	License: GPLv2 or later
10
11	Modern membership plugin for user registration, login form, user profile, member directories & content restriction.
	@@ -117,15 +117,16 @@ No. You can create and manage your forms, user profiles and member directories w
117
118	== Changelog ==
119
120	- = 3.1.9 =
121	* Fixed issue where bulk delete wasn't working in some cases.
122	* Scoped wp_list actions to manage_options capability.
123	* Fixed typos in admin setting and My Account pages.

124	* Improved sanitization and escaping of data.
125	* Added file upload field support to profile-cpf shortcode.
126	* Added missing bio support to profile-hide-empty-data shortcode.
127	* Fixed bug where profileslug + slash in a post slug redirected to homepage.
128	- * Fixed bug where custom processing labels ~~wasn’~~t ~~working~~ for password reset forms.
129
130	= 3.1.8 =
131	* Fixed issue with global site access not correctly working.


5	Requires at least: 4.7
6	Requires PHP: 5.6
7	Tested up to: 5.7
8	+ Stable tag: 3.1.10
9	License: GPLv2 or later
10
11	Modern membership plugin for user registration, login form, user profile, member directories & content restriction.

117
118	== Changelog ==
119
120	+ = 3.1.10 =
121	* Fixed issue where bulk delete wasn't working in some cases.
122	* Scoped wp_list actions to manage_options capability.
123	* Fixed typos in admin setting and My Account pages.
124	+ * Fixed broken member directory admin page design.
125	* Improved sanitization and escaping of data.
126	* Added file upload field support to profile-cpf shortcode.
127	* Added missing bio support to profile-hide-empty-data shortcode.
128	* Fixed bug where profileslug + slash in a post slug redirected to homepage.
129	+ * Fixed bug where custom processing labels didn't work for password reset forms.
130
131	= 3.1.8 =
132	* Fixed issue with global site access not correctly working.

src/Admin/SettingsPages/AddNewForm.php CHANGED Viewed

	@@ -96,11 +96,12 @@ class AddNewForm extends AbstractSettingsPage
96
97
98	if (in_array($_GET['page'], [PPRESS_MEMBER_DIRECTORIES_SLUG])) {
99	-
100	AjaxHandler::get_instance()->get_forms_by_builder_type(
101	FormRepository::MEMBERS_DIRECTORY_TYPE,
102	'dragDropBuilder'
103	);

104	}
105	}
106


96
97
98	if (in_array($_GET['page'], [PPRESS_MEMBER_DIRECTORIES_SLUG])) {
99	+ echo '<div class="pp-add-new-form-wrapper">';
100	AjaxHandler::get_instance()->get_forms_by_builder_type(
101	FormRepository::MEMBERS_DIRECTORY_TYPE,
102	'dragDropBuilder'
103	);
104	+ echo '</div>';
105	}
106	}
107

src/Admin/SettingsPages/FormList.php CHANGED Viewed

	@@ -137,12 +137,12 @@ class FormList extends \WP_List_Table
137	);
138	}
139
140	- return ~~esc_url~~($url);
141	}
142
143	public static function delete_url($form_id, $form_type)
144	{
145	- return ~~esc_url~~(admin_url(
146	sprintf(
147	'admin.php?page=pp-forms&action=delete&form_type=%s&id=%d&_wpnonce=%s',
148	sanitize_text_field($form_type),
	@@ -154,7 +154,7 @@ class FormList extends \WP_List_Table
154
155	public static function clone_url($form_id, $form_type)
156	{
157	- return ~~esc_url~~(admin_url(
158	sprintf(
159	'admin.php?page=pp-forms&action=clone&form_type=%s&id=%d&_wpnonce=%s',
160	sanitize_text_field($form_type),
	@@ -166,7 +166,7 @@ class FormList extends \WP_List_Table
166
167	public static function preview_url($form_id, $form_type)
168	{
169	- return ~~esc_url~~(add_query_arg(['pp_preview_form' => $form_id, 'type' => $form_type], home_url()));
170	}
171
172	/**


