Headline
CVE-2021-4399: Changeset 2478642 for edwiser-bridge – WordPress Plugin Repository
The Edwiser Bridge plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,2.0.6. This is due to missing or incorrect nonce validation on the user_data_synchronization_initiater(), course_synchronization_initiater(), users_link_to_moodle_synchronization(), connection_test_initiater(), admin_menus(), and subscribe_handler() function. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
edwiser-bridge/trunk/admin/class-eb-admin-settings.php
r2466593
r2478642
78
78
79
79
$referer = '';
80
if ( empty( $\_REQUEST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['\_wpnonce'\] ) ), 'eb-settings' ) ) {
80
if ( ! isset( $\_REQUEST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['\_wpnonce'\] ) ), 'eb-settings' ) ) {
81
81
die( esc\_html\_\_( 'Action failed. Please refresh the page and retry.', 'eb-textdomain' ) );
82
82
}
…
…
158
158
$current\_section = isset( $\_REQUEST\['section'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['section'\] ) ) : '';
159
159
160
if ( isset( $\_REQUEST\['\_wpnonce'\] ) && ( ! empty( $\_REQUEST\['\_wpnonce'\] ) || wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['\_wpnonce'\] ) ), 'eb-settings' ) ) && ! empty( $\_POST ) ) {
160
// Save data only if nonce is verified.
161
if ( isset( $\_REQUEST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['\_wpnonce'\] ) ), 'eb-settings' ) && ! empty( $\_POST ) ) {
161
162
// Save settings if data has been posted.
162
163
self::save();
163
164
}
164
165
166
// Show deault data if nonce is not verified.
165
167
// Add any posted messages.
166
168
if ( isset( $\_GET\['wp\_error'\] ) && ! empty( sanitize\_text\_field( wp\_unslash( $\_GET\['wp\_error'\] ) ) ) ) {
…
…
722
724
public static function save\_fields( $options ) {
723
725
global $current\_tab;
724
if ( empty( $\_REQUEST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['\_wpnonce'\] ) ), 'eb-settings' ) ) {
726
if ( ! isset( $\_REQUEST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['\_wpnonce'\] ) ), 'eb-settings' ) ) {
725
727
die( esc\_html\_\_( 'Action failed. Please refresh the page and retry.', 'eb-textdomain' ) );
726
728
}
edwiser-bridge/trunk/admin/class-eb-email-template.php
r2441592
r2478642
68
68
public function output() {
69
69
$sub\_action = isset( $\_POST\['eb-mail-tpl-submit'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['eb-mail-tpl-submit'\] ) ) : 0;
70
71
// Save fields only if nonce is verified.
70
72
if ( isset( $\_POST\['eb\_emailtmpl\_nonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_emailtmpl\_nonce'\] ) ), 'eb\_emailtmpl\_sec' ) && 'eb-mail-tpl-save-changes' === $sub\_action ) {
71
73
$this->save();
72
74
}
75
76
// Even if nonce is not verified show the default data.
73
77
$from\_name = $this->get\_from\_name();
74
78
$tmpl\_list = array();
…
…
283
287
public function get\_template\_data\_ajax\_call\_back() {
284
288
$data = array();
289
290
// Process only if nonce is verified.
285
291
if ( isset( $\_POST\['tmpl\_name'\] ) && isset( $\_POST\['admin\_nonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['admin\_nonce'\] ) ), 'eb\_admin\_nonce' ) ) {
286
292
$tmpl\_name = sanitize\_text\_field( wp\_unslash( $\_POST\['tmpl\_name'\] ) );
…
…
447
453
private function save() {
448
454
$message = '';
455
// Process saving only if the nonce is verified.
449
456
if ( isset( $\_POST\['eb\_emailtmpl\_nonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_emailtmpl\_nonce'\] ) ), 'eb\_emailtmpl\_sec' ) ) {
450
457
$from\_name = $this->check\_is\_empty( $\_POST, 'eb\_email\_from\_name' );
…
…
523
530
\*/
524
531
public function send\_test\_email() {
532
// Send test mail only if nonce is verified.
525
533
if ( isset( $\_POST\['security'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['security'\] ) ), 'eb\_send\_testmail\_sec' ) ) {
526
534
$mail\_to = $this->check\_is\_empty( $\_POST, 'mail\_to' );
edwiser-bridge/trunk/admin/class-eb-settings-ajax-initiater.php
r2441592
r2478642
51
51
public function course\_synchronization\_initiater() {
52
52
53
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) ) {
54
die( 'Busted!' );
55
}
56
57
53
// verifying generated nonce we created earlier.
58
if ( ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
54
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
59
55
die( 'Busted!' );
60
56
}
…
…
76
72
\*/
77
73
public function user\_data\_synchronization\_initiater() {
78
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) ) {
79
die( 'Busted!' );
80
}
81
74
82
75
// verifying generated nonce we created earlier.
83
if ( ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
76
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
84
77
die( 'Busted!' );
85
78
}
…
…
101
94
\*/
102
95
public function users\_link\_to\_moodle\_synchronization() {
103
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) ) {
104
die( 'Busted!' );
105
}
106
96
107
97
// verifying generated nonce we created earlier.
108
if ( ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
98
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
109
99
die( 'Busted!' );
110
100
}
…
…
129
119
\*/
130
120
public function connection\_test\_initiater() {
131
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) ) {
132
die( 'Busted!' );
133
}
134
121
135
122
// verifying generated nonce we created earlier.
