Version Description
Download this release
Release Info
Developer | Tomdever |
Plugin | wpForo Forum |
Version | 1.4.11 |
Comparing to | |
See all releases |
Code changes from version 1.4.10 to 1.4.11
- readme.txt +2 -3
- wpf-includes/class-template.php +1 -1
- wpf-includes/functions-template.php +2 -2
- wpf-includes/wpf-actions.php +119 -30
- wpf-includes/wpf-hooks.php +4 -2
- wpforo.php +2 -2
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: gVectors Team
|
|
3 |
Tags: forum, forums, forum plugin, WordPress forum plugin, community, discussion
|
4 |
Requires at least: 4.1
|
5 |
Tested up to: 4.9
|
6 |
-
Stable tag: 1.4.
|
7 |
Requires PHP: 5.4 and higher
|
8 |
License: GPLv2 or later
|
9 |
License URI: https://www.gnu.org/licenses/gpl-2.0.html
|
@@ -152,12 +152,11 @@ Find wpForo forum plugin addons on [gVectors Team website...](https://gvectors.c
|
|
152 |
|
153 |
== Changelog ==
|
154 |
|
155 |
-
= wpForo Forum 1.4.10 | 30.05.2018 =
|
156 |
|
157 |
* Fixed: This is a not planned security update. It includes data sanitization and filtering changes.
|
158 |
|
159 |
|
160 |
-
|
161 |
= wpForo Forum 1.4.8 / 1.4.9 | 04.05.2018 =
|
162 |
|
163 |
[wpForo v1.4.9 Release Summary](https://wpforo.com/community/wpforo-announcements/wpforo-1-4-9-is-released/)
|
3 |
Tags: forum, forums, forum plugin, WordPress forum plugin, community, discussion
|
4 |
Requires at least: 4.1
|
5 |
Tested up to: 4.9
|
6 |
+
Stable tag: 1.4.11
|
7 |
Requires PHP: 5.4 and higher
|
8 |
License: GPLv2 or later
|
9 |
License URI: https://www.gnu.org/licenses/gpl-2.0.html
|
152 |
|
153 |
== Changelog ==
|
154 |
|
155 |
+
= wpForo Forum 1.4.10 / 1.4.11 | 30.05.2018 =
|
156 |
|
157 |
* Fixed: This is a not planned security update. It includes data sanitization and filtering changes.
|
158 |
|
159 |
|
|
|
160 |
= wpForo Forum 1.4.8 / 1.4.9 | 04.05.2018 =
|
161 |
|
162 |
[wpForo v1.4.9 Release Summary](https://wpforo.com/community/wpforo-announcements/wpforo-1-4-9-is-released/)
|
wpf-includes/class-template.php
CHANGED
@@ -2108,7 +2108,7 @@ class wpForoTemplate{
|
|
2108 |
|
2109 |
public function ajx_active_tab_content(){
|
2110 |
if( !empty($_POST['active_tab_id']) ){
|
2111 |
-
$active_tab_id =
|
2112 |
switch ($active_tab_id){
|
2113 |
case 'topic_merge_form':
|
2114 |
$this->topic_merge_form();
|
2108 |
|
2109 |
public function ajx_active_tab_content(){
|
2110 |
if( !empty($_POST['active_tab_id']) ){
|
2111 |
+
$active_tab_id = sanitize_textarea_field($_POST['active_tab_id']);
|
2112 |
switch ($active_tab_id){
|
2113 |
case 'topic_merge_form':
|
2114 |
$this->topic_merge_form();
|
wpf-includes/functions-template.php
CHANGED
@@ -1014,8 +1014,8 @@ function wpforo_resetpassword(){ ?>
|
|
1014 |
<p id="wpforo-title"><?php wpforo_phrase('Reset Password') ?></p>
|
1015 |
|
1016 |
<form name="wpflogin" action="<?php echo site_url( 'wp-login.php?action=resetpass' ); ?>" method="POST" autocomplete="off">
|
1017 |
-
<input type="hidden" name="rp_key" value="<?php echo $_REQUEST['rp_key'] ?>">
|
1018 |
-
<input type="hidden" name="rp_login" value="<?php echo $_REQUEST['rp_login'] ?>">
|
1019 |
<div class="wpforo-login-wrap">
|
1020 |
<div class="wpforo-login-content">
|
1021 |
<div class="wpforo-table wpforo-login-table">
|
1014 |
<p id="wpforo-title"><?php wpforo_phrase('Reset Password') ?></p>
|
1015 |
|
1016 |
<form name="wpflogin" action="<?php echo site_url( 'wp-login.php?action=resetpass' ); ?>" method="POST" autocomplete="off">
|
1017 |
+
<input type="hidden" name="rp_key" value="<?php echo esc_html($_REQUEST['rp_key']) ?>">
|
1018 |
+
<input type="hidden" name="rp_login" value="<?php echo esc_html($_REQUEST['rp_login']) ?>">
|
1019 |
<div class="wpforo-login-wrap">
|
1020 |
<div class="wpforo-login-content">
|
1021 |
<div class="wpforo-table wpforo-login-table">
|
wpf-includes/wpf-actions.php
CHANGED
@@ -144,7 +144,7 @@ function wpforo_actions(){
|
|
144 |
wpforo_verify_form();
|
145 |
$redirect_to = wpforo_get_request_uri();
|
146 |
if( !empty($_POST['wpforo']['target_topic_url']) ){
|
147 |
-
$target_slug = $_POST['wpforo']['target_topic_url'];
|
148 |
if( preg_match('#^[\r\n\t\s]*https?://[^\r\n\t\s]+?/[^/]+/([^/]+?)(?:/?[\r\n\t\s]*$|/?\#post-\d+/?[\r\n\t\s]*$)#isu', $target_slug, $match) )
|
149 |
