Changeset 2939202
- Timestamp:
- 07/16/2023 06:14:12 PM (3 years ago)
- Location:
- upload-media-by-url/trunk
- Files:
-
- 2 edited
-
readme.txt (modified) (2 diffs)
-
uploadmediabyurl.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
upload-media-by-url/trunk/readme.txt
r2482063 r2939202 4 4 Author website: https://notetoservices.com 5 5 Tags: upload, url, multiple, files, media, library, attachment 6 Requires at least: 5.67 Tested up to: 5.68 Stable tag: 1.0. 76 Requires at least: 6.2 7 Tested up to: 6.2 8 Stable tag: 1.0.8 9 9 Requires PHP: 7.4 10 10 Plugin URI: http://wordpress.org/plugins/upload-media-by-url/ … … 45 45 46 46 == Changelog == 47 = 1.0.8 = 48 Fixed issue with CSRF vulnerability found by Dmitrii Ignatiev 49 47 50 = 1.0.7 = 48 51 Fixed issue with $this in umbu_mediaButton function -
upload-media-by-url/trunk/uploadmediabyurl.php
r2482068 r2939202 8 8 Author URI: https://notetoservices.com 9 9 License: GPLv2 or later 10 Version: 1.0. 710 Version: 1.0.8 11 11 */ 12 12 … … 69 69 ); 70 70 71 $overrides = array( 71 $nonce = wp_create_nonce('umbu_download'); 72 73 // Add the nonce field to the form 74 wp_nonce_field('umbu_download', $nonce); 75 76 // Move the temporary file into the uploads directory 72 77 // Tells WordPress to not look for the POST form 73 78 // fields that would normally be present as … … 75 80 // will be no form fields 76 81 // Default is true 77 'test_form' => false,78 82 79 // Setting this to false lets WordPress allow empty files, not recommended 80 // Default is true 81 'test_size' => true, 82 ); 83 84 // Move the temporary file into the uploads directory 85 $results = media_handle_sideload( $file, $post->$id, NULL, $overrides ); 83 $results = media_handle_sideload( $file, $post->$id, NULL, array( 'test_size' => false ) ); 86 84 // $results = media_handle_sideload( $file, $overrides ); 87 85 }
Note: See TracChangeset
for help on using the changeset viewer.