136
if ( ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
123
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'check\_sync\_action' ) ) {
137
124
die( 'Busted!' );
138
125
}
edwiser-bridge/trunk/admin/class-eb-welcome.php
r2455400
r2478642
39
39
\*/
40
40
public function admin\_menus() {
41
if ( ! isset( $\_GET\['edw-wc-nonce'\] ) || ( isset( $\_GET\['edw-wc-nonce'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['edw-wc-nonce'\] ) ), 'edw-wc-nonce' ) ) ) {
41
if ( ! isset( $\_GET\['edw-wc-nonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['edw-wc-nonce'\] ) ), 'edw-wc-nonce' ) ) {
42
42
return;
43
43
}
…
…
268
268
</form>
269
269
<?php
270
// Proceed only if the nonce is verified.
270
271
if ( isset( $\_GET\['edw-wc-nonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['edw-wc-nonce'\] ) ), 'edw-wc-nonce' ) ) {
271
272
if ( isset( $\_GET\['subscribed'\] ) && sanitize\_text\_field( wp\_unslash( $\_GET\['subscribed'\] ) ) ) {
…
…
308
309
}
309
310
310
// Delete transient used for redirection.
311
delete\_transient( '\_eb\_activation\_redirect' );
312
if ( isset( $\_POST\['subscribe\_nonce\_field'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['subscribe\_nonce\_field'\] ) ), 'subscribe\_nonce' ) ) {
313
die( esc\_html\_\_( 'Action failed. Please refresh the page and retry.', 'eb-textdomain' ) );
314
}
315
// Return if activating from network, or bulk.
316
if ( is\_network\_admin() || isset( $\_GET\['activate-multi'\] ) ) {
317
return;
318
}
319
320
if ( ( isset( $\_GET\['action'\] ) && 'upgrade-plugin' === $\_GET\['action'\] ) || ( ! empty( $\_GET\['page'\] ) && 'eb-about' === $\_GET\['page'\] ) ) {
321
return;
322
}
323
$wc\_url = admin\_url( '/?page=eb-about' ) . '&edw-wc-nonce=' . wp\_create\_nonce( 'edw-wc-nonce' );
324
325
wp\_safe\_redirect( $wc\_url );
326
exit;
311
if ( isset( $\_GET\['activate'\] ) && sanitize\_text\_field( wp\_unslash( $\_GET\['activate'\] ) ) ) { // WPCS: CSRF ok, input var ok.
312
// Delete transient used for redirection.
313
delete\_transient( '\_eb\_activation\_redirect' );
314
315
// Return if activating from network, or bulk.
316
if ( is\_network\_admin() ) {
317
return;
318
}
319
320
$wc\_url = admin\_url( '/?page=eb-about' ) . '&edw-wc-nonce=' . wp\_create\_nonce( 'edw-wc-nonce' );
321
322
wp\_safe\_redirect( $wc\_url );
323
exit;
324
}
325
327
326
}
328
327
…
…
339
338
340
339
// verify nonce.
341
if ( isset( $\_POST\['subscribe\_nonce\_field'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['subscribe\_nonce\_field'\] ) ), 'subscribe\_nonce' ) ) {
340
if ( ! isset( $\_POST\['subscribe\_nonce\_field'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['subscribe\_nonce\_field'\] ) ), 'subscribe\_nonce' ) ) {
342
341
esc\_html\_e( 'Sorry, there is a problem!', 'eb-textdomain' );
343
342
exit;
edwiser-bridge/trunk/admin/settings/class-eb-settings-help.php
r2441592
r2478642
58
58
59
59
// verify nonce.
60
if ( ! isset( $\_POST\['subscribe\_nonce\_field'\] ) ||
61
! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['subscribe\_nonce\_field'\] ) ), 'subscribe\_nonce' )
62
) {
60
if ( ! isset( $\_POST\['subscribe\_nonce\_field'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['subscribe\_nonce\_field'\] ) ), 'subscribe\_nonce' ) ) {
63
61
esc\_html\_e( 'Sorry, there is a problem!', 'eb-textdomain' );
64
62
exit;
edwiser-bridge/trunk/edwiser-bridge.php
r2466593
r2478642
11
11
\* Plugin URI: https://edwiser.org/bridge/
12
12
\* Description: Edwiser Bridge integrates WordPress with the Moodle LMS. The plugin provides an easy option to import Moodle courses to WordPress and sell them using PayPal. The plugin also allows automatic registration of WordPress users on the Moodle website along with single login credentials for both the systems.
13
\* Version: 2.0.6
13
\* Version: 2.0.7
14
14
\* Author: WisdmLabs
15
15
\* Author URI: https://edwiser.org
…
…
167
167
\*/
168
168
function process\_upgrade() {
169
$new\_version = '2.0.6';
169
$new\_version = '2.0.7';
170
170
$current\_version = get\_option( 'eb\_current\_version' );
171
171
if ( false === $current\_version || $current\_version !== $new\_version ) {
edwiser-bridge/trunk/includes/api/class-eb-external-api-endpoint.php
r2455400
r2478642
31
31
32
32
33
/\*\*
33
/\*\*
34
34
\* Functionality to validate the secret key from Moodle with WP.
35
35
\*
36
36
\* @param text $request\_data request Data.
