Changeset 3391342
- Timestamp:
- 11/06/2025 06:01:20 PM (5 months ago)
- Location:
- elex-helpdesk-customer-support-ticket-system
- Files:
-
- 1 deleted
- 6 edited
- 21 copied
-
tags/3.3.0 (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk)
-
tags/3.3.0/bitbucket-pipelines.yml (deleted)
-
tags/3.3.0/elex-helpdesk-customer-support-ticket-system.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/elex-helpdesk-customer-support-ticket-system.php) (1 diff)
-
tags/3.3.0/includes/class-crm-ajax-functions-one.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-one.php)
-
tags/3.3.0/includes/class-crm-ajax-functions-three.php (modified) (3 diffs)
-
tags/3.3.0/includes/class-crm-ajax-functions-two.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-two.php)
-
tags/3.3.0/includes/class-crm-ajax-functions.php (modified) (2 diffs)
-
tags/3.3.0/includes/class-crm-archive-ajax-functions.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-archive-ajax-functions.php)
-
tags/3.3.0/includes/class-crm-install-functions.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-install-functions.php)
-
tags/3.3.0/includes/class-crm-update-version.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-update-version.php)
-
tags/3.3.0/lang/wsdesk-nl_BE.mo (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/lang/wsdesk-nl_BE.mo)
-
tags/3.3.0/lang/wsdesk-nl_BE.po (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/lang/wsdesk-nl_BE.po)
-
tags/3.3.0/lang/wsdesk-nl_NL.mo (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/lang/wsdesk-nl_NL.mo)
-
tags/3.3.0/lang/wsdesk-nl_NL.po (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/lang/wsdesk-nl_NL.po)
-
tags/3.3.0/lang/wsdesk-nl_NL_formal.mo (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/lang/wsdesk-nl_NL_formal.mo)
-
tags/3.3.0/lang/wsdesk-nl_NL_formal.po (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/lang/wsdesk-nl_NL_formal.po)
-
tags/3.3.0/readme.txt (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/readme.txt) (3 diffs)
-
tags/3.3.0/vendor/autoload.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/vendor/autoload.php)
-
tags/3.3.0/vendor/composer/autoload_psr4.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/vendor/composer/autoload_psr4.php)
-
tags/3.3.0/vendor/composer/autoload_real.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/vendor/composer/autoload_real.php)
-
tags/3.3.0/vendor/composer/autoload_static.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/vendor/composer/autoload_static.php)
-
tags/3.3.0/vendor/composer/installed.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/vendor/composer/installed.php)
-
tags/3.3.0/views/crm_reports_v2.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/views/crm_reports_v2.php)
-
tags/3.3.0/views/settings/crm_settings_general.php (copied) (copied from elex-helpdesk-customer-support-ticket-system/trunk/views/settings/crm_settings_general.php)
-
trunk/elex-helpdesk-customer-support-ticket-system.php (modified) (1 diff)
-
trunk/includes/class-crm-ajax-functions-three.php (modified) (3 diffs)
-
trunk/includes/class-crm-ajax-functions.php (modified) (2 diffs)
-
trunk/readme.txt (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
elex-helpdesk-customer-support-ticket-system/tags/3.3.0/elex-helpdesk-customer-support-ticket-system.php
r3332203 r3391342 4 4 * Plugin URI: https://elextensions.com/plugin/wsdesk-wordpress-helpdesk-plugin-free-version/ 5 5 * Description: Enhances your customer service and enables efficient handling of customer issues. 6 * Version: 3. 2.96 * Version: 3.3.0 7 7 * Author: ELEXtensions 8 8 * Author URI: https://elextensions.com/ -
elex-helpdesk-customer-support-ticket-system/tags/3.3.0/includes/class-crm-ajax-functions-three.php
