Changeset 3285765
- Timestamp:
- 05/01/2025 05:03:31 PM (11 months ago)
- Location:
- quran-text-multilanguage/trunk
- Files:
-
- 2 edited
-
quran-text-multilanguage.php (modified) (2 diffs)
-
readme.txt (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
quran-text-multilanguage/trunk/quran-text-multilanguage.php
r3285559 r3285765 7 7 Description: Quran Text Multilanguage translated into 29 languages. Full ajax version and responsive. Fully customizable. More reciter... 8 8 9 Version: 2.3.2 49 Version: 2.3.25 10 10 * Important: This update includes critical security fixes for XSS vulnerabilities 11 11 Author: Bahmed karim … … 535 535 536 536 } 537 538 function qtm_changesura() {539 if(!isset($_GET['sura']) || !preg_match('/^[0-9]+$/', $_GET['sura'])) {540 wp_send_json_error(esc_html__('Paramètre sourate invalide', 'quran-text-multilanguage'));541 return;542 }543 544 $sura = intval($_GET['sura']);545 if($sura < 1 || $sura > 114) {546 wp_send_json_error(esc_html__('Numéro de sourate invalide', 'quran-text-multilanguage'));547 return;548 }549 550 // Vérification de l'origine des fichiers MP3551 $allowed_domains = array('quran.s3.fr-par.scw.cloud');552 $mp3_url = 'https://quran.s3.fr-par.scw.cloud/';553 554 if(!in_array(parse_url($mp3_url, PHP_URL_HOST), $allowed_domains)) {555 wp_send_json_error('Origine des fichiers MP3 non autorisée');556 return;557 }558 559 // ... reste du code existant ...560 } -
quran-text-multilanguage/trunk/readme.txt
r3285568 r3285765 377 377 * Security: Added proper escaping for text input fields using esc_attr() 378 378 379 = 2.3.25 = 380 * Fixed change sura error
Note: See TracChangeset
for help on using the changeset viewer.