37
37
\*/
38
public function eb\_validate\_api\_key($request\_data)
39
{
38
public function eb\_validate\_api\_key( $request\_data ) {
40
39
$wp\_token = \\app\\wisdmlabs\\edwiserBridge\\wdm\_edwiser\_bridge\_plugin\_get\_access\_token();
41
40
$valid\_key = false;
edwiser-bridge/trunk/includes/class-eb-admin-notice-handler.php
r2458761
r2478642
53
53
}
54
54
55
55
/\*\*
56
\* Get Moodle plugin Info.
57
\* Currently only version is provided.
58
\*/
56
59
public function eb\_get\_mdl\_plugin\_info() {
57
58
60
$connection\_options = get\_option( 'eb\_connection' );
59
61
$eb\_moodle\_url = '';
…
…
69
71
$moodle\_function = 'eb\_get\_edwiser\_plugins\_info';
70
72
$request\_url .= $eb\_moodle\_token . '&wsfunction=' . $moodle\_function . '&moodlewsrestformat=json';
71
$request\_args \= array(
73
$request\_args \= array(
72
74
'body' => array(),
73
75
'timeout' => 100,
…
…
83
85
$body = json\_decode( wp\_remote\_retrieve\_body( $response ) );
84
86
85
if ( isset( $body->plugin\_name ) && isset( $body->version ) && version\_compare( '2.0.4', $body->version ) == 0) {
87
if ( isset( $body->plugin\_name ) && isset( $body->version ) && version\_compare( '2.0.4', $body->version ) == 0 ) {
86
88
$status = 1;
87
89
}
88
89
90
} else {
90
91
$status = 0;
edwiser-bridge/trunk/includes/class-eb-custom-list-table.php
r2441592
r2478642
270
270
$disabled = 'disabled';
271
271
272
if ( isset( $\_REQUEST\['eb-manage-user-enrol'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['eb-manage-user-enrol'\] ) ), 'eb-manage-user-enrol' ) ) {
272
if ( isset( $\_REQUEST\['eb-manage-user-enrol'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['eb-manage-user-enrol'\] ) ), 'eb-manage-user-enrol' ) ) {
273
273
274
274
if ( isset( $\_REQUEST\['enrollment\_from\_date'\] ) && ! empty( $\_REQUEST\['enrollment\_from\_date'\] ) ) { // WPCS: CSRF ok, input var ok.
…
…
337
337
\*/
338
338
339
if ( isset( $\_REQUEST\['eb-manage-user-enrol'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['eb-manage-user-enrol'\] ) ), 'eb-manage-user-enrol' ) ) {
340
return;
341
}
342
339
$this->process\_bulk\_action( $\_POST );
343
340
344
$search\_text = '';
345
346
if ( isset( $\_REQUEST\['s'\] ) && ! empty( $\_REQUEST\['s'\] ) ) {
347
$search\_text = sanitize\_text\_field( wp\_unslash( $\_REQUEST\['s'\] ) );
348
}
349
350
$data = $this->bpGetTable( $\_REQUEST, $search\_text );
341
if ( ! isset( $\_REQUEST\['eb-manage-user-enrol'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['eb-manage-user-enrol'\] ) ), 'eb-manage-user-enrol' ) ) {
342
$data = $this->bpGetTable( array(), '' );
343
} else {
344
345
$search\_text = '';
346
347
if ( isset( $\_REQUEST\['s'\] ) && ! empty( $\_REQUEST\['s'\] ) ) {
348
$search\_text = sanitize\_text\_field( wp\_unslash( $\_REQUEST\['s'\] ) );
349
}
350
351
$data = $this->bpGetTable( $\_REQUEST, $search\_text );
352
}
353
351
354
352
355
/\*
edwiser-bridge/trunk/includes/class-eb-gdpr-compatibility.php
r2441592
r2478642
87
87
88
88
$enrolled\_course = array();
89
$result = $wpdb->get\_results( $wpdb->prepare( 'SELECT \`course\_id\` FROM {$wpdb->prefix}moodle\_enrollment WHERE user\_id = %d', $user\_id ) );
89
$result = $wpdb->get\_results( $wpdb->prepare( "SELECT \`course\_id\` FROM {$wpdb->prefix}moodle\_enrollment WHERE user\_id = %d", $user\_id ) );
90
90
91
91
if ( ! empty( $result ) ) {
…
…
108
108
109
109
$enrolled\_course = array();
110
$result = $wpdb->get\_results( $wpdb->prepare( 'SELECT \`course\_id\`, \`time\` FROM {$wpdb->prefix}moodle\_enrollment WHERE user\_id = %d', $user\_id ) );
110
$result = $wpdb->get\_results( $wpdb->prepare( "SELECT \`course\_id\`, \`time\` FROM {$wpdb->prefix}moodle\_enrollment WHERE user\_id = %d", $user\_id ) );
111
111
112
112
if ( ! empty( $result ) ) {
…
…
165
165
}
166
166
167
$wpdb->get\_results( $wpdb->prepare( 'DELETE FROM {$wpdb->prefix}moodle\_enrollment WHERE user\_id = %d', $user->ID ) );
167
$wpdb->get\_results( $wpdb->prepare( "DELETE FROM {$wpdb->prefix}moodle\_enrollment WHERE user\_id = %d", $user->ID ) );
168
168
array\_push( $msg, esc\_html\_\_( 'Deleted Courses related data from the WordPress site', 'eb-textdomain' ) );
169
169
delete\_user\_meta( $user->ID, 'moodle\_user\_id' );
edwiser-bridge/trunk/includes/class-eb-manage-enrollment.php
r2441592
r2478642
150
150
\*/
151
151
private function handle\_bulk\_action( $action ) {
152