r3094599 r3391342 1394 1394 } 1395 1395 1396 // ✅ Secure MIME/type validation added here 1397 self::eh_crm_validate_file_type( $files['name'][ $key ], $files['tmp_name'][ $key ] ); 1398 1396 1399 $file = array( 1397 1400 'name' => time() . '.' . $file_ext, … … 1449 1452 } 1450 1453 1454 // ✅ Secure MIME/type validation using helper 1455 self::eh_crm_validate_file_type( $files['name'][ $key ], $files['tmp_name'][ $key ] ); 1456 1451 1457 add_filter( 'upload_dir', array( 'CRM_Ajax', 'wsdesk_upload_dir' ) ); 1452 1458 … … 1471 1477 1472 1478 return $attachment; 1479 } 1480 1481 /** 1482 * Validate uploaded file's MIME type and extension. 1483 * 1484 * @param string $file_name The original file name. 1485 * @param string $tmp_name The temporary file path. 1486 * 1487 * @return void|array Returns wp_check_filetype_and_ext result if valid, dies with JSON error otherwise. 1488 */ 1489 public static function eh_crm_validate_file_type( $file_name, $tmp_name ) { 1490 $original_filename = sanitize_file_name( $file_name ); 1491 $filetype = wp_check_filetype_and_ext( $tmp_name, $original_filename ); 1492 1493 if ( ! $filetype['ext'] || ! $filetype['type'] ) { 1494 die( 1495 wp_json_encode( 1496 array( 1497 'status' => 'error', 1498 'message' => 'File type is not allowed.', 1499 ) 1500 ) 1501 ); 1502 } 1503 1504 return $filetype; 1473 1505 } 1474 1506 -
elex-helpdesk-customer-support-ticket-system/tags/3.3.0/includes/class-crm-ajax-functions.php
r3094599 r3391342 258 258 259 259 public static function eh_crm_ticket_single_view_client() { 260 if ( wp_verify_nonce( isset( $_POST['nonce'] ) ? sanitize_text_field( $_POST['nonce'] ) : '', 'wsdesk_nonce' ) ) { 261 $ticket_id = isset( $_POST['ticket_id'] ) ? sanitize_text_field( $_POST['ticket_id'] ) : ''; 262 $content = self::eh_crm_ticket_single_view_client_gen( $ticket_id ); 263 wp_send_json_success( array( 'page' => $content ) ); 264 die; 265 } 266 } 260 $nonce = isset( $_POST['nonce'] ) ? sanitize_text_field( wp_unslash( $_POST['nonce'] ) ) : ''; 261 if ( ! wp_verify_nonce( $nonce, 'wsdesk_nonce' ) ) { 262 wp_send_json_error( array( 'message' => __( 'Invalid request.', 'wsdesk' ) ), 400 ); 263 wp_die(); 264 } 265 266 $ticket_id = isset( $_POST['ticket_id'] ) ? absint( $_POST['ticket_id'] ) : 0; 267 $current = eh_crm_get_ticket( array( 'ticket_id' => $ticket_id ) ); 268 if ( empty( $current ) || empty( $current[0]['ticket_author'] ) ) { 269 wp_send_json_error( array( 'message' => __( 'Ticket not found or invalid.', 'wsdesk' ) ), 404 ); 270 wp_die(); 271 } 272 273 $ticket_author_id = intval( $current[0]['ticket_author'] ); 274 $current_user_id = get_current_user_id(); 275 276 $current_user = wp_get_current_user(); 277 $user_roles = (array) $current_user->roles; 278 279 $allowed_roles = array( 'administrator', 'WSDesk_Agents', 'WSDesk_Supervisor' ); 280 $has_allowed_role = array_intersect( $allowed_roles, $user_roles ); 281 282 if ( ( $ticket_author_id !== $current_user_id ) && empty( $has_allowed_role ) ) { 283 wp_send_json_error( array( 'message' => __( 'You are not authorized to view this ticket.', 'wsdesk' ) ), 403 ); 284 wp_die(); 285 } 286 287 // Authorized → Generate content. 288 $content = self::eh_crm_ticket_single_view_client_gen( $ticket_id ); 289 290 wp_send_json_success( array( 'page' => $content ) ); 291 wp_die(); 292 } 293 267 294 268 295 public static function eh_crm_ticket_single_view_client_gen( $ticket_id ) { … … 2103 2130 } 2104 2131 2132 self::eh_crm_validate_file_type( $files['name'][ $key ], $files['tmp_name'][ $key ] ); 2133 2105 2134 $file = array( 2106 2135 'name' => microtime( true ) . '.' . $file_ext, -
elex-helpdesk-customer-support-ticket-system/tags/3.3.0/readme.txt
r3332203 r3391342 5 5 Tested up to: 6.8 6 6 Requires PHP: 7.1.8 7 Stable tag: 3. 2.97 Stable tag: 3.3.0 8 8 License: GPLv2 or later 9 9 URI: https://elextensions.com/plugin/wsdesk-wordpress-helpdesk-plugin-free-version/ … … 121 121 == Changelog == 122 122 123 = 3.3.0 = 124 * Code cleanup and Improvement. 125 123 126 = 3.2.9 = 124 127 * Made compatible with WooCommerce 10.0.0 … … 201 204 == Upgrade Notice == 202 205 206 = 3.3.0 = 207 * Code cleanup and Improvement. 208 203 209 = 3.2.9 = 204 210 * Made compatible with WooCommerce 10.0.0 -
elex-helpdesk-customer-support-ticket-system/trunk/elex-helpdesk-customer-support-ticket-system.php
r3332203 r3391342 4 4 * Plugin URI: https://elextensions.com/plugin/wsdesk-wordpress-helpdesk-plugin-free-version/ 5 5 * Description: Enhances your customer service and enables efficient handling of customer issues. 6 * Version: 3. 2.96 * Version: 3.3.0 7 7 * Author: ELEXtensions 8 8 * Author URI: https://elextensions.com/ -
elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-three.php
