Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3448022

Timestamp:

01/27/2026 04:05:38 PM (6 weeks ago)

Author:

fullworks

Message:

Update to version 6.5.7 from GitHub

Location:

widget-for-eventbrite-api

Files:

: 12 edited
: 1 copied

tags/6.5.7 (copied) (copied from widget-for-eventbrite-api/trunk)
tags/6.5.7/changelog.txt (modified) (1 diff)
tags/6.5.7/includes/class-core.php (modified) (1 diff)
tags/6.5.7/includes/vendor/composer/installed.php (modified) (2 diffs)
tags/6.5.7/includes/widgets/elementor/class-eventbrite-widget-elementor-helpers.php (modified) (10 diffs)
tags/6.5.7/readme.txt (modified) (1 diff)
tags/6.5.7/widget-for-eventbrite-api.php (modified) (2 diffs)
trunk/changelog.txt (modified) (1 diff)
trunk/includes/class-core.php (modified) (1 diff)
trunk/includes/vendor/composer/installed.php (modified) (2 diffs)
trunk/includes/widgets/elementor/class-eventbrite-widget-elementor-helpers.php (modified) (10 diffs)
trunk/readme.txt (modified) (1 diff)
trunk/widget-for-eventbrite-api.php (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

widget-for-eventbrite-api/tags/6.5.7/changelog.txt

r3445634	r3448022
	1	= 6.5.7 =
	2	* Improve security for block editor and Elementor widget controls
	3
1	4	= 6.5.6 =
2	5	* Fix webhook payload URL not persisting after generation (Pro Only)

widget-for-eventbrite-api/tags/6.5.7/includes/class-core.php

-                      r3445634
+                      r3448022
         add_filter( 'site_status_tests', array($plugin_admin, 'site_status_tests') );
         add_action( 'wp_ajax_update_widget_content', array($widget_helpers, 'update_elementor_widget_content') );
-        add_action( 'wp_ajax_nopriv_update_widget_content', array($widget_helpers, 'update_elementor_widget_content') );
         add_action( 'wp_ajax_fetch_organizations_for_key', array($widget_helpers, 'get_organizations_for_key') );
-        add_action( 'wp_ajax_nopriv_fetch_organizations_for_key', array($widget_helpers, 'get_organizations_for_key') );
         add_action( 'wp_ajax_fetch_events_for_key', array($widget_helpers, 'send_events_for_key') );
-        add_action( 'wp_ajax_nopriv_fetch_events_for_key', array($widget_helpers, 'send_events_for_key') );
         add_action( 'wp_ajax_fetch_organizers_for_key', array($widget_helpers, 'send_organizers_for_key') );
-        add_action( 'wp_ajax_nopriv_fetch_organizers_for_key', array($widget_helpers, 'send_organizers_for_key') );
         add_action( 'wp_ajax_fetch_venues_options', array($widget_helpers, 'send_venues_options') );
-        add_action( 'wp_ajax_nopriv_fetch_venues_options', array($widget_helpers, 'send_venues_options') );
         add_action( 'wp_ajax_fetch_api_key_options', array($widget_helpers, 'send_api_key_options') );
-        add_action( 'wp_ajax_nopriv_fetch_api_key_options', array($widget_helpers, 'send_api_key_options') );
         add_action( 'wp_ajax_validate_date', array($widget_helpers, 'validate_date') );
-        add_action( 'wp_ajax_nopriv_validate_date', array($widget_helpers, 'validate_date') );
         add_action( 'init', function () {
             new \WidgetForEventbriteAPI\Includes\Widgets();

widget-for-eventbrite-api/tags/6.5.7/includes/vendor/composer/installed.php

-                      r3445634
+                      r3448022
     'root' => array(
         'name' => 'fullworks/widget-for-eventbrite-api',
         'pretty_version' => '6.5.6',
         'version' => '6.5.6.0',
         'reference' => 'e261b24b8e3d4393aad9d26fbc4dc3d8c5974fab',
+        'pretty_version' => '6.5.7',
+        'version' => '6.5.7.0',
+        'reference' => '68c0ccba6be41d8f18f7cc0ebb931b1a6eb2bd64',
         'type' => 'wordpress-plugin',
         'install_path' => __DIR__ . '/../../../',
 …
         ),
         'fullworks/widget-for-eventbrite-api' => array(
             'pretty_version' => '6.5.6',
             'version' => '6.5.6.0',
             'reference' => 'e261b24b8e3d4393aad9d26fbc4dc3d8c5974fab',
+            'pretty_version' => '6.5.7',
+            'version' => '6.5.7.0',
+            'reference' => '68c0ccba6be41d8f18f7cc0ebb931b1a6eb2bd64',
             'type' => 'wordpress-plugin',
             'install_path' => __DIR__ . '/../../../',

widget-for-eventbrite-api/tags/6.5.7/includes/widgets/elementor/class-eventbrite-widget-elementor-helpers.php