137	);
138	}
139
140	+ return esc_url_raw($url);
141	}
142
143	public static function delete_url($form_id, $form_type)
144	{
145	+ return esc_url_raw(admin_url(
146	sprintf(
147	'admin.php?page=pp-forms&action=delete&form_type=%s&id=%d&_wpnonce=%s',
148	sanitize_text_field($form_type),

154
155	public static function clone_url($form_id, $form_type)
156	{
157	+ return esc_url_raw(admin_url(
158	sprintf(
159	'admin.php?page=pp-forms&action=clone&form_type=%s&id=%d&_wpnonce=%s',
160	sanitize_text_field($form_type),

166
167	public static function preview_url($form_id, $form_type)
168	{
169	+ return esc_url_raw(add_query_arg(['pp_preview_form' => $form_id, 'type' => $form_type], home_url()));
170	}
171
172	/**

src/Admin/SettingsPages/MailOptin.php CHANGED Viewed

	@@ -213,7 +213,7 @@ class MailOptin
213	),
214	)
215	),
216	- ~~esc_url~~($this->config['lite_download_url'])
217	);
218
219	$error_could_not_activate = sprintf(
	@@ -225,7 +225,7 @@ class MailOptin
225	),
226	)
227	),
228	- ~~esc_url~~(admin_url('plugins.php'))
229	);
230
231	return array(


213	),
214	)
215	),
216	+ esc_url_raw($this->config['lite_download_url'])
217	);
218
219	$error_could_not_activate = sprintf(

225	),
226	)
227	),
228	+ esc_url_raw(admin_url('plugins.php'))
229	);
230
231	return array(

src/Classes/AjaxHandler.php CHANGED Viewed

	@@ -275,7 +275,7 @@ class AjaxHandler
275
276	EditUserProfile::remove_avatar_core();
277
278	- wp_send_json(array('success' => true, 'default' => ~~esc_url(~~get_avatar_url(get_current_user_id(), '300'))));
279	}
280	}
281
	@@ -291,7 +291,7 @@ class AjaxHandler
291
292	$default = get_option('wp_user_cover_default_image_url', '');
293
294	- wp_send_json(['success' => true, 'default' => ~~esc_url~~($default)]);
295	}
296	}
297


275
276	EditUserProfile::remove_avatar_core();
277
278	+ wp_send_json(array('success' => true, 'default' => get_avatar_url(get_current_user_id(), '300')));
279	}
280	}
281

291
292	$default = get_option('wp_user_cover_default_image_url', '');
293
294	+ wp_send_json(['success' => true, 'default' => esc_url_raw($default)]);
295	}
296	}
297

src/Classes/EditUserProfile.php CHANGED Viewed

	@@ -382,7 +382,7 @@ class EditUserProfile
382	{
383	self::remove_avatar_core();
384
385	- wp_safe_redirect(~~esc_url~~(add_query_arg('edit', 'true')));
386	exit;
387	}
388
	@@ -392,7 +392,7 @@ class EditUserProfile
392	public static function remove_user_cover_image()
393	{
394	self::remove_cover_image();
395	- wp_safe_redirect(~~esc_url~~(add_query_arg('edit', 'true')));
396	exit;
397	}
398


382	{
383	self::remove_avatar_core();
384
385	+ wp_safe_redirect(esc_url_raw(add_query_arg('edit', 'true')));
386	exit;
387	}
388

392	public static function remove_user_cover_image()
393	{
394	self::remove_cover_image();
395	+ wp_safe_redirect(esc_url_raw(add_query_arg('edit', 'true')));
396	exit;
397	}
398

src/Functions/GlobalFunctions.php CHANGED Viewed

	@@ -264,7 +264,7 @@ function ppress_password_reset_redirect()
264	$redirect = ppress_password_reset_url() . '?password=changed';
265	}
266
267	- return apply_filters('ppress_do_password_reset_redirect', ~~esc_url~~($redirect));
268	}
269
270	/**


