Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3438445

Timestamp:

01/13/2026 09:36:25 AM (3 months ago)

Author:

adrianpo

Message:

tagging version 7.0.1

Location:

plationline

Files:

: 2 added
: 3 edited
: 23 copied

tags/7.0.1 (copied) (copied from plationline/trunk)
tags/7.0.1/assets/js (copied) (copied from plationline/trunk/assets/js)
tags/7.0.1/inc/admin/class-admin-recurrence.php (copied) (copied from plationline/trunk/inc/admin/class-admin-recurrence.php)
tags/7.0.1/inc/admin/class-admin.php (copied) (copied from plationline/trunk/inc/admin/class-admin.php) (12 diffs)
tags/7.0.1/inc/core/class-activator.php (copied) (copied from plationline/trunk/inc/core/class-activator.php)
tags/7.0.1/inc/core/class-init.php (copied) (copied from plationline/trunk/inc/core/class-init.php)
tags/7.0.1/inc/core/class-wc-plationline-additional.php (copied) (copied from plationline/trunk/inc/core/class-wc-plationline-additional.php)
tags/7.0.1/inc/core/class-wc-plationline-login.php (copied) (copied from plationline/trunk/inc/core/class-wc-plationline-login.php)
tags/7.0.1/inc/core/class-wc-plationline-pr.php (copied) (copied from plationline/trunk/inc/core/class-wc-plationline-pr.php)
tags/7.0.1/inc/core/class-wc-plationline-process.php (copied) (copied from plationline/trunk/inc/core/class-wc-plationline-process.php)
tags/7.0.1/inc/core/class-wc-plationline-recurrence.php (copied) (copied from plationline/trunk/inc/core/class-wc-plationline-recurrence.php)
tags/7.0.1/inc/core/class-wc-plationline-woocommerce-subscriptions.php (copied) (copied from plationline/trunk/inc/core/class-wc-plationline-woocommerce-subscriptions.php)
tags/7.0.1/inc/core/class-wc-plationline.php (copied) (copied from plationline/trunk/inc/core/class-wc-plationline.php)
tags/7.0.1/inc/front/blocks (copied) (copied from plationline/trunk/inc/front/blocks)
tags/7.0.1/languages/plationline-ro_RO-2217e191e20657191aab8d29ca69e424.json (added)
tags/7.0.1/languages/plationline-ro_RO-43d6286aff47733e013900c8acc99ffa.json (copied) (copied from plationline/trunk/languages/plationline-ro_RO-43d6286aff47733e013900c8acc99ffa.json)
tags/7.0.1/languages/plationline-ro_RO-51a89123b7c1baebf274d801e90a9ea4.json (copied) (copied from plationline/trunk/languages/plationline-ro_RO-51a89123b7c1baebf274d801e90a9ea4.json)
tags/7.0.1/languages/plationline-ro_RO-59c6cc70be8f0286d7cd4d7e5d0784da.json (copied) (copied from plationline/trunk/languages/plationline-ro_RO-59c6cc70be8f0286d7cd4d7e5d0784da.json)
tags/7.0.1/languages/plationline-ro_RO-9044edfbb6107b456c7a813846def95b.json (copied) (copied from plationline/trunk/languages/plationline-ro_RO-9044edfbb6107b456c7a813846def95b.json)
tags/7.0.1/languages/plationline-ro_RO.mo (copied) (copied from plationline/trunk/languages/plationline-ro_RO.mo)
tags/7.0.1/languages/plationline-ro_RO.po (copied) (copied from plationline/trunk/languages/plationline-ro_RO.po)
tags/7.0.1/languages/plationline.pot (copied) (copied from plationline/trunk/languages/plationline.pot)
tags/7.0.1/plationline.php (copied) (copied from plationline/trunk/plationline.php) (2 diffs)
tags/7.0.1/readme.txt (copied) (copied from plationline/trunk/readme.txt) (2 diffs)
trunk/inc/admin/class-admin.php (modified) (12 diffs)
trunk/languages/plationline-ro_RO-2217e191e20657191aab8d29ca69e424.json (added)
trunk/plationline.php (modified) (2 diffs)
trunk/readme.txt (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