if( is_wpforo_url($target_slug) ) $target_slug = $match[1];
|
150 |
if ( strpos($target_slug, '/') === false && $target = WPF()->topic->get_topic($target_slug) ){
|
@@ -167,23 +167,23 @@ function wpforo_actions(){
|
|
167 |
$redirect_to = wpforo_get_request_uri();
|
168 |
if( !empty($_POST['wpforo']['create_new']) ){
|
169 |
$args = array(
|
170 |
-
'title' => $_POST['wpforo']['new_topic_title'],
|
171 |
-
'forumid' => $_POST['wpforo']['new_topic_forumid'],
|
172 |
-
'postids' => $_POST['wpforo']['posts']
|
173 |
);
|
174 |
$to_target_title = (empty($_POST['wpforo']['to_target_title']) ? 0 : 1);
|
175 |
if( $topicid = WPF()->topic->split($args, $to_target_title) )
|
176 |
$redirect_to = WPF()->topic->get_topic_url($topicid);
|
177 |
}else{
|
178 |
if( !empty($_POST['wpforo']['target_topic_url']) && !empty($_POST['wpforo']['posts']) ){
|
179 |
-
$target_slug = $_POST['wpforo']['target_topic_url'];
|
180 |
if( preg_match('#^[\r\n\t\s]*https?://[^\r\n\t\s]+?/[^/]+/([^/]+?)(?:/?[\r\n\t\s]*$|/?\#post-\d+/?[\r\n\t\s]*$)#isu', $target_slug, $match) )
|
181 |
if( is_wpforo_url($target_slug) ) $target_slug = $match[1];
|
182 |
if ( strpos($target_slug, '/') === false && $target = WPF()->topic->get_topic($target_slug) ){
|
183 |
$append = (empty($_POST['wpforo']['update_date_and_append']) ? 0 : 1);
|
184 |
$to_target_title = (empty($_POST['wpforo']['to_target_title']) ? 0 : 1);
|
185 |
-
|
186 |
-
if( WPF()->topic->merge( WPF()->current_object['topic'], $target, $
|
187 |
$redirect_to = WPF()->topic->get_topic_url($target);
|
188 |
}else{
|
189 |
WPF()->notice->add('Target Topic not found', 'error');
|
@@ -210,9 +210,11 @@ function wpforo_actions(){
|
|
210 |
}
|
211 |
|
212 |
if( !empty( $_POST['wpforo_subscribe_manager']) ){
|
213 |
-
|
214 |
-
|
215 |
-
|
|
|
|
|
216 |
wp_redirect( wpforo_home_url('subscriptions') );
|
217 |
exit();
|
218 |
}
|
@@ -249,7 +251,7 @@ function wpforo_actions(){
|
|
249 |
##Settings action
|
250 |
if( wpforo_is_admin() && isset($_POST['wpforo_screen_option']['value']) ){
|
251 |
if(!current_user_can('administrator')) return;
|
252 |
-
update_option('wpforo_count_per_page', $_POST['wpforo_screen_option']['value']);
|
253 |
}
|
254 |
|
255 |
if( wpforo_is_admin() && isset($_GET['page']) && $_GET['page'] == 'wpforo-community' && isset($_GET['action']) && $_GET['action'] ){
|
@@ -358,8 +360,8 @@ function wpforo_actions(){
|
|
358 |
|
359 |
if( isset($_POST['wpforo_use_home_url']) && $_POST['wpforo_use_home_url'] ){
|
360 |
$wpforo_use_home_url = 1;
|
361 |
-
if( isset($_POST['wpforo_excld_urls']) && $_POST['wpforo_excld_urls'] )
|
362 |
-
update_option('wpforo_excld_urls',
|
363 |
}else{
|
364 |
$wpforo_use_home_url = 0;
|
365 |
}
|
@@ -390,7 +392,14 @@ function wpforo_actions(){
|
|
390 |
nocache_headers();
|
391 |
}
|
392 |
|
393 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
394 |
WPF()->notice->add('General options successfully updated', 'success');
|
395 |
}else{
|
396 |
WPF()->notice->add('Successfully updated', 'success');
|
@@ -414,7 +423,8 @@ function wpforo_actions(){
|
|
414 |
##Forums
|
415 |
if( isset($_POST['wpforo_forum_options']) ){
|
416 |
check_admin_referer( 'wpforo-settings-forums' );
|
417 |
-
|
|
|
418 |
WPF()->notice->add('Forum options successfully updated', 'success');
|
419 |
}else{
|
420 |
WPF()->notice->add('Forum options successfully updated, but previous value not changed', 'success');
|
@@ -446,6 +456,22 @@ function wpforo_actions(){
|
|
446 |
if( isset($_POST['wpforo_member_options']) ){
|
447 |
check_admin_referer( 'wpforo-settings-members' );
|
448 |
$_POST['wpforo_member_options']['online_status_timeout'] = intval($_POST['wpforo_member_options']['online_status_timeout']) * 60;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
449 |
if( update_option('wpforo_member_options', $_POST['wpforo_member_options']) ){
|
450 |
WPF()->notice->add('Member options successfully updated', 'success');
|
451 |
}else{
|
@@ -459,7 +485,7 @@ function wpforo_actions(){
|
|
459 |
##Features
|
460 |
if( isset($_POST['wpforo_features']) ){
|
461 |
check_admin_referer( 'wpforo-features' );
|
462 |
-
if( update_option('wpforo_features', $_POST['wpforo_features']) ){
|
463 |
WPF()->notice->add('Features successfully updated', 'success');
|
464 |
}else{
|
465 |
WPF()->notice->add('Features successfully updated, but previous value not changed', 'success');
|
@@ -484,8 +510,19 @@ function wpforo_actions(){
|
|
484 |
##Theme options
|
485 |
if( isset($_POST['wpforo_theme_options']) && isset($_POST['wpforo_style_options']) ){
|
486 |
check_admin_referer( 'wpforo-settings-styles' );
|
487 |
-
|
488 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
489 |
update_option('wpforo_style_options', $_POST['wpforo_style_options']);
|
490 |
update_option('wpforo_theme_options', WPF()->tpl->options);
|
491 |
WPF()->notice->add('Theme options successfully updated', 'success');
|
@@ -497,6 +534,23 @@ function wpforo_actions(){
|
|
497 |
##Subscription
|
498 |
if( isset($_POST['wpforo_subscribe_options']) ){
|
499 |
check_admin_referer( 'wpforo-settings-emails' );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
500 |
if( update_option('wpforo_subscribe_options', $_POST['wpforo_subscribe_options']) ){
|
501 |
WPF()->notice->add('Subscribe options successfully updated', 'success');
|
502 |
}else{
|
@@ -506,7 +560,6 @@ function wpforo_actions(){
|
|
506 |
wp_redirect( admin_url( 'admin.php?page=wpforo-settings&tab=emails' ) );
|
507 |
exit();
|
508 |
}
|
509 |
-
|
510 |
}
|
511 |
|
512 |
### forum action ###
|
@@ -567,9 +620,9 @@ function wpforo_actions(){
|
|
567 |
|
568 |
$u_action = '';
|
569 |
if( !empty($_GET['action']) && $_GET['action'] != '-1' ){
|
570 |
-
$u_action = $_GET['action'];
|
571 |
}elseif( !empty($_GET['action2']) && $_GET['action2'] != '-1' ){
|
572 |
-
$u_action = $_GET['action2'];
|
573 |
}
|
574 |
$bulk = FALSE;
|
575 |
$pids = array();
|
@@ -662,9 +715,9 @@ function wpforo_actions(){
|
|
662 |
if( wpforo_is_admin() && isset($_GET['page']) && $_GET['page'] == 'wpforo-members' ){
|
663 |
$u_action = '';
|
664 |
if( !empty($_GET['action']) && $_GET['action'] != '-1' ){
|
665 |
-
$u_action = $_GET['action'];
|
666 |
}elseif( !empty($_GET['action2']) && $_GET['action2'] != '-1' ){
|
667 |
-
$u_action = $_GET['action2'];
|
668 |
}
|
669 |
$bulk = FALSE;
|
670 |
$uids = array();
|
@@ -906,7 +959,30 @@ function wpforo_actions(){
|
|
906 |
|
907 |
if( isset($_POST['wpforo_tools_antispam']) ){
|
908 |
check_admin_referer( 'wpforo-tools-antispam' );
|
909 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
910 |
WPF()->notice->add('Settings successfully updated', 'success');
|
911 |
}
|
912 |
wp_redirect( admin_url( 'admin.php?page=wpforo-tools&tab=antispam' ) );
|
@@ -914,16 +990,18 @@ function wpforo_actions(){
|
|
914 |
}
|
915 |
|
916 |
if( isset($_POST['wpforo_tools_cleanup']) ){
|
917 |
-
check_admin_referer( 'wpforo-tools-cleanup' );
|
918 |
-
if( update_option('wpforo_tools_cleanup', $_POST['wpforo_tools_cleanup']) ){
|
919 |
-
WPF()->notice->add('Settings successfully updated', 'success');
|
920 |
-
}
|
921 |
-
wp_redirect( admin_url( 'admin.php?page=wpforo-tools&tab=cleanup' ) );
|
922 |
-
exit();
|
923 |
}
|
924 |
|
925 |
if( isset($_POST['wpforo_tools_misc']) ){
|
926 |
check_admin_referer( 'wpforo-tools-misc' );
|
|
|
|
|
927 |
if( update_option('wpforo_tools_misc', $_POST['wpforo_tools_misc']) ){
|
928 |
WPF()->notice->add('Settings successfully updated', 'success');
|
929 |
}
|
@@ -933,6 +1011,17 @@ function wpforo_actions(){
|
|
933 |
|
934 |
if( isset($_POST['wpforo_tools_legal']) ){
|
935 |
check_admin_referer( 'wpforo-tools-legal' );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
936 |
if( update_option('wpforo_tools_legal', $_POST['wpforo_tools_legal']) ){
|
937 |
WPF()->notice->add('Settings successfully updated', 'success');
|
938 |
}
|
144 |
wpforo_verify_form();
|
145 |
$redirect_to = wpforo_get_request_uri();
|
146 |
if( !empty($_POST['wpforo']['target_topic_url']) ){
|
147 |
+
$target_slug = esc_url( $_POST['wpforo']['target_topic_url']);
|
148 |
if( preg_match('#^[\r\n\t\s]*https?://[^\r\n\t\s]+?/[^/]+/([^/]+?)(?:/?[\r\n\t\s]*$|/?\#post-\d+/?[\r\n\t\s]*$)#isu', $target_slug, $match) )
|
149 |
if( is_wpforo_url($target_slug) ) $target_slug = $match[1];
|
150 |
if ( strpos($target_slug, '/') === false && $target = WPF()->topic->get_topic($target_slug) ){
|
167 |
$redirect_to = wpforo_get_request_uri();
|
168 |
if( !empty($_POST['wpforo']['create_new']) ){
|
169 |
$args = array(