-                      r3273977
+                      r3448022
     public function get_organizations_for_key() {
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $token = ( !empty( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : '' );
         $token = $this->utilities->map_api_index_to_key( $token );
 …
     public function send_events_for_key() {
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $token = ( !empty( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : $this->get_default_api_key() );
         $token = $this->utilities->map_api_index_to_key( $token );
 …
             'token' => $token,
         );
-        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
         if ( !empty( $_POST['organizationID'] ) ) {
-            // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
             $args['organization_id'] = sanitize_text_field( wp_unslash( $_POST['organizationID'] ) );
+        }
-        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
-        //if ( ! empty( $_POST['organizerID'] ) ) {
-        //"{"status_code":400,"error_description":"There are errors with your arguments: organizer_id - Unknown parameter","error":"ARGUMENTS_ERROR"}"
-        // $args['organizer_id'] = sanitize_text_field( $_POST['organizerID'] );
-        //}
-        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
-        //if ( ! empty( $_POST['venueID'] ) ) {
-        //"{"status_code":400,"error_description":"There are errors with your arguments: organizer_id - Unknown parameter","error":"ARGUMENTS_ERROR"}"
-        // $args['venue_id'] = sanitize_text_field( $_POST['venueID'] );
-        //}
         //"{"status_code":400,"error_description":"There are errors with your arguments: organizer_id - Unknown parameter","error":"ARGUMENTS_ERROR"}"
         $events = Eventbrite_Manager::$instance->get_organizations_events( $args, false );
 …
     public function send_organizers_for_key() {
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $organizers_options = $this->get_options( 'organizer' );
         wp_send_json( $organizers_options );
 …
     private function get_options( $option_type ) {
         // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- nonce verified in calling public methods (send_organizers_for_key, send_venues_options).
         $token = ( !empty( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : '' );
         $token = $this->utilities->map_api_index_to_key( $token );
 …
             $args['token'] = $token;
+        }
         // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- nonce verified in calling public methods.
         if ( !empty( $_POST['organizationID'] ) ) {
             // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+            // phpcs:ignore WordPress.Security.NonceVerification.Missing -- nonce verified in calling public methods.
             $args['organization_id'] = sanitize_text_field( wp_unslash( $_POST['organizationID'] ) );
+        }
 …
     public function send_venues_options() {
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $venue_options = $this->get_options( 'venue' );
         wp_send_json( $venue_options );
 …
     public function send_api_key_options() {
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         wp_send_json( $this->get_api_key_options() );
+    }
 …
     public function update_elementor_widget_content() {
         check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- $this->utilities->sanitize_text_or_array_field() sanitizes the input
         $params = ( isset( $_POST['params'] ) ? $this->utilities->sanitize_text_or_array_field( wp_unslash( $_POST['params'] ) ) : array() );
 …
     public function validate_date() {
         check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         if ( isset( $_POST['wfea_date_value'] ) ) {
             $date = sanitize_text_field( wp_unslash( $_POST['wfea_date_value'] ) );

widget-for-eventbrite-api/tags/6.5.7/readme.txt

r3445634	r3448022
3	3	Tags: eventbrite, widget, events, eventbrite widget, eventbrite shortcode
4	4	Tested up to: 6.9
5		Stable tag: 6.5.6
	5	Stable tag: 6.5.7
6	6	Requires PHP: 7.4
7	7	License: GPL-2.0-or-later

widget-for-eventbrite-api/tags/6.5.7/widget-for-eventbrite-api.php

-                      r3445634
+                      r3448022
  * Plugin URI:        https://fullworksplugins.com/products/widget-for-eventbrite/
  * Description:       Easily display Eventbrite events on your WordPress site
  * Version:           6.5.6
+ * Version:           6.5.7
  * Requires at least: 5.6
  * Requires PHP:      7.4
 …
 define( 'WIDGET_FOR_EVENTBRITE_API_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
 define( 'WIDGET_FOR_EVENTBRITE_API_PLUGINS_TOP_DIR', plugin_dir_path( __DIR__ ) );
 define( 'WIDGET_FOR_EVENTBRITE_API_PLUGIN_VERSION', '6.5.6' );
+define( 'WIDGET_FOR_EVENTBRITE_API_PLUGIN_VERSION', '6.5.7' );
 // Include the plugin autoloader, so we can dynamically include the classes.
 require_once WIDGET_FOR_EVENTBRITE_API_PLUGIN_DIR . 'includes/vendor/autoload.php';

