Changeset 2844028
- Timestamp:
- 01/05/2023 11:38:19 AM (3 years ago)
- Location:
- contentstudio
- Files:
-
- 4 edited
- 1 copied
-
tags/1.2.5 (copied) (copied from contentstudio/trunk)
-
tags/1.2.5/contentstudio-plugin.php (modified) (8 diffs)
-
tags/1.2.5/readme.txt (modified) (1 diff)
-
trunk/contentstudio-plugin.php (modified) (8 diffs)
-
trunk/readme.txt (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
contentstudio/tags/1.2.5/contentstudio-plugin.php
r2830962 r2844028 3 3 Plugin Name: ContentStudio 4 4 Description: ContentStudio provides you with powerful blogging & social media tools to keep your audience hooked by streamlining the process for you to discover and share engaging content on multiple blogging & social media networks 5 Version: 1.2. 45 Version: 1.2.5 6 6 Author: ContentStudio 7 7 Author URI: http://contentstudio.io/ … … 39 39 40 40 protected $assets = 'https://contentstudio.io/img'; 41 42 private $version = "1.2. 4";41 42 private $version = "1.2.5"; 43 43 44 44 protected $contentstudio_id = ''; … … 420 420 return false; 421 421 } 422 423 /** 424 * validate username and password. 425 * 426 */ 427 public function do_validate_wp_user($user_info) 428 { 429 $user_info = explode(":", base64_decode($user_info)); 430 $user = get_user_by('login', $user_info[0]); 431 if ($user && $user->ID != 0) { 432 if (wp_check_password($user_info[1], $user->data->user_pass, $user->ID)) { // validate password 433 if ($user->has_cap('publish_posts') && $user->has_cap('edit_posts')) { 434 return ['status' => true, 'message' => 'User validated successfully.']; 435 } else { 436 $error = "You don't have permission to publish posts."; 437 } 438 } else { 439 $error = "Invalid password."; 440 } 441 } else { 442 $error = "Invalid username."; 443 } 444 return ['status' => false, 'message' => $error]; 445 } 446 422 447 423 448 /** … … 719 744 } 720 745 721 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 722 723 //validate the user and user capabilities to publish posts 724 $user = get_user_by('ID', $post_author); // get the user by id 725 if (!$user || !$user->has_cap('publish_posts') || !$user->has_cap('edit_posts')) { 726 echo json_encode(['status' => false, 'message' => 'Invalid post author.']); 746 if (!isset($_REQUEST['user_info'])) { 747 echo json_encode(['status' => false, 'message' => 'user_info is required']); 748 die(); 749 } 750 751 $result = $this->do_validate_wp_user($_REQUEST['user_info']); 752 if ($result['status'] == false) { 753 echo json_encode($result); 727 754 die(); 728 755 } … … 766 793 767 794 // insert the post 768 795 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 769 796 $post_content = sanitize_meta('post_content', $_REQUEST['post']['post_content'], 'post'); 770 797 $post_status = sanitize_text_field($_REQUEST['post']['post_status']); … … 878 905 } 879 906 880 881 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 882 883 //validate the user and user capabilities to publish posts 884 $user = get_user_by('ID', $post_author); // get the user by id 885 if (!$user || !$user->has_cap('publish_posts') || !$user->has_cap('edit_posts')) { 886 echo json_encode(['status' => false, 'message' => 'Invalid post author.']); 907 if (!isset($_REQUEST['user_info'])) { 908 echo json_encode(['status' => false, 'message' => 'user_info is required']); 887 909 die(); 888 910 } 889 911 912 // validate the username and password 913 $result = $this->do_validate_wp_user($_REQUEST['user_info']); 914 if ($result['status'] == false) { 915 echo json_encode($result); 916 die(); 917 } 890 918 891 919 … … 899 927 900 928 // update the post 901 929 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 902 930 $post_content = sanitize_meta('post_content', $_REQUEST['post']['post_content'], 'post'); 903 931 $post_status = sanitize_text_field($_REQUEST['post']['post_status']); … … 1503 1531 return new ContentStudio(); 1504 1532 } 1533 -
contentstudio/tags/1.2.5/readme.txt
