Changeset 3170401
- Timestamp:
- 10/17/2024 01:31:12 AM (18 months ago)
- Location:
- gallery-for-ultimate-member/trunk
- Files:
-
- 8 added
- 3 edited
-
assets/css/components (added)
-
assets/css/components/dropzone.css (added)
-
assets/css/components/jquery-comments.css (added)
-
assets/css/components/jquery.tagit.css (added)
-
assets/css/components/magnific-popup.css (added)
-
assets/css/components/um-gallery.css (added)
-
assets/images/um-gallery-pro-banner.jpg (added)
-
gallery-for-ultimate-member.php (modified) (2 diffs)
-
includes/um-gallery-ajax.php (modified) (1 diff)
-
includes/um-gallery-settings.php (added)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
gallery-for-ultimate-member/trunk/gallery-for-ultimate-member.php
r3116428 r3170401 4 4 * Plugin URI: https://suiteplugins.com/ 5 5 * Description: Allow your user to upload photos from their Ultimate Member profile 6 * Version: 1. 0.96 * Version: 1.1.0 7 7 * Requires at least: 5.2 8 8 * Requires PHP: 5.4 … … 25 25 define( 'UM_GALLERY_LITE_PATH', plugin_dir_path( __FILE__ ) ); 26 26 define( 'UM_GALLERY_LITE_PLUGIN', plugin_basename( __FILE__ ) ); 27 define( 'UM_GALLERY_LITE_VERSION', '1. 0.9' );27 define( 'UM_GALLERY_LITE_VERSION', '1.1.0' ); 28 28 require_once ABSPATH . 'wp-admin/includes/plugin.php'; 29 29 -
gallery-for-ultimate-member/trunk/includes/um-gallery-ajax.php
r3111398 r3170401 321 321 322 322 // $file = um_gallery_fix_image_orientation( $_FILES ); 323 $file = $_FILES['file']; 324 $album_id = (int) $_POST['album_id']; 323 // Allowed file types includeing images and videos. 324 $allowed_file_types = array( 'image/jpeg', 'image/png', 'image/gif', 'video/mp4', 'video/avi', 'video/mov' ); 325 if ( isset( $_FILES['file'] ) && ! empty( $_FILES['file']['name'] ) ) { 326 $file = $_FILES['file']; 327 } else { 328 wp_send_json_error( array( 'message' => 'No file uploaded.' ) ); 329 } 330 331 // Check if the file type is allowed 332 if ( ! in_array( $file['type'], $allowed_file_types ) ) { 333 wp_send_json_error( array( 'message' => 'File type not allowed.' ) ); 334 } 335 $album_id = isset( $_POST['album_id'] ) ? absint( $_POST['album_id'] ) : 0; 325 336 $tmp_file = $file['tmp_name']; 326 337 $name = sanitize_text_field( $file['name'] ); -
gallery-for-ultimate-member/trunk/readme.txt
r3116428 r3170401 5 5 Requires at least: 4.6 6 6 Requires PHP: 5.4 7 Tested up to: 6.6 8 Stable tag: 1. 0.97 Tested up to: 6.6.2 8 Stable tag: 1.1.0 9 9 License: GPLv2 or later 10 10 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 115 115 == Changelog == 116 116 117 = 1.1.0 = 118 Fixed: Reported Security issue with file uploads 119 117 120 = 1.0.9 = 118 121 Fixed: Activation error caused by settings
Note: See TracChangeset
for help on using the changeset viewer.