10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity
3,736 Commits 4 Branches 13 Tags
13b8350e87dd8628dc3df30e62929d8bd5dde059
Commit Graph

78 Commits

Author SHA1 Message Date
Mykyta Synelnikov dad4c8017c - fix for profile form; 2023-07-01 01:52:43 +03:00
Mykyta Synelnikov 2ca243787e - fix for registration form; 2023-06-30 22:10:16 +03:00
Mykyta Synelnikov 7fafa3a4b3 - fix for registration form; 2023-06-30 21:55:59 +03:00
Mykyta Synelnikov 246de13726 - finished with UM Forms validations; 2023-06-30 16:58:12 +03:00
Mykyta Synelnikov 71f2360694 - review login form and submission data. optimized submission; 2023-06-30 15:56:30 +03:00
Mykyta Synelnikov 78a1a32530 Merge pull request #1219 from ultimatemember/fix/remove_extract_frontend 
Remove extract() frontend
 2023-06-28 21:41:00 +03:00
Mykyta Synelnikov fc07de48b7 - fixed vulnerability with banned keys (made them not case-sensitive); 2023-06-28 11:17:28 +03:00
Mykyta Synelnikov c2757d824b - review ajax_muted_action(); 2023-06-26 17:04:58 +03:00
Mykyta Synelnikov 5c8c3411e7 - wpcs fixes; 2023-06-23 16:53:38 +03:00
ashubawork f79712b549 - fix ajax_muted_action() 2023-06-22 12:57:43 +03:00
Mykyta Synelnikov 43a5e22473 - fixed PHP deprecated warning for PHP8.2 2023-06-21 20:27:17 +03:00
ashubawork 4c6a2c3b45 - add a spotify field 2023-06-13 09:32:03 +03:00
Mykyta Synelnikov 76cb1cc448 - fixed PHP notice; 2023-06-05 18:44:38 +03:00
Mykyta Synelnikov 034d9e8b43 - fixed dynamically declared variables inside the classes; 2023-04-17 20:16:15 +03:00
Nikita Sinelnikov aa8000bde9 - added filter for making 3rd-party roles editable through Ultimate Member interfaces. Use 'um_extend_editable_roles' and pass there an array of role keys( e.g. 'editor', 'administrator', etc. ); 
- reviewed and closed #1151;
 2023-03-28 01:53:50 +03:00
yuriinalivaiko 9da45a076f - fixed PHP Notice: Undefined index: options 2023-02-24 10:48:59 +02:00
Nikita Sinelnikov 1cf8d88f5d - added support of the iframes inside textarea with enabled the "HTML using" option; 2023-01-13 00:51:51 +02:00
yuriinalivaiko 0771f56df2 - added data type verification for the 'url' field 2022-12-08 14:49:28 +02:00
Nikita Sinelnikov 2004aa7dde Custom dropdown callback functions security enhancements: 
- avoid using different letter case for bypass the blacklist e.g. phpInfo
- avoid using root namespace for bypass the blacklist e.g. \phpinfo
 2022-11-09 03:17:23 +02:00
Nikita Sinelnikov fac2f9fdc5 - fixed #1085; 2022-10-24 17:34:54 +03:00
Nikita Sinelnikov af13de140a - fixed using "'" symbols in emails. There is possible to register with it and login after that. Closed #1059; 2022-10-24 16:22:04 +03:00
Nikita Sinelnikov aa6a238c61 - added callbacks blacklist. Added PHP command execution functions here to exclude the running them from the custom callback; 2022-09-30 12:31:40 +03:00
Nikita Sinelnikov fa9b85773e - fixed using special chars inside the password; 2022-06-10 01:53:35 +03:00
Nikita Sinelnikov fe88b40939 - using slashes in the callback function setting of the dropdown fields; 2022-06-08 21:24:23 +03:00
Nikita Sinelnikov 9cdf65973c - prepared for 2.4.0 release; 2022-05-24 18:29:39 +03:00
Nikita Sinelnikov e1cf3cd0d6 - small changes for the checkbox field type sanitizing; 2022-04-20 17:34:09 +03:00