widget-for-eventbrite-api/trunk/changelog.txt

r3445634	r3448022
	1	= 6.5.7 =
	2	* Improve security for block editor and Elementor widget controls
	3
1	4	= 6.5.6 =
2	5	* Fix webhook payload URL not persisting after generation (Pro Only)

widget-for-eventbrite-api/trunk/includes/class-core.php

-                      r3445634
+                      r3448022
         add_filter( 'site_status_tests', array($plugin_admin, 'site_status_tests') );
         add_action( 'wp_ajax_update_widget_content', array($widget_helpers, 'update_elementor_widget_content') );
-        add_action( 'wp_ajax_nopriv_update_widget_content', array($widget_helpers, 'update_elementor_widget_content') );
         add_action( 'wp_ajax_fetch_organizations_for_key', array($widget_helpers, 'get_organizations_for_key') );
-        add_action( 'wp_ajax_nopriv_fetch_organizations_for_key', array($widget_helpers, 'get_organizations_for_key') );
         add_action( 'wp_ajax_fetch_events_for_key', array($widget_helpers, 'send_events_for_key') );
-        add_action( 'wp_ajax_nopriv_fetch_events_for_key', array($widget_helpers, 'send_events_for_key') );
         add_action( 'wp_ajax_fetch_organizers_for_key', array($widget_helpers, 'send_organizers_for_key') );
-        add_action( 'wp_ajax_nopriv_fetch_organizers_for_key', array($widget_helpers, 'send_organizers_for_key') );
         add_action( 'wp_ajax_fetch_venues_options', array($widget_helpers, 'send_venues_options') );
-        add_action( 'wp_ajax_nopriv_fetch_venues_options', array($widget_helpers, 'send_venues_options') );
         add_action( 'wp_ajax_fetch_api_key_options', array($widget_helpers, 'send_api_key_options') );
-        add_action( 'wp_ajax_nopriv_fetch_api_key_options', array($widget_helpers, 'send_api_key_options') );
         add_action( 'wp_ajax_validate_date', array($widget_helpers, 'validate_date') );
-        add_action( 'wp_ajax_nopriv_validate_date', array($widget_helpers, 'validate_date') );
         add_action( 'init', function () {
             new \WidgetForEventbriteAPI\Includes\Widgets();

widget-for-eventbrite-api/trunk/includes/vendor/composer/installed.php

-                      r3445634
+                      r3448022
     'root' => array(
         'name' => 'fullworks/widget-for-eventbrite-api',
         'pretty_version' => '6.5.6',
         'version' => '6.5.6.0',
         'reference' => 'e261b24b8e3d4393aad9d26fbc4dc3d8c5974fab',
+        'pretty_version' => '6.5.7',
+        'version' => '6.5.7.0',
+        'reference' => '68c0ccba6be41d8f18f7cc0ebb931b1a6eb2bd64',
         'type' => 'wordpress-plugin',
         'install_path' => __DIR__ . '/../../../',
 …
         ),
         'fullworks/widget-for-eventbrite-api' => array(
             'pretty_version' => '6.5.6',
             'version' => '6.5.6.0',
             'reference' => 'e261b24b8e3d4393aad9d26fbc4dc3d8c5974fab',
+            'pretty_version' => '6.5.7',
+            'version' => '6.5.7.0',
+            'reference' => '68c0ccba6be41d8f18f7cc0ebb931b1a6eb2bd64',
             'type' => 'wordpress-plugin',
             'install_path' => __DIR__ . '/../../../',

widget-for-eventbrite-api/trunk/includes/widgets/elementor/class-eventbrite-widget-elementor-helpers.php