if ( isset( $\_POST\['eb-manage-user-enrol'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb-manage-user-enrol'\] ) ), 'eb-manage-user-enrol' ) ) {
152
if ( ! isset( $\_POST\['eb-manage-user-enrol'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb-manage-user-enrol'\] ) ), 'eb-manage-user-enrol' ) ) {
153
153
$post\_data = array();
154
154
} else {
edwiser-bridge/trunk/includes/class-eb-order-history-meta.php
r2458761
r2478642
83
83
<li>
84
84
<div class="eb-sso-hist-note">
85
<?php echo esc\_html( $note ); ?>
85
<?php echo wp\_kses\_post( $note ); ?>
86
86
</div>
87
87
<div class="eb-sso-hist-by">
88
<?php esc\_html\_\_( 'added by ', 'eb-textdomain' ) . printf( '%s on %s.', esc\_html( $updated\_by ), esc\_html( $updated\_on ) ); ?>
88
<?php esc\_html\_\_( 'added by ', 'eb-textdomain' ) . printf( '%s on %s.', esc\_html( $updated\_by ), esc\_html( $updated\_on ) ); ?>
89
89
</div>
90
90
</li>
edwiser-bridge/trunk/includes/class-eb-order-manager.php
r2441592
r2478642
116
116
}
117
117
118
if ( ! isset( $\_POST\['eb\_post\_meta\_nonce'\] ) || ( isset( $\_POST\['eb\_post\_meta\_nonce'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_post\_meta\_nonce'\] ) ), 'eb\_post\_meta\_nonce' ) ) ) {
118
if ( ! isset( $\_POST\['eb\_post\_meta\_nonce'\] ) || ! isset( $\_POST\['eb\_post\_meta\_nonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_post\_meta\_nonce'\] ) ), 'eb\_post\_meta\_nonce' ) ) {
119
119
return $order\_id;
120
120
}
…
…
305
305
\*/
306
306
public function create\_new\_order\_ajax\_wrapper() {
307
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) ) {
308
die( 'Busted!' );
309
}
310
307
311
308
// verifying generated nonce we created earlier.
312
if ( ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'public\_js\_nonce' ) ) {
309
if ( ! isset( $\_POST\['\_wpnonce\_field'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce\_field'\] ) ), 'public\_js\_nonce' ) ) {
313
310
die( 'Busted!' );
314
311
}
…
…
394
391
395
392
// define args.
396
$args \= array(
393
$args \= array(
397
394
'user\_id' => $buyer\_id,
398
395
'courses' => array( $course\_id ),
edwiser-bridge/trunk/includes/class-eb-order-meta.php
r2458761
r2478642
180
180
?>
181
181
<li>
182
<div class="eb-order-refund-hist-stmt"><?php esc\_html\_\_( 'Refunded by', 'eb-textdomain' ) . printf( '%s ', esc\_html( $refund\_by ) ) . printf( ' on %s ', $time ); ?></div>
182
<div class="eb-order-refund-hist-stmt"><?php esc\_html\_\_( 'Refunded by', 'eb-textdomain' ) . printf( '%s ', esc\_html( $refund\_by ) ) . printf( ' on %s ', esc\_attr( $time ) ); ?></div>
183
183
<div class="eb-order-refund-hist-amt"><?php echo esc\_html( "$currency$amt" ); ?></div>
184
184
</li>
edwiser-bridge/trunk/includes/class-eb-order-status.php
r2441592
r2478642
86
86
}
87
87
88
// Taking nonce field in a new.
88
89
$nonce = isset( $\_POST\['eb\_order\_meta\_nons'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_order\_meta\_nons'\] ) ) : '';
89
90
edwiser-bridge/trunk/includes/class-eb-user-manager.php
r2441592
r2478642
395
395
$uc\_status = '';
396
396
// Check the e-mail address.
397
if ( ! empty( $email ) || is\_email( $email ) ) {
397
if ( ! empty( $email ) && is\_email( $email ) && isset( $\_POST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-register' ) ) {
398
398
$uc\_status = new \\WP\_Error( 'registration-error', esc\_html\_\_( 'Please provide a valid email address.', 'eb-textdomain' ) );
399
399
if ( email\_exists( $email ) ) {
…
…
404
404
);
405
405
} else {
406
if ( isset( $\_POST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-register' ) ) {
407
if ( empty( $firstname ) ) {
408
$firstname = isset( $\_POST\['firstname'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['firstname'\] ) ) : '';
409
}
410
411
if ( empty( $lastname ) ) {
412
$lastname = isset( $\_POST\['lastname'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['lastname'\] ) ) : '';
413
}
406
if ( empty( $firstname ) ) {
407
$firstname = isset( $\_POST\['firstname'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['firstname'\] ) ) : '';
408
}
409
410
if ( empty( $lastname ) ) {
411
$lastname = isset( $\_POST\['lastname'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['lastname'\] ) ) : '';
414
412
}
415
413
…
…
931
929
$wp\_user\_table = \_get\_list\_table( 'WP\_Users\_List\_Table' );
932
930
$action = $wp\_user\_table->current\_action();
931
933
932
// perform our unlink action.