yuriinalivaiko 70ab56465a - Fixed: checkbox field data type on sanitize 2022-04-19 19:56:12 +03:00
Nikita Sinelnikov 601c75ad92 - fixed #946; 
- fixed PHP notices;
 2021-12-15 02:46:47 +02:00
Nikita Sinelnikov e6e9bd17d8 - fixed using callback for member directory fields; 
- fixed "false" display name in the member directory. it displays empty for now;
- fixed function for cleaning and sanitize arrays;
 2021-12-14 02:08:15 +02:00
Nikita Sinelnikov 2fd759727b - changed version; 2021-08-23 17:13:39 +03:00
Nikita Sinelnikov b8b4ea9574 Merge pull request #841 from glendel/master 
- fixed #840;
 2021-08-23 17:09:38 +03:00
Nikita Sinelnikov 5d773256b9 - fixed profile form nonce; 
- fixed profile form getting ID and data;
- fixed class-access.php when restricted taxonomies are disabled;
 2021-08-19 12:58:13 +03:00
Nikita Sinelnikov 6a3f55b8a7 - fixed sanitizing the description field with allowed HTML inside; 2021-08-11 13:17:48 +03:00
Nikita Sinelnikov 2ed4ee96cd - fixed member directory dropdown filters; 
- code formatting for URL field type sanitizing;
 2021-08-06 01:13:02 +03:00
yuriinalivaiko 82798b3508 Don't use function esc_url_raw for social fields. 
Social string entered by user may not be an URL.
 2021-08-05 17:19:54 +03:00
Nikita Sinelnikov 415b7a8371 - fixed frontend forms sanitizing; 2021-07-15 15:22:16 +03:00
Nikita Sinelnikov 0fc2d131ee - fixed sanitizing functions; 2021-06-29 21:15:48 +03:00
Nikita Sinelnikov 07e664be80 - intermediate results with sanitizing form handlers; 2021-06-29 02:51:54 +03:00
Glendel Joubert Fyne Acosta e6e7f5c0f6 - fixed #840; 2021-05-20 10:00:17 -05:00
nikitasinelnikov a4a954b7e6 - fixed fields validation based on field's privacy settings; 2021-04-06 12:30:33 +03:00
nikitasinelnikov 5afebdd786 - Added: Ability for the integration with Gutenberg Block restriction settings (extends the block restriction settings via 3rd-party plugins); 
- Added: Invalid nonce validation on Login and Registration pages instead of wp_die()
 2020-12-04 03:54:59 +02:00
nikitasinelnikov fa13e82202 - There are changed PHP’s intval(), strval(), floatval(), and boolval() typecasting functions to (int), (string), (float) and (bool) regarding [this doc](https://make.wordpress.org/core/2020/11/20/miscellaneous-developer-focused-changes-in-wordpress-5-6/). 2020-11-24 12:55:22 +02:00
nikitasinelnikov 3e81db6fa4 - fixed security lacks in form data submissions; 2020-10-29 12:20:47 +02:00
nikitasinelnikov 255acd7c0a - fixed member directory sorting by the full name; 
- fixed registration form with not editable role field;
 2020-10-14 11:42:59 +03:00
nikitasinelnikov fa3c4f4b9e - removed Instagram extension from marketing pages; 
- fixed security lack with not editable roles field;
 2020-10-05 23:21:40 +03:00
nikitasinelnikov 042be3351a - fixed roles field; 2020-10-01 12:03:56 +03:00
nikitasinelnikov 4ac6071aa2 - fixed roles field, which isn't customized; 2020-09-22 14:30:25 +03:00
nikitasinelnikov ec1db4f5cd - fixed roles options; 2020-09-11 00:14:20 +03:00
nikitasinelnikov 19f2786e05 - fixed security vulnerability; 2020-09-08 23:13:43 +03:00
nikitasinelnikov 5e782cf922 - fixed account submission for password reset; 2020-08-03 18:06:26 +03:00