mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-18 14:13:46 +09:00
- fixed security vulnerability;
This commit is contained in:
@@ -374,14 +374,14 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
|
||||
$this->post_form = array_merge( $this->form_data, $this->post_form );
|
||||
|
||||
if ( isset( $this->form_data['custom_fields'] ) && strstr( $this->form_data['custom_fields'], 'role_' ) ) { // Secure selected role
|
||||
if ( isset( $this->form_data['custom_fields'] ) && strstr( $this->form_data['custom_fields'], 'role_' ) ) { // Secure selected role
|
||||
|
||||
$custom_field_roles = $this->custom_field_roles( $this->form_data['custom_fields'] );
|
||||
|
||||
if ( ! empty( $_POST['role'] ) ) {
|
||||
$role = $_POST['role'];
|
||||
|
||||
if( is_array( $_POST['role'] ) ){
|
||||
if ( is_array( $_POST['role'] ) ) {
|
||||
$role = current( $_POST['role'] );
|
||||
}
|
||||
|
||||
@@ -392,8 +392,8 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), array_merge( $role_keys, array( 'subscriber' ) ) );
|
||||
|
||||
if ( ! empty( $role ) &&
|
||||
( ! in_array( $role , $custom_field_roles ) || in_array( $role , $exclude_roles ) ) ) {
|
||||
wp_die( __( 'This is not possible for security reasons.','ultimate-member') );
|
||||
( ! in_array( $role, $custom_field_roles, true ) || in_array( $role, $exclude_roles ) ) ) {
|
||||
wp_die( __( 'This is not possible for security reasons.', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
$this->post_form['role'] = $role;
|
||||
@@ -401,6 +401,7 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
}
|
||||
|
||||
} elseif ( isset( $this->post_form['mode'] ) && $this->post_form['mode'] == 'register' ) {
|
||||
|
||||
$role = $this->assigned_role( $this->form_id );
|
||||
$this->post_form['role'] = $role;
|
||||
//fix for social login
|
||||
@@ -587,14 +588,16 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
|
||||
$fields = maybe_unserialize( $custom_fields );
|
||||
|
||||
if ( ! is_array( $fields ) )
|
||||
if ( ! is_array( $fields ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
foreach ( $fields as $field_key => $field_settings ) {
|
||||
|
||||
if ( strstr( $field_key , 'role_' ) ) {
|
||||
if ( is_array( $field_settings['options'] ) ) {
|
||||
return array_keys( $field_settings['options'] );
|
||||
$option_pairs = apply_filters( 'um_select_options_pair', null, $field_settings );
|
||||
return ! empty( $option_pairs ) ? array_keys( $field_settings['options'] ) : array_values( $field_settings['options'] );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user