|
170 |
+
'title' => sanitize_text_field( $_POST['wpforo']['new_topic_title']),
|
171 |
+
'forumid' => intval( $_POST['wpforo']['new_topic_forumid']),
|
172 |
+
'postids' => array_map( 'intval', $_POST['wpforo']['posts'] )
|
173 |
);
|
174 |
$to_target_title = (empty($_POST['wpforo']['to_target_title']) ? 0 : 1);
|
175 |
if( $topicid = WPF()->topic->split($args, $to_target_title) )
|
176 |
$redirect_to = WPF()->topic->get_topic_url($topicid);
|
177 |
}else{
|
178 |
if( !empty($_POST['wpforo']['target_topic_url']) && !empty($_POST['wpforo']['posts']) ){
|
179 |
+
$target_slug = esc_url( $_POST['wpforo']['target_topic_url'] );
|
180 |
if( preg_match('#^[\r\n\t\s]*https?://[^\r\n\t\s]+?/[^/]+/([^/]+?)(?:/?[\r\n\t\s]*$|/?\#post-\d+/?[\r\n\t\s]*$)#isu', $target_slug, $match) )
|
181 |
if( is_wpforo_url($target_slug) ) $target_slug = $match[1];
|
182 |
if ( strpos($target_slug, '/') === false && $target = WPF()->topic->get_topic($target_slug) ){
|
183 |
$append = (empty($_POST['wpforo']['update_date_and_append']) ? 0 : 1);
|
184 |
$to_target_title = (empty($_POST['wpforo']['to_target_title']) ? 0 : 1);
|
185 |
+
$posts = array_map( 'intval', $_POST['wpforo']['posts']);
|
186 |
+
if( WPF()->topic->merge( WPF()->current_object['topic'], $target, $posts, $to_target_title, $append ) )
|
187 |
$redirect_to = WPF()->topic->get_topic_url($target);
|
188 |
}else{
|
189 |
WPF()->notice->add('Target Topic not found', 'error');
|
210 |
}
|
211 |
|
212 |
if( !empty( $_POST['wpforo_subscribe_manager']) ){
|
213 |
+
|
214 |
+
$data = ( !empty($_POST['wpforo']['forums']) ? array_map( 'sanitize_title', $_POST['wpforo']['forums'] ) : array() );
|
215 |
+
$all = ( !empty($_POST['wpforo']['check_all']) ? sanitize_title($_POST['wpforo']['check_all']) : '' );
|
216 |
+
|
217 |
+
WPF()->sbscrb->reset($data, $all);
|
218 |
wp_redirect( wpforo_home_url('subscriptions') );
|
219 |
exit();
|
220 |
}
|
251 |
##Settings action
|
252 |
if( wpforo_is_admin() && isset($_POST['wpforo_screen_option']['value']) ){
|
253 |
if(!current_user_can('administrator')) return;
|
254 |
+
update_option('wpforo_count_per_page', intval($_POST['wpforo_screen_option']['value']) );
|
255 |
}
|
256 |
|
257 |
if( wpforo_is_admin() && isset($_GET['page']) && $_GET['page'] == 'wpforo-community' && isset($_GET['action']) && $_GET['action'] ){
|
360 |
|
361 |
if( isset($_POST['wpforo_use_home_url']) && $_POST['wpforo_use_home_url'] ){
|
362 |
$wpforo_use_home_url = 1;
|
363 |
+
if( isset($_POST['wpforo_excld_urls']) && $_POST['wpforo_excld_urls'] ){}
|
364 |
+
update_option('wpforo_excld_urls', sanitize_textarea_field($_POST['wpforo_excld_urls']));
|
365 |
}else{
|
366 |
$wpforo_use_home_url = 0;
|
367 |
}
|
392 |
nocache_headers();
|
393 |
}
|
394 |
|
395 |
+
$general_options = array(
|
396 |
+
'title' => sanitize_text_field($_POST['wpforo_general_options']['title']),
|
397 |
+
'description' => sanitize_text_field($_POST['wpforo_general_options']['description']),
|
398 |
+
'menu_position' => intval($_POST['wpforo_general_options']['menu_position']),
|
399 |
+
'lang' => intval($_POST['wpforo_general_options']['lang'])
|
400 |
+
);
|
401 |
+
|
402 |
+
if( update_option('wpforo_general_options', $general_options) ){
|
403 |
WPF()->notice->add('General options successfully updated', 'success');
|
404 |
}else{
|
405 |
WPF()->notice->add('Successfully updated', 'success');
|
423 |
##Forums
|
424 |
if( isset($_POST['wpforo_forum_options']) ){
|
425 |
check_admin_referer( 'wpforo-settings-forums' );
|
426 |
+
|
427 |
+
if( update_option('wpforo_forum_options', array_map( 'intval', $_POST['wpforo_forum_options']) ) ){
|
428 |
WPF()->notice->add('Forum options successfully updated', 'success');
|
429 |
}else{
|
430 |
WPF()->notice->add('Forum options successfully updated, but previous value not changed', 'success');
|
456 |
if( isset($_POST['wpforo_member_options']) ){
|
457 |
check_admin_referer( 'wpforo-settings-members' );
|
458 |
$_POST['wpforo_member_options']['online_status_timeout'] = intval($_POST['wpforo_member_options']['online_status_timeout']) * 60;
|
459 |
+
$_POST['wpforo_member_options']['url_structure'] = sanitize_title($_POST['wpforo_member_options']['url_structure']);
|
460 |
+
