diff --git a/includes/admin/templates/role/role-edit.php b/includes/admin/templates/role/role-edit.php index 9cd4b9cf..47bd571b 100644 --- a/includes/admin/templates/role/role-edit.php +++ b/includes/admin/templates/role/role-edit.php @@ -59,64 +59,77 @@ if ( ! empty( $_GET['id'] ) ) { if ( ! empty( $_POST['role'] ) ) { - $data = $_POST['role']; - $id = ''; $redirect = ''; $error = ''; - if ( empty( $data['name'] ) ) { - - $error .= __( 'Title is empty!', 'ultimate-member' ) . '
'; - - } else { - - if ( 'add' == $_GET['tab'] ) { - - if ( preg_match( "/[a-z0-9]+$/i", $data['name'] ) ) { - $id = sanitize_title( $data['name'] ); - } else { - $auto_increment = UM()->options()->get( 'custom_roles_increment' ); - $auto_increment = ! empty( $auto_increment ) ? $auto_increment : 1; - $id = 'custom_role_' . $auto_increment; - } - - $redirect = add_query_arg( array( 'page'=>'um_roles', 'tab'=>'edit', 'id'=>$id, 'msg'=>'a' ), admin_url( 'admin.php' ) ); - } elseif ( 'edit' == $_GET['tab'] && ! empty( $_GET['id'] ) ) { - $id = $_GET['id']; - $redirect = add_query_arg( array( 'page' => 'um_roles', 'tab'=>'edit', 'id'=>$id, 'msg'=>'u' ), admin_url( 'admin.php' ) ); - } - - } - - $all_roles = array_keys( get_editable_roles() ); if ( 'add' == $_GET['tab'] ) { - if ( in_array( 'um_' . $id, $all_roles ) || in_array( $id, $all_roles ) ) - $error .= __( 'Role already exists!', 'ultimate-member' ) . '
'; + if ( ! wp_verify_nonce( $_POST['um_nonce'], 'um-add-role' ) ) { + $error = __( 'Security Issue', 'ultimate-member' ) . '
'; + } + } else { + if ( ! wp_verify_nonce( $_POST['um_nonce'], 'um-edit-role' ) ) { + $error = __( 'Security Issue', 'ultimate-member' ) . '
'; + } } - if ( '' == $error ) { + if ( empty( $error ) ) { - if ( 'add' == $_GET['tab'] ) { - $roles = get_option( 'um_roles' ); - $roles[] = $id; + $data = $_POST['role']; - update_option( 'um_roles', $roles ); + if ( empty( $data['name'] ) ) { - if ( isset( $auto_increment ) ) { - $auto_increment++; - UM()->options()->update( 'custom_roles_increment', $auto_increment ); + $error .= __( 'Title is empty!', 'ultimate-member' ) . '
'; + + } else { + + if ( 'add' == $_GET['tab'] ) { + + if ( preg_match( "/[a-z0-9]+$/i", $data['name'] ) ) { + $id = sanitize_title( $data['name'] ); + } else { + $auto_increment = UM()->options()->get( 'custom_roles_increment' ); + $auto_increment = ! empty( $auto_increment ) ? $auto_increment : 1; + $id = 'custom_role_' . $auto_increment; + } + + $redirect = add_query_arg( array( 'page'=>'um_roles', 'tab'=>'edit', 'id'=>$id, 'msg'=>'a' ), admin_url( 'admin.php' ) ); + } elseif ( 'edit' == $_GET['tab'] && ! empty( $_GET['id'] ) ) { + $id = $_GET['id']; + $redirect = add_query_arg( array( 'page' => 'um_roles', 'tab'=>'edit', 'id'=>$id, 'msg'=>'u' ), admin_url( 'admin.php' ) ); } + } - $role_meta = $data; - unset( $role_meta['id'] ); + $all_roles = array_keys( get_editable_roles() ); + if ( 'add' == $_GET['tab'] ) { + if ( in_array( 'um_' . $id, $all_roles ) || in_array( $id, $all_roles ) ) + $error .= __( 'Role already exists!', 'ultimate-member' ) . '
'; + } - update_option( "um_role_{$id}_meta", $role_meta ); + if ( '' == $error ) { - UM()->user()->remove_cache_all_users(); + if ( 'add' == $_GET['tab'] ) { + $roles = get_option( 'um_roles' ); + $roles[] = $id; - um_js_redirect( $redirect ); + update_option( 'um_roles', $roles ); + + if ( isset( $auto_increment ) ) { + $auto_increment++; + UM()->options()->update( 'custom_roles_increment', $auto_increment ); + } + } + + $role_meta = $data; + unset( $role_meta['id'] ); + + update_option( "um_role_{$id}_meta", $role_meta ); + + UM()->user()->remove_cache_all_users(); + + um_js_redirect( $redirect ); + } } } @@ -158,8 +171,10 @@ $screen_id = $current_screen->id; ?> + +