934
if ( ! isset( $\_GET\['\_wpnonce'\] ) || ( isset( $\_GET\['\_wpnonce'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['\_wpnonce'\] ) ), 'bulk-users' ) ) ) {
933
if ( ! isset( $\_GET\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['\_wpnonce'\] ) ), 'bulk-users' ) ) {
935
934
return;
936
935
}
937
936
937
$eb\_bulk\_user\_nonce = wp\_create\_nonce( 'eb\_bulk\_users\_nonce' );
938
938
939
$users = isset( $\_REQUEST\['users'\] ) ? \\app\\wisdmlabs\\edwiserBridge\\wdm\_eb\_edwiser\_sanitize\_array( $\_REQUEST\['users'\] ) : array(); // WPCS: input var ok, CSRF ok, sanitization ok.
940
941
// get all selected users.
942
$request\_refer = isset( $\_SERVER\['HTTP\_REFERER'\] ) ? sanitize\_text\_field( wp\_unslash( $\_SERVER\['HTTP\_REFERER'\] ) ) : '';
943
$request\_refer = strtok( $request\_refer, '?' );
939
944
940
945
switch ( $action ) {
941
946
case 'link\_moodle':
942
947
$linked = 0;
943
944
// get all selected users.
945
$request\_refer = isset( $\_SERVER\['HTTP\_REFERER'\] ) ? sanitize\_text\_field( wp\_unslash( $\_SERVER\['HTTP\_REFERER'\] ) ) : '';
946
948
947
949
if ( is\_array( $users ) ) {
…
…
954
956
955
957
// build the redirect url.
956
$sendback = add\_query\_arg( array( 'linked' => $linked ), $request\_refer );
958
$sendback = add\_query\_arg(
959
array(
960
'linked' => $linked,
961
'eb\_bulk\_user\_nonce' => $eb\_bulk\_user\_nonce,
962
),
963
$request\_refer
964
);
957
965
958
966
}
…
…
963
971
964
972
// get all selected users.
965
966
973
if ( is\_array( $users ) ) {
967
974
foreach ( $users as $user ) {
…
…
974
981
975
982
// build the redirect url.
976
$sendback = add\_query\_arg( array( 'unlinked' => $unlinked ), sanitize\_text\_field( wp\_unslash( $\_SERVER\['HTTP\_REFERER'\] ) ) );
983
$sendback = add\_query\_arg(
984
array(
985
'unlinked' => $unlinked,
986
'eb\_bulk\_user\_nonce' => $eb\_bulk\_user\_nonce,
987
),
988
sanitize\_text\_field(
989
wp\_unslash(
990
$request\_refer
991
)
992
)
993
);
977
994
}
978
995
…
…
993
1010
public function link\_user\_bulk\_actions\_notices() {
994
1011
global $pagenow;
995
if ( isset( $\_GET\['\_wpnonce'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['\_wpnonce'\] ) ), 'bulk-users' ) ) {
1012
1013
if ( ! isset( $\_REQUEST\['eb\_bulk\_user\_nonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['eb\_bulk\_user\_nonce'\] ) ), 'eb\_bulk\_users\_nonce' ) ) {
996
1014
return;
997
1015
}
998
1016
999
1017
if ( 'users.php' === $pagenow ) {
1000
if ( isset( $\_REQUEST\['unlinked'\] ) && 1 === $\_REQUEST\['unlinked'\] ) {
1018
if ( isset( $\_REQUEST\['unlinked'\] ) && 1 === (int) trim( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['unlinked'\] ) ) ) ) {
1001
1019
$message = sprintf( '%s' . esc\_html\_\_( ' User Unlinked.', 'eb-textdomain' ), number\_format\_i18n( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['unlinked'\] ) ) ) );
1002
1020
} elseif ( isset( $\_REQUEST\['unlinked'\] ) && (int) $\_REQUEST\['unlinked'\] > 1 ) {
…
…
1005
1023
number\_format\_i18n( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['unlinked'\] ) ) )
1006
1024
);
1007
} elseif ( isset( $\_REQUEST\['linked'\] ) && 1 === $\_REQUEST\['linked'\] ) {
1025
} elseif ( isset( $\_REQUEST\['linked'\] ) && 1 === (int) trim( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['linked'\] ) ) ) ) {
1008
1026
$message = sprintf( '%s' . esc\_html\_\_( 'User Linked.', 'eb-textdomain' ), number\_format\_i18n( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['linked'\] ) ) ) );
1009
1027
} elseif ( isset( $\_REQUEST\['linked'\] ) && (int) $\_REQUEST\['linked'\] > 1 ) {
…
…
1025
1043
\*/
1026
1044
public function password\_update( $user\_id ) {
1027
1045
// Proceed if nonce is verified.
1028
1046
if ( isset( $\_POST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
1029
1047
…
…
1195
1213
}
1196
1214
1215
// Proceed if nonce is verified.
