Changeset 3047826
- Timestamp:
- 03/08/2024 12:55:35 PM (2 years ago)
- Location:
- pie-register/trunk
- Files:
-
- 4 edited
-
classes/base.php (modified) (2 diffs)
-
classes/profile_admin.php (modified) (2 diffs)
-
pie-register.php (modified) (1 diff)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
pie-register/trunk/classes/base.php
r3011214 r3047826 2562 2562 $temp_file_name = sanitize_file_name("file_".abs( crc32( wp_generate_password( rand(7,12) ) ."_".time() ) )."_".$form_id.".".$extension); 2563 2563 $temp_file_url = $upload_dir['baseurl']."/piereg_users_files/".$user_id."/"."pie_".$field_slug."/".$temp_file_name; 2564 // Allowed Mime Types in WordPress 2565 $validate_file_ext_type = wp_check_filetype_and_ext( $temp_file_url, $temp_file_name ); 2566 if ( ( $validate_file_ext_type['ext'] !== false ) && ( $validate_file_ext_type['type'] !== false) ) 2567 { 2568 if(!move_uploaded_file($_FILES[$field_slug]['tmp_name'],$temp_dir."/".$temp_file_name)){ 2569 $errors->add( $field_slug , '<strong>'.__(ucwords('error'),'pie-register').'</strong>: '.apply_filters("piereg_Fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' ))); 2570 }else{ 2571 /*Upload Index.html file on User dir*/ 2572 $this->upload_forbidden_html_file( realpath($upload_dir['basedir'])."/piereg_users_files" ); 2573 /*Upload Index.html file on User dir*/ 2574 $this->upload_forbidden_html_file( $temp_dir ); 2575 2576 $old_file = get_user_meta($user_id,"pie_".$field_slug, true); 2577 if( !empty($old_file) ){ 2578 $old_file = !is_array($old_file) ? $old_file : $old_file[0]; 2579 if( file_exists($temp_dir."/".basename( $old_file )) ){ 2580 unlink( $temp_dir."/".basename( $old_file ) ); 2581 } 2582 } 2583 update_user_meta($user_id,"pie_".$field_slug, $temp_file_url); 2584 $this->pie_success = 1; 2585 } 2586 } 2587 else 2588 { 2589 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_fail_to_upload_profile_picture",__('File Type Is Not Permitted','pie-register' ))); 2590 } 2591 }else{ 2592 $errors->add( $field_slug , '<strong>'.__(ucwords('error'),'pie-register').'</strong>: '.apply_filters("piereg_invalid_file",__('Invalid File.','pie-register' ))); 2593 } 2594 } 2595 elseif($field['file_types'] == ""){ 2596 $temp = explode(".", sanitize_file_name($_FILES[$field_slug]["name"])); 2597 $extension = end($temp); 2598 $upload_dir = wp_upload_dir(); 2599 $temp_dir = realpath($upload_dir['basedir'])."/piereg_users_files/".$user_id."/"."pie_".$field_slug.""; 2600 wp_mkdir_p($temp_dir); 2601 $temp_file_name = sanitize_file_name("file_".abs( crc32( wp_generate_password( rand(7,12) ) ."_".time() ) )."_".$form_id.".".$extension); 2602 $temp_file_url = $upload_dir['baseurl']."/piereg_users_files/".$user_id."/"."pie_".$field_slug."/".$temp_file_name; 2603 // Allowed Mime Types in WordPress 2604 $validate_file_ext_type = wp_check_filetype_and_ext( $temp_file_url, $temp_file_name ); 2605 if ( ( $validate_file_ext_type['ext'] !== false ) && ( $validate_file_ext_type['type'] !== false) ) 2606 { 2564 2607 if(!move_uploaded_file($_FILES[$field_slug]['tmp_name'],$temp_dir."/".$temp_file_name)){ 2565 $errors->add( $field_slug , '<strong>'. __(ucwords('error'),'pie-register').'</strong>: '.apply_filters("piereg_Fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' )));2608 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' ))); 2566 2609 }else{ 2567 2610 /*Upload Index.html file on User dir*/ … … 2580 2623 $this->pie_success = 1; 2581 2624 } 2582 }else{ 2583 $errors->add( $field_slug , '<strong>'.__(ucwords('error'),'pie-register').'</strong>: '.apply_filters("piereg_invalid_file",__('Invalid File.','pie-register' ))); 2584 } 2585 } 2586 elseif($field['file_types'] == ""){ 2587 $temp = explode(".", sanitize_file_name($_FILES[$field_slug]["name"])); 2588 $extension = end($temp); 2589 $upload_dir = wp_upload_dir(); 2590 $temp_dir = realpath($upload_dir['basedir'])."/piereg_users_files/".$user_id."/"."pie_".$field_slug.""; 2591 wp_mkdir_p($temp_dir); 2592 $temp_file_name = sanitize_file_name("file_".abs( crc32( wp_generate_password( rand(7,12) ) ."_".time() ) )."_".$form_id.".".$extension); 2593 $temp_file_url = $upload_dir['baseurl']."/piereg_users_files/".$user_id."/"."pie_".$field_slug."/".$temp_file_name; 2594 if(!move_uploaded_file($_FILES[$field_slug]['tmp_name'],$temp_dir."/".