diff --git a/languages/ultimate-member-en_US.po b/languages/ultimate-member-en_US.po index c351ab7e..d5251bc7 100644 --- a/languages/ultimate-member-en_US.po +++ b/languages/ultimate-member-en_US.po @@ -1,8 +1,8 @@ msgid "" msgstr "" "Project-Id-Version: Ultimate Member\n" -"POT-Creation-Date: 2019-07-01 14:36+0300\n" -"PO-Revision-Date: 2019-07-01 14:36+0300\n" +"POT-Creation-Date: 2019-07-09 18:37+0300\n" +"PO-Revision-Date: 2019-07-09 18:37+0300\n" "Last-Translator: \n" "Language-Team: \n" "Language: en_US\n" @@ -172,7 +172,7 @@ msgstr "" #: includes/admin/core/class-admin-columns.php:130 #: includes/admin/core/class-admin-columns.php:150 -#: includes/admin/templates/role/role-edit.php:171 +#: includes/admin/templates/role/role-edit.php:186 msgid "Title" msgstr "" @@ -2789,7 +2789,7 @@ msgstr "" #: includes/admin/core/list-tables/roles-list-table.php:479 #: includes/admin/core/packages/2.0-beta1/user_roles.php:14 -#: includes/admin/templates/role/role-edit.php:136 +#: includes/admin/templates/role/role-edit.php:149 #: includes/core/class-common.php:56 includes/core/class-common.php:86 msgid "Add New" msgstr "" @@ -3927,31 +3927,36 @@ msgid "" "been successful or not." msgstr "" -#: includes/admin/templates/role/role-edit.php:70 +#: includes/admin/templates/role/role-edit.php:68 +#: includes/admin/templates/role/role-edit.php:72 +msgid "Security Issue" +msgstr "" + +#: includes/admin/templates/role/role-edit.php:82 msgid "Title is empty!" msgstr "" -#: includes/admin/templates/role/role-edit.php:95 +#: includes/admin/templates/role/role-edit.php:107 msgid "Role already exists!" msgstr "" -#: includes/admin/templates/role/role-edit.php:134 +#: includes/admin/templates/role/role-edit.php:147 msgid "Add New Role" msgstr "" -#: includes/admin/templates/role/role-edit.php:134 +#: includes/admin/templates/role/role-edit.php:147 msgid "Edit Role" msgstr "" -#: includes/admin/templates/role/role-edit.php:143 +#: includes/admin/templates/role/role-edit.php:156 msgid "User Role Added Successfully." msgstr "" -#: includes/admin/templates/role/role-edit.php:146 +#: includes/admin/templates/role/role-edit.php:159 msgid "User Role Updated Successfully." msgstr "" -#: includes/admin/templates/role/role-edit.php:172 +#: includes/admin/templates/role/role-edit.php:187 msgid "Enter Title Here" msgstr "" diff --git a/readme.txt b/readme.txt index 7334bc74..d1d9f8e4 100644 --- a/readme.txt +++ b/readme.txt @@ -6,7 +6,7 @@ Donate link: Tags: community, member, membership, user-profile, user-registration Requires at least: 4.9 Tested up to: 5.2 -Stable tag: 2.0.50 +Stable tag: 2.0.51 License: GNU Version 2 or Any Later Version License URI: http://www.gnu.org/licenses/gpl-3.0.txt @@ -137,6 +137,11 @@ The plugin works with popular caching plugins by automatically excluding Ultimat = Important: UM2.0+ is a significant update to the code base from 1.3.88. Please make sure you take a full-site backup with restore point before updating the plugin = += 2.0.51: July 09, 2019 = + +* Bugfixes: + - Fixed UM Roles create/edit security issue + = 2.0.50: July 02, 2019 = * Enhancements: diff --git a/ultimate-member.php b/ultimate-member.php index 405154cf..a0909b3d 100644 --- a/ultimate-member.php +++ b/ultimate-member.php @@ -3,7 +3,7 @@ Plugin Name: Ultimate Member Plugin URI: http://ultimatemember.com/ Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress -Version: 2.0.50 +Version: 2.0.51 Author: Ultimate Member Author URI: http://ultimatemember.com/ Text Domain: ultimate-member