1197
1216
if ( isset( $\_POST\['eb\_mdl\_course\_enrollment'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_mdl\_course\_enrollment'\] ) ), 'eb\_mdl\_course\_enrollment' ) ) {
1198
1217
…
…
1271
1290
public function unenroll\_on\_course\_access\_expire() {
1272
1291
global $wpdb, $post;
1273
$cur\_user = get\_current\_user\_id();
1274
1292
$cur\_user = get\_current\_user\_id();
1275
1293
$enroll\_data = $wpdb->get\_results( $wpdb->prepare( "SELECT \* FROM {$wpdb->prefix}moodle\_enrollment WHERE expire\_time!='0000-00-00 00:00:00' AND expire\_time<%s;", gmdate( 'Y-m-d H:i:s' ) ) );
1276
1294
…
…
1310
1328
public function moodle\_link\_unlink\_user() {
1311
1329
$responce = array( 'code' => 'failed' );
1330
1331
// Proceed if nonce is verified.
1312
1332
if ( isset( $\_POST\['user\_id'\] ) && isset( $\_POST\['link\_user'\] ) && isset( $\_POST\['admin\_nonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['admin\_nonce'\] ) ), 'eb\_admin\_nonce' ) ) {
1313
1333
edwiser-bridge/trunk/includes/class-eb.php
r2466593
r2478642
109
109
public function \_\_construct() {
110
110
$this->plugin\_name = 'edwiserbridge';
111
$this->version = '2.0.6';
111
$this->version = '2.0.7';
112
112
$this->load\_dependencies();
113
113
$this->set\_locale();
…
…
133
133
134
134
$plugin\_path = plugin\_dir\_path( \_\_DIR\_\_ );
135
136
135
137
136
// load admin & public facing files conditionally.
…
…
142
141
}
143
142
144
145
143
/\*
146
144
\* Adding this function because of is\_plugin\_active function not found error is given
…
…
152
150
\*/
153
151
require\_once $plugin\_path . 'includes/class-eb-usage-tracking.php';
154
155
152
156
153
/\*\*
edwiser-bridge/trunk/includes/eb-core-functions.php
r2466593
r2478642
722
722
\*/
723
723
function wdm\_edwiser\_bridge\_version() {
724
return '2.0.6';
724
return '2.0.7';
725
725
}
726
726
}
edwiser-bridge/trunk/includes/payments/eb-ipn.php
r2441592
r2478642
11
11
// You cannot rely on setting up some details here and then using them in your success page.
12
12
13
$request\_data = $\_REQUEST; // WPCS: CSRF ok, input var ok.
14
$post\_data = $\_POST; // WPCS: CSRF ok, input var ok.
13
15
// Verify Nonce.
14
$custom\_data = isset( $\_REQUEST\['custom'\] ) ? json\_decode( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['custom'\] ) ) ) : ''; // WPCS: CSRF ok, input var ok.
15
16
if ( isset( $custom\_data->eb\_nonce ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $custom\_data->eb\_nonce ) ), 'eb\_paypal\_nonce' ) ) {
17
return;
18
}
16
$custom\_data = isset( $request\_data\['custom'\] ) ? json\_decode( sanitize\_text\_field( wp\_unslash( $request\_data\['custom'\] ) ) ) : ''; // WPCS: CSRF ok, input var ok.
19
17
20
18
// create an object of logger class.
21
19
edwiser\_bridge\_instance()->logger()->add( 'payment', "\\n" );
22
20
23
edwiser\_bridge\_instance()->logger()->add( 'payment', wp\_json\_encode( $\_REQUEST ) );
21
edwiser\_bridge\_instance()->logger()->add( 'payment', wp\_json\_encode( $request\_data ) );
24
22
25
23
edwiser\_bridge\_instance()->logger()->add( 'payment', 'IPN Listener Loading...' );
…
…
60
58
$listener->require\_post\_method();
61
59
62
$verified = $listener->process\_ipn( $\_POST );
60
$verified = $listener->process\_ipn( $post\_data );
63
61
64
62
edwiser\_bridge\_instance()->logger()->add( 'payment', 'Post method check completed.' );
…
…
98
96
// note: This is just notification for us. Paypal has already made up its mind and the payment has been processed.
99
97
// You can't cancel that here.
100
$post\_receiver\_email = isset( $\_POST\['receiver\_email'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['receiver\_email'\] ) ) : '';
98
$post\_receiver\_email = isset( $post\_data\['receiver\_email'\] ) ? sanitize\_text\_field( wp\_unslash( $post\_data\['receiver\_email'\] ) ) : '';
101
99
102
100
edwiser\_bridge\_instance()->logger()->add( 'payment', 'Receiver Email: ' . $post\_receiver\_email . 'Valid Receiver Email? :' . ( ( $post\_receiver\_email === $seller\_email ) ? 'YES' : 'NO' ) );
…
…
115
113
}
116
114
117
$post\_payment\_status = isset( $\_POST\['payment\_status'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['payment\_status'\] ) ) : '';
115
$post\_payment\_status = isset( $post\_data\['payment\_status'\] ) ? sanitize\_text\_field( wp\_unslash( $post\_data\['payment\_status'\] ) ) : '';
118
116
119
117
edwiser\_bridge\_instance()->logger()->add(
…
…
127
125
// a customer has purchased from this website.
128
126
// email used by buyer to purchase course.
129
$billing\_email = isset( $\_REQUEST\['payer\_email'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['payer\_email'\] ) ) : '';
127
$billing\_email = isset( $request\_data\['payer\_email'\] ) ? sanitize\_text\_field( wp\_unslash( $request\_data\['payer\_email'\] ) ) : '';
130
128
131
129
edwiser\_bridge\_instance()->logger()->add( 'payment', 'Billing Email: ' . $billing\_email );
132
130
133
131
// id of course passed by PayPal.