$_POST['wpforo_member_options']['search_type'] = sanitize_title($_POST['wpforo_member_options']['search_type']);
|
461 |
+
$_POST['wpforo_member_options']['login_url'] = sanitize_text_field($_POST['wpforo_member_options']['login_url']);
|
462 |
+
$_POST['wpforo_member_options']['register_url'] = sanitize_text_field($_POST['wpforo_member_options']['register_url']);
|
463 |
+
$_POST['wpforo_member_options']['lost_password_url'] = sanitize_text_field($_POST['wpforo_member_options']['lost_password_url']);
|
464 |
+
$_POST['wpforo_member_options']['redirect_url_after_login'] = esc_url($_POST['wpforo_member_options']['redirect_url_after_login']);
|
465 |
+
$_POST['wpforo_member_options']['redirect_url_after_register'] = esc_url($_POST['wpforo_member_options']['redirect_url_after_register']);
|
466 |
+
$_POST['wpforo_member_options']['redirect_url_after_confirm_sbscrb'] = esc_url($_POST['wpforo_member_options']['redirect_url_after_confirm_sbscrb']);
|
467 |
+
$_POST['wpforo_member_options']['custom_title_is_on'] = intval($_POST['wpforo_member_options']['custom_title_is_on']);
|
468 |
+
$_POST['wpforo_member_options']['default_title'] = sanitize_text_field($_POST['wpforo_member_options']['default_title']);
|
469 |
+
$_POST['wpforo_member_options']['rating_title_ug'] = array_map('intval', $_POST['wpforo_member_options']['rating_title_ug']);
|
470 |
+
$_POST['wpforo_member_options']['rating_badge_ug'] = array_map('intval', $_POST['wpforo_member_options']['rating_badge_ug']);
|
471 |
+
$_POST['wpforo_member_options']['title_usergroup'] = array_map('intval', $_POST['wpforo_member_options']['title_usergroup']);
|
472 |
+
foreach($_POST['wpforo_member_options']['default_title']['rating'] as $key => $subArray){
|
473 |
+
$_POST['wpforo_member_options']['default_title']['rating'][$key] = array_map('sanitize_text_field', $subArray);
|
474 |
+
}
|
475 |
if( update_option('wpforo_member_options', $_POST['wpforo_member_options']) ){
|
476 |
WPF()->notice->add('Member options successfully updated', 'success');
|
477 |
}else{
|
485 |
##Features
|
486 |
if( isset($_POST['wpforo_features']) ){
|
487 |
check_admin_referer( 'wpforo-features' );
|
488 |
+
if( update_option('wpforo_features', array_map('intval', $_POST['wpforo_features']) ) ){
|
489 |
WPF()->notice->add('Features successfully updated', 'success');
|
490 |
}else{
|
491 |
WPF()->notice->add('Features successfully updated, but previous value not changed', 'success');
|
510 |
##Theme options
|
511 |
if( isset($_POST['wpforo_theme_options']) && isset($_POST['wpforo_style_options']) ){
|
512 |
check_admin_referer( 'wpforo-settings-styles' );
|
513 |
+
//Theme Options//////////////////////////////////////////////////////////////////////
|
514 |
+
$_POST['wpforo_theme_options']['style'] = sanitize_title($_POST['wpforo_theme_options']['style']);
|
515 |
+
foreach($_POST['wpforo_theme_options']['styles'] as $key => $subArray){
|
516 |
+
$_POST['wpforo_theme_options']['styles'][$key] = array_map('sanitize_text_field', $subArray);
|
517 |
+
}
|
518 |
+
WPF()->tpl->options['style'] = sanitize_text_field($_POST['wpforo_theme_options']['style']);
|
519 |
+
WPF()->tpl->options['styles'] = $_POST['wpforo_theme_options']['styles'];
|
520 |
+
//Style Options/////////////////////////////////////////////////////////////////////
|
521 |
+
$_POST['wpforo_style_options']['font_size_forum'] = intval($_POST['wpforo_style_options']['font_size_forum']);
|
522 |
+
$_POST['wpforo_style_options']['font_size_topic'] = intval($_POST['wpforo_style_options']['font_size_topic']);
|
523 |
+
$_POST['wpforo_style_options']['font_size_post_content'] = intval($_POST['wpforo_style_options']['font_size_post_content']);
|
524 |
+
$_POST['wpforo_style_options']['custom_css'] = sanitize_textarea_field($_POST['wpforo_style_options']['custom_css']);
|
525 |
+
////////////////////////////////////////////////////////////////////////////////////
|
526 |
update_option('wpforo_style_options', $_POST['wpforo_style_options']);
|
527 |
update_option('wpforo_theme_options', WPF()->tpl->options);
|
528 |
WPF()->notice->add('Theme options successfully updated', 'success');
|
534 |
##Subscription
|
535 |
if( isset($_POST['wpforo_subscribe_options']) ){
|
536 |
check_admin_referer( 'wpforo-settings-emails' );
|
537 |
+