r3094599 r3391342 1394 1394 } 1395 1395 1396 // ✅ Secure MIME/type validation added here 1397 self::eh_crm_validate_file_type( $files['name'][ $key ], $files['tmp_name'][ $key ] ); 1398 1396 1399 $file = array( 1397 1400 'name' => time() . '.' . $file_ext, … … 1449 1452 } 1450 1453 1454 // ✅ Secure MIME/type validation using helper 1455 self::eh_crm_validate_file_type( $files['name'][ $key ], $files['tmp_name'][ $key ] ); 1456 1451 1457 add_filter( 'upload_dir', array( 'CRM_Ajax', 'wsdesk_upload_dir' ) ); 1452 1458 … … 1471 1477 1472 1478 return $attachment; 1479 } 1480 1481 /** 1482 * Validate uploaded file's MIME type and extension. 1483 * 1484 * @param string $file_name The original file name. 1485 * @param string $tmp_name The temporary file path. 1486 * 1487 * @return void|array Returns wp_check_filetype_and_ext result if valid, dies with JSON error otherwise. 1488 */ 1489 public static function eh_crm_validate_file_type( $file_name, $tmp_name ) { 1490 $original_filename = sanitize_file_name( $file_name ); 1491 $filetype = wp_check_filetype_and_ext( $tmp_name, $original_filename ); 1492 1493 if ( ! $filetype['ext'] || ! $filetype['type'] ) { 1494 die( 1495 wp_json_encode( 1496 array( 1497 'status' => 'error', 1498 'message' => 'File type is not allowed.', 1499 ) 1500 ) 1501 ); 1502 } 1503 1504 return $filetype; 1473 1505 } 1474 1506 -
elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions.php
r3094599 r3391342 258 258 259 259 public static function eh_crm_ticket_single_view_client() { 260 if ( wp_verify_nonce( isset( $_POST['nonce'] ) ? sanitize_text_field( $_POST['nonce'] ) : '', 'wsdesk_nonce' ) ) { 261 $ticket_id = isset( $_POST['ticket_id'] ) ? sanitize_text_field( $_POST['ticket_id'] ) : ''; 262 $content = self::eh_crm_ticket_single_view_client_gen( $ticket_id ); 263 wp_send_json_success( array( 'page' => $content ) ); 264 die; 265 } 266 } 260 $nonce = isset( $_POST['nonce'] ) ? sanitize_text_field( wp_unslash( $_POST['nonce'] ) ) : ''; 261 if ( ! wp_verify_nonce( $nonce, 'wsdesk_nonce' ) ) { 262 wp_send_json_error( array( 'message' => __( 'Invalid request.', 'wsdesk' ) ), 400 ); 263 wp_die(); 264 } 265 266 $ticket_id = isset( $_POST['ticket_id'] ) ? absint( $_POST['ticket_id'] ) : 0; 267 $current = eh_crm_get_ticket( array( 'ticket_id' => $ticket_id ) ); 268 if ( empty( $current ) || empty( $current[0]['ticket_author'] ) ) { 269 wp_send_json_error( array( 'message' => __( 'Ticket not found or invalid.', 'wsdesk' ) ), 404 ); 270 wp_die(); 271 } 272 273 $ticket_author_id = intval( $current[0]['ticket_author'] ); 274 $current_user_id = get_current_user_id(); 275 276 $current_user = wp_get_current_user(); 277 $user_roles = (array) $current_user->roles; 278 279 $allowed_roles = array( 'administrator', 'WSDesk_Agents', 'WSDesk_Supervisor' ); 280 $has_allowed_role = array_intersect( $allowed_roles, $user_roles ); 281 282 if ( ( $ticket_author_id !== $current_user_id ) && empty( $has_allowed_role ) ) { 283 wp_send_json_error( array( 'message' => __( 'You are not authorized to view this ticket.', 'wsdesk' ) ), 403 ); 284 wp_die(); 285 } 286 287 // Authorized → Generate content. 288 $content = self::eh_crm_ticket_single_view_client_gen( $ticket_id ); 289 290 wp_send_json_success( array( 'page' => $content ) ); 291 wp_die(); 292 } 293 267 294 268 295 public static function eh_crm_ticket_single_view_client_gen( $ticket_id ) { … … 2103 2130 } 2104 2131 2132 self::eh_crm_validate_file_type( $files['name'][ $key ], $files['tmp_name'][ $key ] ); 2133 2105 2134 $file = array( 2106 2135 'name' => microtime( true ) . '.' . $file_ext, -
elex-helpdesk-customer-support-ticket-system/trunk/readme.txt
r3332203 r3391342 5 5 Tested up to: 6.8 6 6 Requires PHP: 7.1.8 7 Stable tag: 3. 2.97 Stable tag: 3.3.0 8 8 License: GPLv2 or later 9 9 URI: https://elextensions.com/plugin/wsdesk-wordpress-helpdesk-plugin-free-version/ … … 121 121 == Changelog == 122 122 123 = 3.3.0 = 124 * Code cleanup and Improvement. 125 123 126 = 3.2.9 = 124 127 * Made compatible with WooCommerce 10.0.0 … … 201 204 == Upgrade Notice == 202 205 206 = 3.3.0 = 207 * Code cleanup and Improvement. 208 203 209 = 3.2.9 = 204 210 * Made compatible with WooCommerce 10.0.0
Note: See TracChangeset
for help on using the changeset viewer.