264	$redirect = ppress_password_reset_url() . '?password=changed';
265	}
266
267	+ return apply_filters('ppress_do_password_reset_redirect', esc_url_raw($redirect));
268	}
269
270	/**

src/ShortcodeParser/Builder/GlobalShortcodes.php CHANGED Viewed

	@@ -500,7 +500,7 @@ class GlobalShortcodes
500	public static function bbp_topic_started_url()
501	{
502	if (function_exists('bbp_get_user_topics_created_url')) {
503	- return ~~esc_url~~(bbp_get_user_topics_created_url(self::$current_user->ID));
504	}
505	}
506
	@@ -526,7 +526,7 @@ class GlobalShortcodes
526	public static function bbp_favorites_url()
527	{
528	if (function_exists('bbp_get_favorites_permalink')) {
529	- return ~~esc_url~~(bbp_get_favorites_permalink(self::$current_user->ID));
530	}
531	}
532


500	public static function bbp_topic_started_url()
501	{
502	if (function_exists('bbp_get_user_topics_created_url')) {
503	+ return esc_url_raw(bbp_get_user_topics_created_url(self::$current_user->ID));
504	}
505	}
506

526	public static function bbp_favorites_url()
527	{
528	if (function_exists('bbp_get_favorites_permalink')) {
529	+ return esc_url_raw(bbp_get_favorites_permalink(self::$current_user->ID));
530	}
531	}
532

vendor/autoload.php CHANGED Viewed

	@@ -4,4 +4,4 @@
4
5	require_once __DIR__ . '/composer/autoload_real.php';
6
7	- return ~~ComposerAutoloaderInit0f0dfaf6382a05d192bd889e5f7168f9~~::getLoader();


4
5	require_once __DIR__ . '/composer/autoload_real.php';
6
7	+ return ComposerAutoloaderInit2f973ffc2ef552a485c3cf0b833fe636::getLoader();

vendor/composer/InstalledVersions.php CHANGED Viewed

	@@ -29,7 +29,7 @@ private static $installed = array (
29	'aliases' =>
30	array (
31	),
32	- 'reference' => '~~9b520d65a2664f9459fb4987528469dbcf6d2475~~',
33	'name' => '__root__',
34	),
35	'versions' =>
	@@ -41,7 +41,7 @@ private static $installed = array (
41	'aliases' =>
42	array (
43	),
44	- 'reference' => '~~9b520d65a2664f9459fb4987528469dbcf6d2475~~',
45	),
46	'collizo4sky/persist-admin-notices-dismissal' =>
47	array (


29	'aliases' =>
30	array (
31	),
32	+ 'reference' => '69935227c7d3839dcde9598dc7e3b5e793e43454',
33	'name' => '__root__',
34	),
35	'versions' =>

41	'aliases' =>
42	array (
43	),
44	+ 'reference' => '69935227c7d3839dcde9598dc7e3b5e793e43454',
45	),
46	'collizo4sky/persist-admin-notices-dismissal' =>
47	array (