$_POST['wpforo_subscribe_options']['from_name'] = sanitize_text_field($_POST['wpforo_subscribe_options']['from_name']);
|
538 |
+
$_POST['wpforo_subscribe_options']['from_email'] = sanitize_text_field($_POST['wpforo_subscribe_options']['from_email']);
|
539 |
+
$_POST['wpforo_subscribe_options']['admin_emails'] = sanitize_text_field($_POST['wpforo_subscribe_options']['admin_emails']);
|
540 |
+
$_POST['wpforo_subscribe_options']['new_topic_notify'] = intval($_POST['wpforo_subscribe_options']['new_topic_notify']);
|
541 |
+
$_POST['wpforo_subscribe_options']['new_reply_notify'] = intval($_POST['wpforo_subscribe_options']['new_reply_notify']);
|
542 |
+
$_POST['wpforo_subscribe_options']['confirmation_email_subject'] = sanitize_text_field($_POST['wpforo_subscribe_options']['confirmation_email_subject']);
|
543 |
+
$_POST['wpforo_subscribe_options']['confirmation_email_message'] = wpforo_kses($_POST['wpforo_subscribe_options']['confirmation_email_message'], 'email');
|
544 |
+
$_POST['wpforo_subscribe_options']['new_topic_notification_email_subject'] = sanitize_text_field($_POST['wpforo_subscribe_options']['new_topic_notification_email_subject']);
|
545 |
+
$_POST['wpforo_subscribe_options']['new_topic_notification_email_message'] = wpforo_kses($_POST['wpforo_subscribe_options']['new_topic_notification_email_message'], 'email');
|
546 |
+
$_POST['wpforo_subscribe_options']['new_post_notification_email_subject'] = sanitize_text_field($_POST['wpforo_subscribe_options']['new_post_notification_email_subject']);
|
547 |
+
$_POST['wpforo_subscribe_options']['new_post_notification_email_message'] = wpforo_kses($_POST['wpforo_subscribe_options']['new_post_notification_email_message'], 'email');
|
548 |
+
$_POST['wpforo_subscribe_options']['report_email_subject'] = sanitize_text_field($_POST['wpforo_subscribe_options']['report_email_subject']);
|
549 |
+
$_POST['wpforo_subscribe_options']['report_email_message'] = wpforo_kses($_POST['wpforo_subscribe_options']['report_email_message'], 'email');
|
550 |
+
$_POST['wpforo_subscribe_options']['reset_password_email_message'] = wpforo_kses($_POST['wpforo_subscribe_options']['reset_password_email_message'], 'email');
|
551 |
+
$_POST['wpforo_subscribe_options']['user_mention_notify'] = intval($_POST['wpforo_subscribe_options']['user_mention_notify']);
|
552 |
+
$_POST['wpforo_subscribe_options']['user_mention_email_subject'] = sanitize_text_field($_POST['wpforo_subscribe_options']['user_mention_email_subject']);
|
553 |
+
$_POST['wpforo_subscribe_options']['user_mention_email_message'] = wpforo_kses($_POST['wpforo_subscribe_options']['user_mention_email_message'], 'email');
|
554 |
if( update_option('wpforo_subscribe_options', $_POST['wpforo_subscribe_options']) ){
|
555 |
WPF()->notice->add('Subscribe options successfully updated', 'success');
|
556 |
}else{
|
560 |
wp_redirect( admin_url( 'admin.php?page=wpforo-settings&tab=emails' ) );
|
561 |
exit();
|
562 |
}
|
|
|
563 |
}
|
564 |
|
565 |
### forum action ###
|
620 |
|
621 |
$u_action = '';
|
622 |
if( !empty($_GET['action']) && $_GET['action'] != '-1' ){
|
623 |
+
$u_action = sanitize_textarea_field($_GET['action']);
|
624 |
}elseif( !empty($_GET['action2']) && $_GET['action2'] != '-1' ){
|
625 |
+
$u_action = sanitize_textarea_field($_GET['action2']);
|
626 |
}
|
627 |
$bulk = FALSE;
|
628 |
$pids = array();
|
715 |
if( wpforo_is_admin() && isset($_GET['page']) && $_GET['page'] == 'wpforo-members' ){
|
716 |
$u_action = '';
|
717 |
if( !empty($_GET['action']) && $_GET['action'] != '-1' ){
|
718 |
+
$u_action = sanitize_textarea_field($_GET['action']);
|
719 |
}elseif( !empty($_GET['action2']) && $_GET['action2'] != '-1' ){
|
720 |
+
$u_action = sanitize_textarea_field($_GET['action2']);
|
721 |
}
|
722 |
$bulk = FALSE;
|
723 |
$uids = array();
|
959 |
|
960 |
if( isset($_POST['wpforo_tools_antispam']) ){
|
961 |
check_admin_referer( 'wpforo-tools-antispam' );
|
962 |
+
$_POST['wpforo_tools_antispam']['spam_filter'] = intval($_POST['wpforo_tools_antispam']['spam_filter']);
|
963 |
+
$_POST['wpforo_tools_antispam']['spam_user_ban'] = intval($_POST['wpforo_tools_antispam']['spam_user_ban']);
|
964 |
+
$_POST['wpforo_tools_antispam']['spam_user_ban_notification'] = intval($_POST['wpforo_tools_antispam']['spam_user_ban_notification']);
|
965 |
+
$_POST['wpforo_tools_antispam']['spam_filter_level_topic'] = intval($_POST['wpforo_tools_antispam']['spam_filter_level_topic']);
|
966 |
+
$_POST['wpforo_tools_antispam']['spam_filter_level_post'] = intval($_POST['wpforo_tools_antispam']['spam_filter_level_post']);
|
967 |
+
$_POST['wpforo_tools_antispam']['new_user_max_posts'] = intval($_POST['wpforo_tools_antispam']['new_user_max_posts']);
|
968 |
+
$_POST['wpforo_tools_antispam']['min_number_post_to_attach'] = intval($_POST['wpforo_tools_antispam']['min_number_post_to_attach']);
|
969 |
+
$_POST['wpforo_tools_antispam']['min_number_post_to_link'] = intval($_POST['wpforo_tools_antispam']['min_number_post_to_link']);
|
970 |
+
$_POST['wpforo_tools_antispam']['limited_file_ext'] = sanitize_textarea_field($_POST['wpforo_tools_antispam']['limited_file_ext']);
|
971 |
+
$_POST['wpforo_tools_antispam']['rc_site_key'] = sanitize_text_field($_POST['wpforo_tools_antispam']['rc_site_key']);
|
972 |
+
$_POST['wpforo_tools_antispam']['rc_secret_key'] = sanitize_text_field($_POST['wpforo_tools_antispam']['rc_secret_key']);
|
973 |
+
$_POST['wpforo_tools_antispam']['rc_theme'] = sanitize_text_field($_POST['wpforo_tools_antispam']['rc_theme']);
|
974 |
+
$_POST['wpforo_tools_antispam']['rc_topic_editor'] = intval($_POST['wpforo_tools_antispam']['rc_topic_editor']);
|
975 |
+
$_POST['wpforo_tools_antispam']['rc_post_editor'] = intval($_POST['wpforo_tools_antispam']['rc_post_editor']);
|
976 |
+
$_POST['wpforo_tools_antispam']['rc_wpf_login_form'] = intval($_POST['wpforo_tools_antispam']['rc_wpf_login_form']);
|
977 |
+
$_POST['wpforo_tools_antispam']['rc_wpf_reg_form'] = intval($_POST['wpforo_tools_antispam']['rc_wpf_reg_form']);
|
978 |
+
$_POST['wpforo_tools_antispam']['rc_wpf_lostpass_form'] = intval($_POST['wpforo_tools_antispam']['rc_wpf_lostpass_form']);
|
979 |
+
$_POST['wpforo_tools_antispam']['rc_login_form'] = intval($_POST['wpforo_tools_antispam']['rc_login_form']);
|
980 |
+
$_POST['wpforo_tools_antispam']['rc_reg_form'] = intval($_POST['wpforo_tools_antispam']['rc_reg_form']);
|
981 |
+
$_POST['wpforo_tools_antispam']['rc_lostpass_form'] = intval($_POST['wpforo_tools_antispam']['rc_lostpass_form']);
|
982 |
+
$_POST['wpforo_tools_antispam']['html'] = sanitize_textarea_field($_POST['wpforo_tools_antispam']['html']);
|
983 |
+
$_POST['wpforo_tools_antispam']['spam_file_scanner'] = intval($_POST['wpforo_tools_antispam']['spam_file_scanner']);
|
984 |
+
$_POST['wpforo_tools_antispam']['exclude_file_ext'] = sanitize_textarea_field($_POST['wpforo_tools_antispam']['exclude_file_ext']);
|
985 |
+
if( update_option('wpforo_tools_antispam', $_POST['wpforo_tools_antispam']) ){
|
986 |
WPF()->notice->add('Settings successfully updated', 'success');
|
987 |
}
|
988 |
wp_redirect( admin_url( 'admin.php?page=wpforo-tools&tab=antispam' ) );
|
990 |
}
|
991 |
|
992 |
if( isset($_POST['wpforo_tools_cleanup']) ){
|
993 |
+
//check_admin_referer( 'wpforo-tools-cleanup' );
|
994 |
+
//if( update_option('wpforo_tools_cleanup', $_POST['wpforo_tools_cleanup']) ){
|
995 |
+
//WPF()->notice->add('Settings successfully updated', 'success');
|
996 |
+
//}
|
997 |
+
//wp_redirect( admin_url( 'admin.php?page=wpforo-tools&tab=cleanup' ) );
|
998 |
+
//exit();
|
999 |
}
|
1000 |
|
1001 |
if( isset($_POST['wpforo_tools_misc']) ){
|
1002 |
check_admin_referer( 'wpforo-tools-misc' );
|
1003 |
+
$_POST['wpforo_tools_misc']['dofollow'] = sanitize_textarea_field($_POST['wpforo_tools_misc']['dofollow']);
|
1004 |
+
$_POST['wpforo_tools_misc']['noindex'] = sanitize_textarea_field($_POST['wpforo_tools_misc']['noindex']);
|
1005 |
if( update_option('wpforo_tools_misc', $_POST['wpforo_tools_misc']) ){
|
1006 |
WPF()->notice->add('Settings successfully updated', 'success');
|
1007 |
}
|
1011 |
|
1012 |
if( isset($_POST['wpforo_tools_legal']) ){
|
1013 |
check_admin_referer( 'wpforo-tools-legal' );
|
1014 |
+
$_POST['wpforo_tools_legal']['contact_page_url'] = esc_url($_POST['wpforo_tools_legal']['contact_page_url']);
|
1015 |
+
$_POST['wpforo_tools_legal']['checkbox_terms_privacy'] = intval($_POST['wpforo_tools_legal']['checkbox_terms_privacy']);
|
1016 |
+
$_POST['wpforo_tools_legal']['checkbox_email_password'] = intval($_POST['wpforo_tools_legal']['checkbox_email_password']);
|
1017 |
+
$_POST['wpforo_tools_legal']['page_terms'] = esc_url($_POST['wpforo_tools_legal']['page_terms']);
|
1018 |
+
$_POST['wpforo_tools_legal']['page_privacy'] = esc_url($_POST['wpforo_tools_legal']['page_privacy']);
|
1019 |
+
$_POST['wpforo_tools_legal']['checkbox_forum_privacy'] = intval($_POST['wpforo_tools_legal']['checkbox_forum_privacy']);
|
1020 |
+
$_POST['wpforo_tools_legal']['forum_privacy_text'] = wpforo_kses($_POST['wpforo_tools_legal']['forum_privacy_text'], 'post');
|
1021 |
+
$_POST['wpforo_tools_legal']['checkbox_fb_login'] = intval($_POST['wpforo_tools_legal']['checkbox_fb_login']);
|
1022 |
+
$_POST['wpforo_tools_legal']['cookies'] = intval($_POST['wpforo_tools_legal']['cookies']);
|
1023 |
+
$_POST['wpforo_tools_legal']['rules_checkbox'] = intval($_POST['wpforo_tools_legal']['rules_checkbox']);
|
1024 |
+
$_POST['wpforo_tools_legal']['rules_text'] = wpforo_kses($_POST['wpforo_tools_legal']['rules_text'], 'post');
|
1025 |
if( update_option('wpforo_tools_legal', $_POST['wpforo_tools_legal']) ){
|
1026 |
WPF()->notice->add('Settings successfully updated', 'success');
|
1027 |
}
|
wpf-includes/wpf-hooks.php
CHANGED
@@ -1920,6 +1920,8 @@ function wpforo_redirect_to_custom_password_reset(){
|
|
1920 |
|
1921 |
if ( 'GET' == $_SERVER['REQUEST_METHOD'] ) {
|
1922 |
// Verify key / login combo
|
|
|
|
|
1923 |
$user = check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );
|
1924 |
if ( ! $user || is_wp_error( $user ) ) {
|
1925 |
if ( $user && $user->get_error_code() === 'expired_key' ) {
|
@@ -1965,8 +1967,8 @@ function wpforo_do_password_reset() {
|
|
1965 |
if( !wpforo_feature('resetpass-url') ) return;
|
1966 |
|
1967 |
if ( 'POST' == $_SERVER['REQUEST_METHOD'] ) {
|
1968 |
-
$rp_key = $_REQUEST['rp_key'];
|
1969 |
-
$rp_login = $_REQUEST['rp_login'];
|
1970 |
|
1971 |
$user = check_password_reset_key( $rp_key, $rp_login );
|
1972 |
|
1920 |
|
1921 |
if ( 'GET' == $_SERVER['REQUEST_METHOD'] ) {
|
1922 |
// Verify key / login combo
|
1923 |
+
$_REQUEST['key'] = sanitize_textarea_field($_REQUEST['key']);
|
1924 |
+
$_REQUEST['key'] = sanitize_textarea_field($_REQUEST['login']);
|
1925 |
$user = check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );
|
1926 |
if ( ! $user || is_wp_error( $user ) ) {
|
1927 |
if ( $user && $user->get_error_code() === 'expired_key' ) {
|
1967 |
if( !wpforo_feature('resetpass-url') ) return;
|
1968 |
|
1969 |
if ( 'POST' == $_SERVER['REQUEST_METHOD'] ) {
|
1970 |
+
$rp_key = sanitize_textarea_field($_REQUEST['rp_key']);
|
1971 |
+
$rp_login = sanitize_textarea_field($_REQUEST['rp_login']);
|
1972 |
|
1973 |
$user = check_password_reset_key( $rp_key, $rp_login );
|
1974 |
|
wpforo.php
CHANGED
@@ -5,14 +5,14 @@
|
|
5 |
* Description: WordPress Forum plugin. wpForo is a full-fledged forum solution for your community. Comes with multiple modern forum layouts.
|
6 |
* Author: gVectors Team (A. Chakhoyan, R. Hovhannisyan)
|
7 |
* Author URI: https://gvectors.com/
|
8 |
-
* Version: 1.4.
|
9 |
* Text Domain: wpforo
|
10 |
* Domain Path: /wpf-languages
|
11 |
*/
|
12 |
|
13 |
//Exit if accessed directly
|
14 |
if( !defined( 'ABSPATH' ) ) exit;
|
15 |
-
if( !defined( 'WPFORO_VERSION' ) ) define('WPFORO_VERSION', '1.4.
|
16 |
|
17 |
function wpforo_load_plugin_textdomain() { load_plugin_textdomain( 'wpforo', FALSE, basename( dirname( __FILE__ ) ) . '/wpf-languages/' ); }
|
18 |
add_action( 'plugins_loaded', 'wpforo_load_plugin_textdomain' );
|
5 |
* Description: WordPress Forum plugin. wpForo is a full-fledged forum solution for your community. Comes with multiple modern forum layouts.
|
6 |
* Author: gVectors Team (A. Chakhoyan, R. Hovhannisyan)
|
7 |
* Author URI: https://gvectors.com/
|
8 |
+
* Version: 1.4.11
|
9 |
* Text Domain: wpforo
|
10 |
* Domain Path: /wpf-languages
|
11 |
*/
|
12 |
|
13 |
//Exit if accessed directly
|
14 |
if( !defined( 'ABSPATH' ) ) exit;
|
15 |
+
if( !defined( 'WPFORO_VERSION' ) ) define('WPFORO_VERSION', '1.4.11');
|
16 |
|
17 |
function wpforo_load_plugin_textdomain() { load_plugin_textdomain( 'wpforo', FALSE, basename( dirname( __FILE__ ) ) . '/wpf-languages/' ); }
|
18 |
add_action( 'plugins_loaded', 'wpforo_load_plugin_textdomain' );
|