-                      r3273977
+                      r3448022
     public function get_organizations_for_key() {
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $token = ( !empty( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : '' );
         $token = $this->utilities->map_api_index_to_key( $token );
 …
     public function send_events_for_key() {
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $token = ( !empty( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : $this->get_default_api_key() );
         $token = $this->utilities->map_api_index_to_key( $token );
 …
             'token' => $token,
         );
-        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
         if ( !empty( $_POST['organizationID'] ) ) {
-            // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
             $args['organization_id'] = sanitize_text_field( wp_unslash( $_POST['organizationID'] ) );
+        }
-        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
-        //if ( ! empty( $_POST['organizerID'] ) ) {
-        //"{"status_code":400,"error_description":"There are errors with your arguments: organizer_id - Unknown parameter","error":"ARGUMENTS_ERROR"}"
-        // $args['organizer_id'] = sanitize_text_field( $_POST['organizerID'] );
-        //}
-        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
-        //if ( ! empty( $_POST['venueID'] ) ) {
-        //"{"status_code":400,"error_description":"There are errors with your arguments: organizer_id - Unknown parameter","error":"ARGUMENTS_ERROR"}"
-        // $args['venue_id'] = sanitize_text_field( $_POST['venueID'] );
-        //}
         //"{"status_code":400,"error_description":"There are errors with your arguments: organizer_id - Unknown parameter","error":"ARGUMENTS_ERROR"}"
         $events = Eventbrite_Manager::$instance->get_organizations_events( $args, false );
 …
     public function send_organizers_for_key() {
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $organizers_options = $this->get_options( 'organizer' );
         wp_send_json( $organizers_options );
 …
     private function get_options( $option_type ) {
         // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- nonce verified in calling public methods (send_organizers_for_key, send_venues_options).
         $token = ( !empty( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : '' );
         $token = $this->utilities->map_api_index_to_key( $token );
 …
             $args['token'] = $token;
+        }
         // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+        // phpcs:ignore WordPress.Security.NonceVerification.Missing -- nonce verified in calling public methods.
         if ( !empty( $_POST['organizationID'] ) ) {
             // phpcs:ignore WordPress.Security.NonceVerification.Missing -- just a look up
+            // phpcs:ignore WordPress.Security.NonceVerification.Missing -- nonce verified in calling public methods.
             $args['organization_id'] = sanitize_text_field( wp_unslash( $_POST['organizationID'] ) );
+        }
 …
     public function send_venues_options() {
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         $venue_options = $this->get_options( 'venue' );
         wp_send_json( $venue_options );
 …
     public function send_api_key_options() {
+        check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         wp_send_json( $this->get_api_key_options() );
+    }
 …
     public function update_elementor_widget_content() {
         check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- $this->utilities->sanitize_text_or_array_field() sanitizes the input
         $params = ( isset( $_POST['params'] ) ? $this->utilities->sanitize_text_or_array_field( wp_unslash( $_POST['params'] ) ) : array() );
 …
     public function validate_date() {
         check_ajax_referer( 'wfea-nonce', 'nonce' );
+        if ( !current_user_can( 'edit_posts' ) ) {
+            wp_die( -1 );
+        }
         if ( isset( $_POST['wfea_date_value'] ) ) {
             $date = sanitize_text_field( wp_unslash( $_POST['wfea_date_value'] ) );

widget-for-eventbrite-api/trunk/readme.txt

r3445634	r3448022
3	3	Tags: eventbrite, widget, events, eventbrite widget, eventbrite shortcode
4	4	Tested up to: 6.9
5		Stable tag: 6.5.6
	5	Stable tag: 6.5.7
6	6	Requires PHP: 7.4
7	7	License: GPL-2.0-or-later

widget-for-eventbrite-api/trunk/widget-for-eventbrite-api.php

-                      r3445634
+                      r3448022
  * Plugin URI:        https://fullworksplugins.com/products/widget-for-eventbrite/
  * Description:       Easily display Eventbrite events on your WordPress site
  * Version:           6.5.6
+ * Version:           6.5.7
  * Requires at least: 5.6
  * Requires PHP:      7.4
 …
 define( 'WIDGET_FOR_EVENTBRITE_API_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
 define( 'WIDGET_FOR_EVENTBRITE_API_PLUGINS_TOP_DIR', plugin_dir_path( __DIR__ ) );
 define( 'WIDGET_FOR_EVENTBRITE_API_PLUGIN_VERSION', '6.5.6' );
+define( 'WIDGET_FOR_EVENTBRITE_API_PLUGIN_VERSION', '6.5.7' );
 // Include the plugin autoloader, so we can dynamically include the classes.
 require_once WIDGET_FOR_EVENTBRITE_API_PLUGIN_DIR . 'includes/vendor/autoload.php';

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory