WordPress.org
Get WordPress

Plugin Directory

Changeset 2244568


Ignore:
Timestamp:
02/14/2020 05:43:50 PM (6 years ago)
Author:
layotte
Message:

Tagging 2.1.3

Location:
ithemes-sync
Files:
2 added
16 edited
1 copied

Legend:

Unmodified
Added
Removed

  • ithemes-sync/tags/2.1.3/api.php

    r1962339 r2244568  
    3131   
    3232    private $default_verbs = array(
     33        'check-nonce'                  => 'Ithemes_Sync_Verb_Check_Nonce',
    3334        'db-optimization'              => 'Ithemes_Sync_Verb_DB_Optimization',
    3435        'deauthenticate-user'          => 'Ithemes_Sync_Verb_Deauthenticate_User',

  • ithemes-sync/tags/2.1.3/functions.php

    r1669854 r2244568  
    10091009    }
    10101010
     1011    public static function generate_sync_nonce( $name ) {
     1012
     1013        $nonce = array(
     1014            'value'      => wp_generate_password( 24 ),
     1015            'expiration' => time() + 3600
     1016        );
     1017
     1018        update_option( 'ithemes-sync-nonce-' . $name, $nonce, false );
     1019
     1020        return $nonce;
     1021    }
     1022
     1023    public static function validate_sync_nonce( $name, $supplied_nonce ) {
     1024        $nonce = get_option( 'ithemes-sync-nonce-' . $name );
     1025
     1026        if ( $nonce !== false && $nonce['expiration'] > time() && hash_equals( $supplied_nonce, $nonce['value'] ) ) {
     1027            return true;
     1028        }
     1029
     1030        return false;
     1031    }
    10111032}

  • ithemes-sync/tags/2.1.3/history.txt

    r2243350 r2244568  
    2252252.1.2 - 2020-02-10 - Josh Oakes
    226226    Bug Fix: Fix PHP warning when updating plugins & themes on WP 5.3+
     2272.1.3 - 2020-02-10 - Josh Oakes
     228    Bug Fix: Add nonce to authentication request

  • ithemes-sync/tags/2.1.3/init.php

    r2243350 r2244568  
    55Description: Manage updates to your WordPress sites easily in one place.
    66Author: iThemes
    7 Version: 2.1.2
     7Version: 2.1.3
    88Author URI: http://ithemes.com/
    99Domain Path: /lang/

  • ithemes-sync/tags/2.1.3/lang/ithemes-sync.pot

    r2243350 r2244568  
    33msgid ""
    44msgstr ""
    5 "Project-Id-Version: iThemes Sync 2.1.2\n"
     5"Project-Id-Version: iThemes Sync 2.1.3\n"
    66"Report-Msgid-Bugs-To: http://ithemes.com/support/\n"
    7 "POT-Creation-Date: 2020-02-12 18:00:57+00:00\n"
     7"POT-Creation-Date: 2020-02-14 17:34:22+00:00\n"
    88"PO-Revision-Date: 2020-MO-DA HO:MI+ZONE\n"
    99"MIME-Version: 1.0\n"
     
    351351msgstr ""
    352352
    353 #: server.php:188
     353#: server.php:192
    354354msgid "An unrecognized server response format was received from the iThemes Sync server."
    355355msgstr ""

  • ithemes-sync/tags/2.1.3/readme.txt

    r2243350 r2244568  
    8888== Changelog ==
    8989
     90= 2.1.3 =
     91* Bug Fix: Add nonce to authentication request
     92
    9093= 2.1.2 =
    9194* Bug Fix: Fix PHP warning when updating plugins & themes on WP 5.3+

  • ithemes-sync/tags/2.1.3/request-handler.php

    r2225554 r2244568  
    230230    private function parse_request( $request ) {
    231231
    232         if ( empty( $this->options['authentications'] ) && ( ! empty( $request['action'] ) && 'manage-site' != $request['action'] ) ) {
    233             $this->send_response( new WP_Error( 'site-not-authenticated', 'The site does not have any authenticated users.' ) );
    234         }
    235        
    236232        $this->request = $request;     
    237233       
     
    251247
    252248        // If action is manage-site, stop here
    253         if ( 'manage-site' == $request['action'] ) {
     249        if ( 'manage-site' == $request['action'] || 'check-nonce' == $request['action'] ) {
    254250            return;
    255251        }
    256252       
    257         if ( ! isset( $this->options['authentications'][$request['user_id']] ) ) {
     253        if ( empty( $this->options['authentications'] ) || ! isset( $this->options['authentications'][$request['user_id']] ) ) {
    258254            $this->send_response( new WP_Error( 'user-not-authenticated', 'The requested user is not authenticated.' ) );
    259255        }

  • ithemes-sync/tags/2.1.3/server.php

    r2186328 r2244568  
    3030   
    3131    public static function authenticate( $username, $password ) {
     32        require_once( $GLOBALS['ithemes_sync_path'] . '/functions.php' );
     33
    3234        $query = array(
    3335            'user' => $username,
    3436        );
    35        
     37
     38        $nonce = Ithemes_Sync_Functions::generate_sync_nonce( 'auth-verification' );
    3639        $data = array(
    3740            'auth_token' => self::get_password_hash( $username, $password ),
    38         );
    39        
     41            'nonce' => $nonce['value']
     42        );
     43
    4044        return self::request( 'authenticate-user', $query, $data );
    4145    }
     
    237241        remove_action( 'http_api_curl', array( __CLASS__, 'add_ca_patch_to_curl_opts' ) );
    238242    }
     243
    239244}

  • ithemes-sync/trunk/api.php

    r1962339 r2244568  
    3131   
    3232    private $default_verbs = array(
     33        'check-nonce'                  => 'Ithemes_Sync_Verb_Check_Nonce',
    3334        'db-optimization'              => 'Ithemes_Sync_Verb_DB_Optimization',
    3435        'deauthenticate-user'          => 'Ithemes_Sync_Verb_Deauthenticate_User',

  • ithemes-sync/trunk/functions.php

    r1669854 r2244568  
    10091009    }
    10101010
     1011    public static function generate_sync_nonce( $name ) {
     1012
     1013        $nonce = array(
     1014            'value'      => wp_generate_password( 24 ),
     1015            'expiration' => time() + 3600
     1016        );
     1017
     1018        update_option( 'ithemes-sync-nonce-' . $name, $nonce, false );
     1019
     1020        return $nonce;
     1021    }
     1022
     1023    public static function validate_sync_nonce( $name, $supplied_nonce ) {
     1024        $nonce = get_option( 'ithemes-sync-nonce-' . $name );
     1025
     1026        if ( $nonce !== false && $nonce['expiration'] > time() && hash_equals( $supplied_nonce, $nonce['value'] ) ) {
     1027            return true;
     1028        }
     1029
     1030        return false;
     1031    }
    10111032}

  • ithemes-sync/trunk/history.txt

    r2243350 r2244568  
    2252252.1.2 - 2020-02-10 - Josh Oakes
    226226    Bug Fix: Fix PHP warning when updating plugins & themes on WP 5.3+
     2272.1.3 - 2020-02-10 - Josh Oakes
     228    Bug Fix: Add nonce to authentication request

  • ithemes-sync/trunk/init.php

    r2243350 r2244568  
    55Description: Manage updates to your WordPress sites easily in one place.
    66Author: iThemes
    7 Version: 2.1.2
     7Version: 2.1.3
    88Author URI: http://ithemes.com/
    99Domain Path: /lang/

  • ithemes-sync/trunk/lang/ithemes-sync.pot

    r2243350 r2244568  
    33msgid ""
    44msgstr ""
    5 "Project-Id-Version: iThemes Sync 2.1.2\n"
     5"Project-Id-Version: iThemes Sync 2.1.3\n"
    66"Report-Msgid-Bugs-To: http://ithemes.com/support/\n"
    7 "POT-Creation-Date: 2020-02-12 18:00:57+00:00\n"
     7"POT-Creation-Date: 2020-02-14 17:34:22+00:00\n"
    88"PO-Revision-Date: 2020-MO-DA HO:MI+ZONE\n"
    99"MIME-Version: 1.0\n"
     
    351351msgstr ""
    352352
    353 #: server.php:188
     353#: server.php:192
    354354msgid "An unrecognized server response format was received from the iThemes Sync server."
    355355msgstr ""

  • ithemes-sync/trunk/readme.txt

    r2243350 r2244568  
    8888== Changelog ==
    8989
     90= 2.1.3 =
     91* Bug Fix: Add nonce to authentication request
     92
    9093= 2.1.2 =
    9194* Bug Fix: Fix PHP warning when updating plugins & themes on WP 5.3+

  • ithemes-sync/trunk/request-handler.php

    r2225554 r2244568  
    230230    private function parse_request( $request ) {
    231231
    232         if ( empty( $this->options['authentications'] ) && ( ! empty( $request['action'] ) && 'manage-site' != $request['action'] ) ) {
    233             $this->send_response( new WP_Error( 'site-not-authenticated', 'The site does not have any authenticated users.' ) );
    234         }
    235        
    236232        $this->request = $request;     
    237233       
     
    251247
    252248        // If action is manage-site, stop here
    253         if ( 'manage-site' == $request['action'] ) {
     249        if ( 'manage-site' == $request['action'] || 'check-nonce' == $request['action'] ) {
    254250            return;
    255251        }
    256252       
    257         if ( ! isset( $this->options['authentications'][$request['user_id']] ) ) {
     253        if ( empty( $this->options['authentications'] ) || ! isset( $this->options['authentications'][$request['user_id']] ) ) {
    258254            $this->send_response( new WP_Error( 'user-not-authenticated', 'The requested user is not authenticated.' ) );
    259255        }

  • ithemes-sync/trunk/server.php

    r2186328 r2244568  
    3030   
    3131    public static function authenticate( $username, $password ) {
     32        require_once( $GLOBALS['ithemes_sync_path'] . '/functions.php' );
     33
    3234        $query = array(
    3335            'user' => $username,
    3436        );
    35        
     37
     38        $nonce = Ithemes_Sync_Functions::generate_sync_nonce( 'auth-verification' );
    3639        $data = array(
    3740            'auth_token' => self::get_password_hash( $username, $password ),
    38         );
    39        
     41            'nonce' => $nonce['value']
     42        );
     43
    4044        return self::request( 'authenticate-user', $query, $data );
    4145    }
     
    237241        remove_action( 'http_api_curl', array( __CLASS__, 'add_ca_patch_to_curl_opts' ) );
    238242    }
     243
    239244}
Note: See TracChangeset for help on using the changeset viewer.