$temp_file_name)){ 2595 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' ))); 2596 }else{ 2597 /*Upload Index.html file on User dir*/ 2598 $this->upload_forbidden_html_file( realpath($upload_dir['basedir'])."/piereg_users_files" ); 2599 /*Upload Index.html file on User dir*/ 2600 $this->upload_forbidden_html_file( $temp_dir ); 2601 2602 $old_file = get_user_meta($user_id,"pie_".$field_slug, true); 2603 if( !empty($old_file) ){ 2604 $old_file = !is_array($old_file) ? $old_file : $old_file[0]; 2605 if( file_exists($temp_dir."/".basename( $old_file )) ){ 2606 unlink( $temp_dir."/".basename( $old_file ) ); 2607 } 2608 } 2609 update_user_meta($user_id,"pie_".$field_slug, $temp_file_url); 2610 $this->pie_success = 1; 2625 } 2626 else 2627 { 2628 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_fail_to_upload_profile_picture",__('File Type Is Not Permitted','pie-register' ))); 2611 2629 } 2612 2630 } -
pie-register/trunk/classes/profile_admin.php
r2872802 r3047826 820 820 $temp_file_name = sanitize_file_name("file_".crc32($user_id."_".$extension."_".time()).".".$extension); 821 821 $temp_file_url = $upload_dir['baseurl']."/piereg_users_files/".$user_id."/".$field_slug."/".$temp_file_name; 822 if(!move_uploaded_file($_FILES[$field_slug]['tmp_name'],$temp_dir."/".$temp_file_name) && $required){ 823 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_Fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' ))); 824 }else{ 825 update_user_meta($user_id,$field_slug, $temp_file_url); 822 // Allowed Mime Types in WordPress 823 $validate_file_ext_type = wp_check_filetype_and_ext( $temp_file_url, $temp_file_name ); 824 if ( ( $validate_file_ext_type['ext'] !== false ) && ( $validate_file_ext_type['type'] !== false) ) 825 { 826 if(!move_uploaded_file($_FILES[$field_slug]['tmp_name'],$temp_dir."/".$temp_file_name) && $required){ 827 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_Fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' ))); 828 }else{ 829 update_user_meta($user_id,$field_slug, $temp_file_url); 830 } 831 } 832 else 833 { 834 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_fail_to_upload_profile_picture",__('File Type Is Not Permitted','pie-register' ))); 826 835 } 827 836 } … … 837 846 $temp_file_name = sanitize_file_name("file_".crc32($user_id."_".$extension."_".time()).".".$extension); 838 847 $temp_file_url = $upload_dir['baseurl']."/piereg_users_files/".$user_id."/".$field_slug."/".$temp_file_name; 839 if(!move_uploaded_file($_FILES[$field_slug]['tmp_name'],$temp_dir."/".$temp_file_name) && $required){ 840 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_Fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' ))); 841 }else{ 842 update_user_meta($user_id,$field_slug, $temp_file_url); 848 // Allowed Mime Types in WordPress 849 $validate_file_ext_type = wp_check_filetype_and_ext( $temp_file_url, $temp_file_name ); 850 if ( ( $validate_file_ext_type['ext'] !== false ) && ( $validate_file_ext_type['type'] !== false) ) 851 { 852 if(!move_uploaded_file($_FILES[$field_slug]['tmp_name'],$temp_dir."/".$temp_file_name) && $required){ 853 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_Fail_to_upload_profile_picture",__('Failed to upload the profile picture.','pie-register' ))); 854 }else{ 855 update_user_meta($user_id,$field_slug, $temp_file_url); 856 } 857 } 858 else 859 { 860 $errors->add( $field_slug , '<strong>'.ucwords(__('error','pie-register')).'</strong>: '.apply_filters("piereg_fail_to_upload_profile_picture",__('File Type Is Not Permitted','pie-register' ))); 843 861 } 844 862 } -
pie-register/trunk/pie-register.php
r3011214 r3047826 5 5 Plugin URI: https://pieregister.com/ 6 6 Description: Create custom user registration forms, drag & drop form builder, send invitation codes, add conditional logic, 2-step authentication, assign user roles, accept payments and more! 7 Version: 3.8.3. 17 Version: 3.8.3.2 8 8 Author: Pie Register 9 9 Author URI: https://pieregister.com/ -
pie-register/trunk/readme.txt
r3011214 r3047826 6 6 Tested up to: 6.4 7 7 Requires PHP: 5.6 8 Stable tag: 3.8.3. 18 Stable tag: 3.8.3.2 9 9 License: GNU Version 2 or Any Later Version 10 10 License URI: https://www.gnu.org/licenses/gpl-3.0.html … … 232 232 233 233 == CHANGELOG == 234 ### 3.8.3.2 235 236 *Released Date 8th March 2024* 237 238 * Fixed: File type and extension validations to the file upload field. 239 234 240 ### 3.8.3.1 235 241
Note: See TracChangeset
for help on using the changeset viewer.