134
$course\_id = isset( $\_REQUEST\['item\_number'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['item\_number'\] ) ) : '';
132
$course\_id = isset( $request\_data\['item\_number'\] ) ? sanitize\_text\_field( wp\_unslash( $request\_data\['item\_number'\] ) ) : '';
135
133
136
134
edwiser\_bridge\_instance()->logger()->add( 'payment', 'Checking if payment amount is correct and was not modified.' );
…
…
139
137
$course\_price = Eb\_Post\_Types::get\_post\_options( $course\_id, 'course\_price', 'eb\_course' );
140
138
141
$post\_mc\_gross = isset( $\_REQUEST\['mc\_gross'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['mc\_gross'\] ) ) : '';
139
$post\_mc\_gross = isset( $request\_data\['mc\_gross'\] ) ? sanitize\_text\_field( wp\_unslash( $request\_data\['mc\_gross'\] ) ) : '';
142
140
143
141
if ( round( trim( $post\_mc\_gross ) ) === round( trim( $course\_price ) ) ) {
…
…
151
149
}
152
150
153
$post\_mc\_currency = isset( $\_REQUEST\['mc\_currency'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['mc\_currency'\] ) ) : '';
151
$post\_mc\_currency = isset( $request\_data\['mc\_currency'\] ) ? sanitize\_text\_field( wp\_unslash( $request\_data\['mc\_currency'\] ) ) : '';
154
152
155
153
if ( $post\_mc\_currency !== $paypal\_currency ) {
…
…
162
160
163
161
// verify user id & order id.
164
if ( ! empty( $\_REQUEST\['custom'\] ) ) {
165
166
edwiser\_bridge\_instance()->logger()->add( 'payment', sanitize\_text\_field( wp\_unslash( $\_REQUEST\['custom'\] ) ) );
162
if ( ! empty( $request\_data\['custom'\] ) ) {
163
164
edwiser\_bridge\_instance()->logger()->add( 'payment', sanitize\_text\_field( wp\_unslash( $request\_data\['custom'\] ) ) );
167
165
168
166
// decode json data.
…
…
231
229
232
230
// since 1.2.4.
233
$post\_txn\_id = isset( $\_REQUEST\['txn\_id'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['txn\_id'\] ) ) : '';
231
$post\_txn\_id = isset( $request\_data\['txn\_id'\] ) ? sanitize\_text\_field( wp\_unslash( $request\_data\['txn\_id'\] ) ) : '';
234
232
235
233
if ( $post\_txn\_id ) {
…
…
248
246
}
249
247
} elseif ( 'Refunded' === $post\_payment\_status ) {
250
$post\_mc\_gross = isset( $\_REQUEST\['mc\_gross'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['mc\_gross'\] ) ) : '';
251
252
$post\_txn\_id = isset( $\_REQUEST\['txn\_id'\] ) ? sanitize\_text\_field( wp\_unslash( $\_REQUEST\['txn\_id'\] ) ) : '';
248
$post\_mc\_gross = isset( $request\_data\['mc\_gross'\] ) ? sanitize\_text\_field( wp\_unslash( $request\_data\['mc\_gross'\] ) ) : '';
249
250
$post\_txn\_id = isset( $request\_data\['txn\_id'\] ) ? sanitize\_text\_field( wp\_unslash( $request\_data\['txn\_id'\] ) ) : '';
253
251
edwiser\_bridge\_instance()->logger()->add( 'refund', wp\_json\_encode( $custom\_data ) );
254
252
$order\_id = isset( $custom\_data->order\_id ) ? $custom\_data->order\_id : '';
edwiser-bridge/trunk/public/class-eb-frontend-form-handler.php
r2466593
r2478642
22
22
\*/
23
23
public static function process\_login() {
24
if ( ! empty( $\_POST\['wdm\_login'\] ) &&
25
! empty( $\_POST\['\_wpnonce'\] ) &&
26
wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-login' ) ) {
24
// Proceed only if nonce is verified.
25
if ( ! empty( $\_POST\['wdm\_login'\] ) && isset( $\_POST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-login' ) ) {
27
26
try {
28
27
$creds = array();
…
…
88
87
private static function calc\_redirect() {
89
88
$redirect = '';
89
// Proceed only if nonce is verified.
90
90
if ( isset( $\_POST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-login' ) ) {
91
91
…
…
116
116
}
117
117
118
// Proceed only if nonce is verified.