r2830962 r2844028 5 5 Requires at least: 4.8 6 6 Tested up to: 6.1 7 Stable tag: 1.2. 47 Stable tag: 1.2.5 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html -
contentstudio/trunk/contentstudio-plugin.php
r2830962 r2844028 3 3 Plugin Name: ContentStudio 4 4 Description: ContentStudio provides you with powerful blogging & social media tools to keep your audience hooked by streamlining the process for you to discover and share engaging content on multiple blogging & social media networks 5 Version: 1.2. 45 Version: 1.2.5 6 6 Author: ContentStudio 7 7 Author URI: http://contentstudio.io/ … … 39 39 40 40 protected $assets = 'https://contentstudio.io/img'; 41 42 private $version = "1.2. 4";41 42 private $version = "1.2.5"; 43 43 44 44 protected $contentstudio_id = ''; … … 420 420 return false; 421 421 } 422 423 /** 424 * validate username and password. 425 * 426 */ 427 public function do_validate_wp_user($user_info) 428 { 429 $user_info = explode(":", base64_decode($user_info)); 430 $user = get_user_by('login', $user_info[0]); 431 if ($user && $user->ID != 0) { 432 if (wp_check_password($user_info[1], $user->data->user_pass, $user->ID)) { // validate password 433 if ($user->has_cap('publish_posts') && $user->has_cap('edit_posts')) { 434 return ['status' => true, 'message' => 'User validated successfully.']; 435 } else { 436 $error = "You don't have permission to publish posts."; 437 } 438 } else { 439 $error = "Invalid password."; 440 } 441 } else { 442 $error = "Invalid username."; 443 } 444 return ['status' => false, 'message' => $error]; 445 } 446 422 447 423 448 /** … … 719 744 } 720 745 721 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 722 723 //validate the user and user capabilities to publish posts 724 $user = get_user_by('ID', $post_author); // get the user by id 725 if (!$user || !$user->has_cap('publish_posts') || !$user->has_cap('edit_posts')) { 726 echo json_encode(['status' => false, 'message' => 'Invalid post author.']); 746 if (!isset($_REQUEST['user_info'])) { 747 echo json_encode(['status' => false, 'message' => 'user_info is required']); 748 die(); 749 } 750 751 $result = $this->do_validate_wp_user($_REQUEST['user_info']); 752 if ($result['status'] == false) { 753 echo json_encode($result); 727 754 die(); 728 755 } … … 766 793 767 794 // insert the post 768 795 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 769 796 $post_content = sanitize_meta('post_content', $_REQUEST['post']['post_content'], 'post'); 770 797 $post_status = sanitize_text_field($_REQUEST['post']['post_status']); … … 878 905 } 879 906 880 881 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 882 883 //validate the user and user capabilities to publish posts 884 $user = get_user_by('ID', $post_author); // get the user by id 885 if (!$user || !$user->has_cap('publish_posts') || !$user->has_cap('edit_posts')) { 886 echo json_encode(['status' => false, 'message' => 'Invalid post author.']); 907 if (!isset($_REQUEST['user_info'])) { 908 echo json_encode(['status' => false, 'message' => 'user_info is required']); 887 909 die(); 888 910 } 889 911 912 // validate the username and password 913 $result = $this->do_validate_wp_user($_REQUEST['user_info']); 914 if ($result['status'] == false) { 915 echo json_encode($result); 916 die(); 917 } 890 918 891 919 … … 899 927 900 928 // update the post 901 929 $post_author = (int) sanitize_text_field($_REQUEST['post']['post_author']); 902 930 $post_content = sanitize_meta('post_content', $_REQUEST['post']['post_content'], 'post'); 903 931 $post_status = sanitize_text_field($_REQUEST['post']['post_status']); … … 1503 1531 return new ContentStudio(); 1504 1532 } 1533 -
contentstudio/trunk/readme.txt
r2830962 r2844028 5 5 Requires at least: 4.8 6 6 Tested up to: 6.1 7 Stable tag: 1.2. 47 Stable tag: 1.2.5 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html
Note: See TracChangeset
for help on using the changeset viewer.