WordPress.org
Get WordPress

Plugin Directory

Changeset 3434947


Ignore:
Timestamp:
01/08/2026 08:23:34 AM (3 months ago)
Author:
yocoadmin
Message:

Update to version 3.9.1 from Gitlab

Location:
yoco-payment-gateway
Files:
6 edited
1 copied

Legend:

Unmodified
Added
Removed

  • yoco-payment-gateway/tags/3.9.1/readme.txt

    r3434365 r3434947  
    55Tested up to: 6.9
    66Requires PHP: 7.4.0
    7 Stable tag: 3.9.0
     7Stable tag: 3.9.1
    88License: GPLv2 or later
    99License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    137137== Changelog ==
    138138
     139= 3.9.1 =
     140Bug Fixes
     141* Added validation to ensure files meet specific format and naming requirements.
     142* Enhanced input sanitization for file parameter handling.
     143* Implemented path normalization with comprehensive directory boundary verification.
     144* Improved file accessibility and readability checks before processing.
     145
    139146= 3.9.0 =
    140147* Add First and Last Name validation in checkout for both Legacy and Blocks to ensure compatibility with Yoco payment gateway.

  • yoco-payment-gateway/tags/3.9.1/src/Helpers/Logs.php

    r3434365 r3434947  
    2929    public function callback( WP_REST_Request $request ): WP_REST_Response {
    3030
    31         $file = (string) $request->get_param( 'file' );
     31        $file = sanitize_file_name( $request->get_param( 'file' ) );
    3232
    33         if ( '' === $file ) {
     33        // Allow only files that start with yoco and have .log extension.
     34        if ( '' === $file || '.log' !== substr( $file, -4 ) || 'yoco' !== substr( $file, 0, 4 ) ) {
    3435            return new WP_REST_Response(
    3536                array( 'message' => 'Not found' ),
     
    6667        }
    6768        // phpcs:ignore WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents
    68         $log_data = file_get_contents( WC_LOG_DIR . $request->get_param( 'file' ) ); // NOSONAR
     69        $log_data = file_get_contents( $target ); // NOSONAR
    6970
    7071        add_filter(

  • yoco-payment-gateway/tags/3.9.1/yoco_wc_payment_gateway.php

    r3434365 r3434947  
    66 * Author: Yoco
    77 * Author URI: https://www.yoco.com
    8  * Version: 3.9.0
     8 * Version: 3.9.1
    99 * Requires at least: 6.4.0
    1010 * Tested up to: 6.9

  • yoco-payment-gateway/trunk/readme.txt

    r3434365 r3434947  
    55Tested up to: 6.9
    66Requires PHP: 7.4.0
    7 Stable tag: 3.9.0
     7Stable tag: 3.9.1
    88License: GPLv2 or later
    99License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    137137== Changelog ==
    138138
     139= 3.9.1 =
     140Bug Fixes
     141* Added validation to ensure files meet specific format and naming requirements.
     142* Enhanced input sanitization for file parameter handling.
     143* Implemented path normalization with comprehensive directory boundary verification.
     144* Improved file accessibility and readability checks before processing.
     145
    139146= 3.9.0 =
    140147* Add First and Last Name validation in checkout for both Legacy and Blocks to ensure compatibility with Yoco payment gateway.

  • yoco-payment-gateway/trunk/src/Helpers/Logs.php

    r3434365 r3434947  
    2929    public function callback( WP_REST_Request $request ): WP_REST_Response {
    3030
    31         $file = (string) $request->get_param( 'file' );
     31        $file = sanitize_file_name( $request->get_param( 'file' ) );
    3232
    33         if ( '' === $file ) {
     33        // Allow only files that start with yoco and have .log extension.
     34        if ( '' === $file || '.log' !== substr( $file, -4 ) || 'yoco' !== substr( $file, 0, 4 ) ) {
    3435            return new WP_REST_Response(
    3536                array( 'message' => 'Not found' ),
     
    6667        }
    6768        // phpcs:ignore WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents
    68         $log_data = file_get_contents( WC_LOG_DIR . $request->get_param( 'file' ) ); // NOSONAR
     69        $log_data = file_get_contents( $target ); // NOSONAR
    6970
    7071        add_filter(

  • yoco-payment-gateway/trunk/yoco_wc_payment_gateway.php

    r3434365 r3434947  
    66 * Author: Yoco
    77 * Author URI: https://www.yoco.com
    8  * Version: 3.9.0
     8 * Version: 3.9.1
    99 * Requires at least: 6.4.0
    1010 * Tested up to: 6.9
Note: See TracChangeset for help on using the changeset viewer.