vendor/composer/autoload_real.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2
3	// autoload_real.php @generated by Composer
4
5	- class ~~ComposerAutoloaderInit0f0dfaf6382a05d192bd889e5f7168f9~~
6	{
7	private static $loader;
8
	@@ -24,15 +24,15 @@ class ComposerAutoloaderInit0f0dfaf6382a05d192bd889e5f7168f9
24
25	require __DIR__ . '/platform_check.php';
26
27	- spl_autoload_register(array('~~ComposerAutoloaderInit0f0dfaf6382a05d192bd889e5f7168f9~~', 'loadClassLoader'), true, true);
28	self::$loader = $loader = new \Composer\Autoload\ClassLoader();
29	- spl_autoload_unregister(array('~~ComposerAutoloaderInit0f0dfaf6382a05d192bd889e5f7168f9~~', 'loadClassLoader'));
30
31	$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') \|\| !zend_loader_file_encoded());
32	if ($useStaticLoader) {
33	require __DIR__ . '/autoload_static.php';
34
35	- call_user_func(\Composer\Autoload\~~ComposerStaticInit0f0dfaf6382a05d192bd889e5f7168f9~~::getInitializer($loader));
36	} else {
37	$map = require __DIR__ . '/autoload_namespaces.php';
38	foreach ($map as $namespace => $path) {
	@@ -53,19 +53,19 @@ class ComposerAutoloaderInit0f0dfaf6382a05d192bd889e5f7168f9
53	$loader->register(true);
54
55	if ($useStaticLoader) {
56	- $includeFiles = Composer\Autoload\~~ComposerStaticInit0f0dfaf6382a05d192bd889e5f7168f9~~::$files;
57	} else {
58	$includeFiles = require __DIR__ . '/autoload_files.php';
59	}
60	foreach ($includeFiles as $fileIdentifier => $file) {
61	- ~~composerRequire0f0dfaf6382a05d192bd889e5f7168f9~~($fileIdentifier, $file);
62	}
63
64	return $loader;
65	}
66	}
67
68	- function ~~composerRequire0f0dfaf6382a05d192bd889e5f7168f9~~($fileIdentifier, $file)
69	{
70	if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
71	require $file;


2
3	// autoload_real.php @generated by Composer
4
5	+ class ComposerAutoloaderInit2f973ffc2ef552a485c3cf0b833fe636
6	{
7	private static $loader;
8

24
25	require __DIR__ . '/platform_check.php';
26
27	+ spl_autoload_register(array('ComposerAutoloaderInit2f973ffc2ef552a485c3cf0b833fe636', 'loadClassLoader'), true, true);
28	self::$loader = $loader = new \Composer\Autoload\ClassLoader();
29	+ spl_autoload_unregister(array('ComposerAutoloaderInit2f973ffc2ef552a485c3cf0b833fe636', 'loadClassLoader'));
30
31	$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') \|\| !zend_loader_file_encoded());
32	if ($useStaticLoader) {
33	require __DIR__ . '/autoload_static.php';
34
35	+ call_user_func(\Composer\Autoload\ComposerStaticInit2f973ffc2ef552a485c3cf0b833fe636::getInitializer($loader));
36	} else {
37	$map = require __DIR__ . '/autoload_namespaces.php';
38	foreach ($map as $namespace => $path) {

53	$loader->register(true);
54
55	if ($useStaticLoader) {
56	+ $includeFiles = Composer\Autoload\ComposerStaticInit2f973ffc2ef552a485c3cf0b833fe636::$files;
57	} else {
58	$includeFiles = require __DIR__ . '/autoload_files.php';
59	}
60	foreach ($includeFiles as $fileIdentifier => $file) {
61	+ composerRequire2f973ffc2ef552a485c3cf0b833fe636($fileIdentifier, $file);
62	}
63
64	return $loader;
65	}
66	}
67
68	+ function composerRequire2f973ffc2ef552a485c3cf0b833fe636($fileIdentifier, $file)
69	{
70	if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
71	require $file;