plationline/tags/7.0.1/inc/admin/class-admin.php

-                      r3437666
+                      r3438445
     public function query()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function void()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
             die();
+            wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function cancel_recurrence()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
             die();
+            wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function settle()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function refund()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
+            $this->response('error', 'No post sent');
             wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function settle_amount()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
+            $this->response('error', 'No post sent');
             wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();

plationline/tags/7.0.1/plationline.php

-                      r3437666
+                      r3438445
  * Plugin URI:          https://plati.online
  * Description:         Online payment by card and Login with Plati.Online account
  * Version:             7.0.0
+ * Version:             7.0.1
  * Author:              PlatiOnline
  * Author URI:          https://plati.online
 …
 define(__NAMESPACE__ . '\NS', __NAMESPACE__ . '\\');
 define(NS . 'PLUGIN_NAME', 'plationline');
 define(NS . 'PLUGIN_VERSION', '7.0.0');
+define(NS . 'PLUGIN_VERSION', '7.0.1');
 define(NS . 'PLUGIN_NAME_DIR', plugin_dir_path(__FILE__));
 define(NS . 'PLUGIN_NAME_URL', plugin_dir_url(__FILE__));

plationline/tags/7.0.1/readme.txt

-                      r3437666
+                      r3438445
 Requires at least: 6.0
 Tested up to: 6.9
 Stable tag: 7.0.0
+Stable tag: 7.0.1
 Requires PHP: 5.6
 WC requires at least: 8.3.0
 …
 == Changelog ==
+= 7.0.1 =
+* added admin remote actions extra validation
 = 7.0.0 =
 * support Woocommerce blocks checkout

plationline/trunk/inc/admin/class-admin.php

-                      r3437666
+                      r3438445
     public function query()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function void()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
             die();
+            wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function cancel_recurrence()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
             die();
+            wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function settle()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function refund()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
+            $this->response('error', 'No post sent');
             wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();
 …
     public function settle_amount()
+    {
+        if (!wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
+        if (!current_user_can('edit_shop_orders')) {
+            $this->response('error', 'Unauthorized');
+            wp_die();
+        }
+        if (empty($_GET['_po_wpnonce']) || !wp_verify_nonce($_GET['_po_wpnonce'], 'plationline-admin')) {
             $this->response('error', 'Invalid nonce');
             wp_die();
 …
         if (empty($_POST['order'])) {
             $this->response('No post sent');
+            $this->response('error', 'No post sent');
             wp_die();
+        }
         $order_id = (int)$_POST['order'];
         $order = wc_get_order($order_id);
+        if (!$order instanceof WC_Order) {
+            $this->response('error', 'Invalid order');
+            wp_die();
+        }
         $transid = $order->get_transaction_id();

plationline/trunk/plationline.php

-                      r3437666
+                      r3438445
  * Plugin URI:          https://plati.online
  * Description:         Online payment by card and Login with Plati.Online account
  * Version:             7.0.0
+ * Version:             7.0.1
  * Author:              PlatiOnline
  * Author URI:          https://plati.online
 …
 define(__NAMESPACE__ . '\NS', __NAMESPACE__ . '\\');
 define(NS . 'PLUGIN_NAME', 'plationline');
 define(NS . 'PLUGIN_VERSION', '7.0.0');
+define(NS . 'PLUGIN_VERSION', '7.0.1');
 define(NS . 'PLUGIN_NAME_DIR', plugin_dir_path(__FILE__));
 define(NS . 'PLUGIN_NAME_URL', plugin_dir_url(__FILE__));

plationline/trunk/readme.txt

-                      r3437666
+                      r3438445
 Requires at least: 6.0
 Tested up to: 6.9
 Stable tag: 7.0.0
+Stable tag: 7.0.1
 Requires PHP: 5.6
 WC requires at least: 8.3.0
 …
 == Changelog ==
+= 7.0.1 =
+* added admin remote actions extra validation
 = 7.0.0 =
 * support Woocommerce blocks checkout

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 3438445

Legend:

plationline/tags/7.0.1/inc/admin/class-admin.php

plationline/tags/7.0.1/plationline.php

plationline/tags/7.0.1/readme.txt

plationline/trunk/inc/admin/class-admin.php

plationline/trunk/plationline.php

plationline/trunk/readme.txt

Download in other formats: