Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3306672

Timestamp:

06/04/2025 06:50:36 PM (10 months ago)

Author:

teamwpminiorange

Message:

Release social login version 7.7.0

Location:

miniorange-login-openid

Files:

: 286 added
: 3 edited

tags/7.7.0 (added)
tags/7.7.0/CustomerOpenID.php (added)
tags/7.7.0/class-mo-openid-login-widget.php (added)
tags/7.7.0/class-mo-openid-social-comment.php (added)
tags/7.7.0/class-mo-openid-social-share.php (added)
tags/7.7.0/class-mo-openid-sso-shortcode-buttons.php (added)
tags/7.7.0/includes (added)
tags/7.7.0/includes/css (added)
tags/7.7.0/includes/css/bootstrap-social.css (added)
tags/7.7.0/includes/css/bootstrap.min-preview.css (added)
tags/7.7.0/includes/css/bootstrap.min.css (added)
tags/7.7.0/includes/css/datetime-style-settings.css (added)
tags/7.7.0/includes/css/datetime-style-settings.min.css (added)
tags/7.7.0/includes/css/font-awesome.css (added)
tags/7.7.0/includes/css/font-awesome.min.css (added)
tags/7.7.0/includes/css/mo-font-awesome.css (added)
tags/7.7.0/includes/css/mo-font-awesome.min.css (added)
tags/7.7.0/includes/css/mo_openid_bootstrap-tour-standalone.css (added)
tags/7.7.0/includes/css/mo_openid_feedback.css (added)
tags/7.7.0/includes/css/mo_openid_licensing_plan.css (added)
tags/7.7.0/includes/css/mo_openid_login_icons.css (added)
tags/7.7.0/includes/css/mo_openid_style.css (added)
tags/7.7.0/includes/css/phone.css (added)
tags/7.7.0/includes/images (added)
tags/7.7.0/includes/images/account_linking.png (added)
tags/7.7.0/includes/images/bp_add (added)
tags/7.7.0/includes/images/bp_add/integrations.png (added)
tags/7.7.0/includes/images/bp_add/new_after_reg.png (added)
tags/7.7.0/includes/images/bp_add/new_before_account.png (added)
tags/7.7.0/includes/images/bp_add/new_before_reg.png (added)
tags/7.7.0/includes/images/buddypress.png (added)
tags/7.7.0/includes/images/count.png (added)
tags/7.7.0/includes/images/csv_download.png (added)
tags/7.7.0/includes/images/demo_mailchimp.png (added)
tags/7.7.0/includes/images/email_verify.png (added)
tags/7.7.0/includes/images/flags16.png (added)
tags/7.7.0/includes/images/green_check.png (added)
tags/7.7.0/includes/images/icons (added)
tags/7.7.0/includes/images/icons/baidu.png (added)
tags/7.7.0/includes/images/icons/discords.png (added)
tags/7.7.0/includes/images/icons/disq.png (added)
tags/7.7.0/includes/images/icons/disqus.png (added)
tags/7.7.0/includes/images/icons/fb.png (added)
tags/7.7.0/includes/images/icons/fitbit.png (added)
tags/7.7.0/includes/images/icons/g.png (added)
tags/7.7.0/includes/images/icons/kaka.png (added)
tags/7.7.0/includes/images/icons/kakao.png (added)
tags/7.7.0/includes/images/icons/livejournal.png (added)
tags/7.7.0/includes/images/icons/mailru.png (added)
tags/7.7.0/includes/images/icons/naver.png (added)
tags/7.7.0/includes/images/icons/share_icons (added)
tags/7.7.0/includes/images/icons/share_icons/facebook_like.png (added)
tags/7.7.0/includes/images/icons/share_icons/facebook_recommend.png (added)
tags/7.7.0/includes/images/icons/share_icons/pinterest_pin.png (added)
tags/7.7.0/includes/images/icons/strava.png (added)
tags/7.7.0/includes/images/icons/teamsnap.png (added)
tags/7.7.0/includes/images/icons/zoom.png (added)
tags/7.7.0/includes/images/logo.png (added)
tags/7.7.0/includes/images/mailchimp.png (added)
tags/7.7.0/includes/images/mailchimp_logo.png (added)
tags/7.7.0/includes/images/miniOrange.png (added)
tags/7.7.0/includes/images/miniOrange_logo.png (added)
tags/7.7.0/includes/images/miniorange_icon.png (added)
tags/7.7.0/includes/images/mmp (added)
tags/7.7.0/includes/images/mmp/membership-1.png (added)
tags/7.7.0/includes/images/mmp/membership-2.png (added)
tags/7.7.0/includes/images/mmp/membership-3.png (added)
tags/7.7.0/includes/images/mmp/mmp_4.png (added)
tags/7.7.0/includes/images/modt_apps.png (added)
tags/7.7.0/includes/images/modt_bp.png (added)
tags/7.7.0/includes/images/modt_mc.png (added)
tags/7.7.0/includes/images/modt_pmpro.png (added)
tags/7.7.0/includes/images/modt_sc.png (added)
tags/7.7.0/includes/images/modt_wc_new.png (added)
tags/7.7.0/includes/images/most_visited_reports.png (added)
tags/7.7.0/includes/images/paidmember.png (added)
tags/7.7.0/includes/images/pmp (added)
tags/7.7.0/includes/images/pmp/pmp_1.png (added)
tags/7.7.0/includes/images/pmp/pmp_2.png (added)
tags/7.7.0/includes/images/pmp/pmp_3.png (added)
tags/7.7.0/includes/images/pmp/pmp_4.png (added)
tags/7.7.0/includes/images/profile_completion.png (added)
tags/7.7.0/includes/images/rest_api5.gif (added)
tags/7.7.0/includes/images/rest_api8.jpg (added)
tags/7.7.0/includes/images/rest_api_image.png (added)
tags/7.7.0/includes/images/sample.png (added)
tags/7.7.0/includes/images/support.png (added)
tags/7.7.0/includes/images/usage_share_reports.png (added)
tags/7.7.0/includes/images/wait.gif (added)
tags/7.7.0/includes/images/wca (added)
tags/7.7.0/includes/images/wca/1_before_login.png (added)
tags/7.7.0/includes/images/wca/2_login.png (added)
tags/7.7.0/includes/images/wca/3_after_login.png (added)
tags/7.7.0/includes/images/wca/4_before_reg.png (added)
tags/7.7.0/includes/images/wca/5_in_reg.png (added)
tags/7.7.0/includes/images/wca/6_after_reg.png (added)
tags/7.7.0/includes/images/wca/7_before_checkout.png (added)
tags/7.7.0/includes/images/wca/8_after_checkout.png (added)
tags/7.7.0/includes/images/wca/wcai.png (added)
tags/7.7.0/includes/images/white_theme_ad.png (added)
tags/7.7.0/includes/images/woocommerce.png (added)
tags/7.7.0/includes/images/wrong.png (added)
tags/7.7.0/includes/js (added)
tags/7.7.0/includes/js/mo-openid-bootstrap.min.js (added)
tags/7.7.0/includes/js/mo-openid-config-jquery-ui.js (added)
tags/7.7.0/includes/js/mo-openid-jquery.min.js (added)
tags/7.7.0/includes/js/mo-openid-social_login.js (added)
tags/7.7.0/includes/js/mo_openid_bootstrap-tour-standalone.min.js (added)
tags/7.7.0/includes/js/mo_openid_jquery.cookie.min.js (added)
tags/7.7.0/includes/js/mo_openid_phone.js (added)
tags/7.7.0/includes/js/mo_openid_settings.js (added)
tags/7.7.0/includes/js/mo_openid_settings_popup.js (added)
tags/7.7.0/includes/js/social (added)
tags/7.7.0/includes/js/social/fb_comment.js (added)
tags/7.7.0/includes/jscolor (added)
tags/7.7.0/includes/jscolor/arrow.gif (added)
tags/7.7.0/includes/jscolor/cross.gif (added)
tags/7.7.0/includes/jscolor/hs.png (added)