118
119
if ( ! empty( $\_POST\['register'\] ) &&
119
120
isset( $\_POST\['\_wpnonce'\] ) &&
…
…
188
189
}
189
190
190
if ( ! isset( $\_POST\['eb\_course\_payment\_nonce'\] ) || ( isset( $\_POST\['eb\_course\_payment\_nonce'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_course\_payment\_nonce'\] ) ), 'eb\_course\_payment\_nonce' ) ) ) {
191
if ( ! isset( $\_POST\['eb\_course\_payment\_nonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['eb\_course\_payment\_nonce'\] ) ), 'eb\_course\_payment\_nonce' ) ) {
191
192
return;
192
193
}
edwiser-bridge/trunk/public/shortcodes/class-eb-shortcode-courses.php
r2441592
r2478642
117
117
$page = 1;
118
118
119
if ( isset( $\_GET\['key'\] ) && ! empty( $\_GET\['key'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['key'\] ) ), 'eb\_pagination' ) && isset( $\_GET\['eb-cat-page-no'\] ) ) {
119
if ( isset( $\_GET\['key'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\['key'\] ) ), 'eb\_pagination' ) && isset( $\_GET\['eb-cat-page-no'\] ) ) {
120
120
$page = sanitize\_text\_field( wp\_unslash( $\_GET\['eb-cat-page-no'\] ) );
121
121
}
edwiser-bridge/trunk/public/shortcodes/class-eb-shortcode-user-account.php
r2441592
r2478642
194
194
return false;
195
195
}
196
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || empty( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
196
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || ! isset( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
197
197
return false;
198
198
}
…
…
204
204
\*/
205
205
public static function get\_posted\_data() {
206
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || empty( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
206
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || ! isset( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
207
207
return false;
208
208
}
…
…
245
245
$val = '';
246
246
247
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || empty( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
247
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || ! isset( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
248
248
return false;
249
249
}
edwiser-bridge/trunk/public/shortcodes/class-eb-shortcode-user-profile.php
r2441592
r2478642
151
151
}
152
152
153
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || empty( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
153
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || ! isset( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
154
154
return false;
155
155
}
…
…
163
163
public static function get\_posted\_data() {
164
164
$posted\_data = array();
165
if ( ( ! empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] ) && ( ! empty( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) ) {
165
166
// Proceed only if nonce is verified.
167
if ( ( ! empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] ) && isset( $\_POST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
166
168
$username = isset( $\_POST\['username'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['username'\] ) ) : '';
167
169
$first\_name = isset( $\_POST\['first\_name'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['first\_name'\] ) ) : '';
…
…
196
198
public static function get\_posted\_field( $fieldname, $sanitize = true ) {
197
199
$val = '';
198
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || empty( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
200
if ( empty( $\_POST\['action'\] ) || 'eb-update-user' !== $\_POST\['action'\] || ! isset( $\_POST\['\_wpnonce'\] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-update-user' ) ) {
199
201
return false;
200
202
}
edwiser-bridge/trunk/public/templates/account/form-login.php
r2455400
r2478642
13
13
}
14
14
15
if ( isset( $\_POST\['\_wpnonce'\] ) && ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_POST\['\_wpnonce'\] ) ), 'eb-login' ) ) {
16
return;
15
$eb\_action = false;
16
$username = false;
17
18
if ( isset( $\_REQUEST\['\_wpnonce'\] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_REQUEST\['\_wpnonce'\] ) ), 'eb-login' ) ) {
19
$eb\_action = isset( $\_GET\['action'\] ) ? sanitize\_text\_field( wp\_unslash( $\_GET\['action'\] ) ) : false;
20
$username = isset( $\_POST\['username'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['username'\] ) ) : false;
17
21
}
18
22
19
$eb\_action = isset( $\_GET\['action'\] ) ? sanitize\_text\_field( wp\_unslash( $\_GET\['action'\] ) ) : false;
20
$username = isset( $\_POST\['username'\] ) ? sanitize\_text\_field( wp\_unslash( $\_POST\['username'\] ) ) : false;
23
21
24
22
25
// check if registration enabled.
23
26
$general\_settings = get\_option( 'eb\_general' );
24
27
$enable\_registration = \\app\\wisdmlabs\\edwiserBridge\\wdm\_eb\_get\_value\_from\_array( $general\_settings, 'eb\_enable\_registration', '' );
28
$eb\_login\_nonce = wp\_create\_nonce( 'eb-login' );
25
29
26
30
do\_action( 'eb\_before\_customer\_login\_form' );
…
…
65
69
?>
66
70
<p class="form-row">
67
<?php
68
wp\_nonce\_field( 'eb-login' );
69
?>
71
<input name="\_wpnonce" type="hidden" id="eb\_wpnonce" value="<?php echo esc\_attr( $eb\_login\_nonce ); ?>" />
72
70
73
<label for="rememberme" class="inline">
71
74
<input name="rememberme" type="checkbox" id="rememberme" value="forever" />
…
…
93
96
}
94
97
95
$arg\_list\['action'\] = 'eb\_register';
98
$arg\_list\['action'\] = 'eb\_register';
99
$arg\_list\['\_wpnonce'\] = esc\_attr( $eb\_login\_nonce );
96
100
97
101
?>
edwiser-bridge/trunk/public/templates/account/user-profile.php
r2441592
r2478642
14
14
<?php
15
15
$nonce\_name = 'eb\_user\_account\_nav\_nonce';
16
if ( isset( $\_GET\[ $nonce\_name \] ) && wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\[ $nonce\_name \] ) ), $nonce\_name ) ) {
16
17
// Return only if nonce is not set.
18
if ( ! isset( $\_GET\[ $nonce\_name \] ) || ! wp\_verify\_nonce( sanitize\_text\_field( wp\_unslash( $\_GET\[ $nonce\_name \] ) ), $nonce\_name ) ) {
17
19
return false;
18
20
}
edwiser-bridge/trunk/readme.txt
r2466593
r2478642
212
212
213
213
== Changelog ==
214
\= 2.0.7 =
215
\* Fix - Fixed security issues related to the nonce.
214
216
215
217
\= 2.0.6 =