vendor/composer/autoload_static.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4
5	namespace Composer\Autoload;
6
7	- class ~~ComposerStaticInit0f0dfaf6382a05d192bd889e5f7168f9~~
8	{
9	public static $files = array (
10	'fda73876e8be17735f680f484cec1679' => __DIR__ . '/../..' . '/src/Functions/custom-settings-api.php',
	@@ -286,9 +286,9 @@ class ComposerStaticInit0f0dfaf6382a05d192bd889e5f7168f9
286	public static function getInitializer(ClassLoader $loader)
287	{
288	return \Closure::bind(function () use ($loader) {
289	- $loader->prefixLengthsPsr4 = ~~ComposerStaticInit0f0dfaf6382a05d192bd889e5f7168f9~~::$prefixLengthsPsr4;
290	- $loader->prefixDirsPsr4 = ~~ComposerStaticInit0f0dfaf6382a05d192bd889e5f7168f9~~::$prefixDirsPsr4;
291	- $loader->classMap = ~~ComposerStaticInit0f0dfaf6382a05d192bd889e5f7168f9~~::$classMap;
292
293	}, null, ClassLoader::class);
294	}


4
5	namespace Composer\Autoload;
6
7	+ class ComposerStaticInit2f973ffc2ef552a485c3cf0b833fe636
8	{
9	public static $files = array (
10	'fda73876e8be17735f680f484cec1679' => __DIR__ . '/../..' . '/src/Functions/custom-settings-api.php',

286	public static function getInitializer(ClassLoader $loader)
287	{
288	return \Closure::bind(function () use ($loader) {
289	+ $loader->prefixLengthsPsr4 = ComposerStaticInit2f973ffc2ef552a485c3cf0b833fe636::$prefixLengthsPsr4;
290	+ $loader->prefixDirsPsr4 = ComposerStaticInit2f973ffc2ef552a485c3cf0b833fe636::$prefixDirsPsr4;
291	+ $loader->classMap = ComposerStaticInit2f973ffc2ef552a485c3cf0b833fe636::$classMap;
292
293	}, null, ClassLoader::class);
294	}

vendor/composer/installed.php CHANGED Viewed

	@@ -6,7 +6,7 @@
6	'aliases' =>
7	array (
8	),
9	- 'reference' => '~~9b520d65a2664f9459fb4987528469dbcf6d2475~~',
10	'name' => '__root__',
11	),
12	'versions' =>
	@@ -18,7 +18,7 @@
18	'aliases' =>
19	array (
20	),
21	- 'reference' => '~~9b520d65a2664f9459fb4987528469dbcf6d2475~~',
22	),
23	'collizo4sky/persist-admin-notices-dismissal' =>
24	array (


6	'aliases' =>
7	array (
8	),
9	+ 'reference' => '69935227c7d3839dcde9598dc7e3b5e793e43454',
10	'name' => '__root__',
11	),
12	'versions' =>

18	'aliases' =>
19	array (
20	),
21	+ 'reference' => '69935227c7d3839dcde9598dc7e3b5e793e43454',
22	),
23	'collizo4sky/persist-admin-notices-dismissal' =>
24	array (

wp-user-avatar.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: ProfilePress
4	* Plugin URI: https://profilepress.net
5	* Description: The modern WordPress membership and user profile plugin.
6	- * Version: 3.1.9
7	* Author: ProfilePress Team
8	* Author URI: https://profilepress.net
9	* Text Domain: wp-user-avatar
	@@ -14,7 +14,7 @@
14	defined('ABSPATH') or die("No script kiddies please!");
15
16	define('PROFILEPRESS_SYSTEM_FILE_PATH', __FILE__);
17	- define('PPRESS_VERSION_NUMBER', '3.1.9');
18
19	require __DIR__ . '/vendor/autoload.php';
20


3	* Plugin Name: ProfilePress
4	* Plugin URI: https://profilepress.net
5	* Description: The modern WordPress membership and user profile plugin.
6	+ * Version: 3.1.10
7	* Author: ProfilePress Team
8	* Author URI: https://profilepress.net
9	* Text Domain: wp-user-avatar

14	defined('ABSPATH') or die("No script kiddies please!");
15
16	define('PROFILEPRESS_SYSTEM_FILE_PATH', __FILE__);
17	+ define('PPRESS_VERSION_NUMBER', '3.1.10');
18
19	require __DIR__ . '/vendor/autoload.php';
20