tags/7.7.0/includes/jscolor/hv.png (added)
tags/7.7.0/includes/jscolor/jscolor.js (added)
tags/7.7.0/includes/webfonts (added)
tags/7.7.0/includes/webfonts/fa-brands-400.eot (added)
tags/7.7.0/includes/webfonts/fa-brands-400.svg (added)
tags/7.7.0/includes/webfonts/fa-brands-400.ttf (added)
tags/7.7.0/includes/webfonts/fa-brands-400.woff (added)
tags/7.7.0/includes/webfonts/fa-brands-400.woff2 (added)
tags/7.7.0/includes/webfonts/fa-regular-400.eot (added)
tags/7.7.0/includes/webfonts/fa-regular-400.svg (added)
tags/7.7.0/includes/webfonts/fa-regular-400.ttf (added)
tags/7.7.0/includes/webfonts/fa-regular-400.woff (added)
tags/7.7.0/includes/webfonts/fa-regular-400.woff2 (added)
tags/7.7.0/includes/webfonts/fa-solid-900.eot (added)
tags/7.7.0/includes/webfonts/fa-solid-900.svg (added)
tags/7.7.0/includes/webfonts/fa-solid-900.ttf (added)
tags/7.7.0/includes/webfonts/fa-solid-900.woff (added)
tags/7.7.0/includes/webfonts/fa-solid-900.woff2 (added)
tags/7.7.0/lang (added)
tags/7.7.0/lang/miniorange-login-openid-hi_IN.mo (added)
tags/7.7.0/lang/miniorange-login-openid-hi_IN.po (added)
tags/7.7.0/lang/miniorange-login-openid-ja.mo (added)
tags/7.7.0/lang/miniorange-login-openid-ja.po (added)
tags/7.7.0/lang/miniorange-login-openid-zh_CN.mo (added)
tags/7.7.0/lang/miniorange-login-openid-zh_CN.po (added)
tags/7.7.0/lang/miniorange-login-openid.pot (added)
tags/7.7.0/miniorange_openid_sso_settings.php (added)
tags/7.7.0/miniorange_openid_sso_settings_page.php (added)
tags/7.7.0/mo-openid-social-login-functions.php (added)
tags/7.7.0/mo_openid_Language.php (added)
tags/7.7.0/mo_openid_feedback_form.php (added)
tags/7.7.0/mo_openid_sso_encryption.php (added)
tags/7.7.0/readme.txt (added)
tags/7.7.0/social_apps (added)
tags/7.7.0/social_apps/amazon.php (added)
tags/7.7.0/social_apps/apple.php (added)
tags/7.7.0/social_apps/baidu.php (added)
tags/7.7.0/social_apps/discord.php (added)
tags/7.7.0/social_apps/disqus.php (added)
tags/7.7.0/social_apps/dribbble.php (added)
tags/7.7.0/social_apps/dropbox.php (added)
tags/7.7.0/social_apps/facebook.php (added)
tags/7.7.0/social_apps/fitbit.php (added)
tags/7.7.0/social_apps/flickr.php (added)
tags/7.7.0/social_apps/foursquare.php (added)
tags/7.7.0/social_apps/github.php (added)
tags/7.7.0/social_apps/gitlab.php (added)
tags/7.7.0/social_apps/google.php (added)
tags/7.7.0/social_apps/hubspot.php (added)
tags/7.7.0/social_apps/instagram.php (added)
tags/7.7.0/social_apps/kakao.php (added)
tags/7.7.0/social_apps/line.php (added)
tags/7.7.0/social_apps/linkedin.php (added)
tags/7.7.0/social_apps/linkedin_oidc.php (added)
tags/7.7.0/social_apps/livejournal.php (added)
tags/7.7.0/social_apps/mailchimp.php (added)
tags/7.7.0/social_apps/mailru.php (added)
tags/7.7.0/social_apps/meetup.php (added)
tags/7.7.0/social_apps/mo_openid_configured_apps_funct.php (added)
tags/7.7.0/social_apps/naver.php (added)
tags/7.7.0/social_apps/odnoklassniki.php (added)
tags/7.7.0/social_apps/paypal.php (added)
tags/7.7.0/social_apps/pinterest.php (added)
tags/7.7.0/social_apps/qq.php (added)
tags/7.7.0/social_apps/reddit.php (added)
tags/7.7.0/social_apps/renren.php (added)
tags/7.7.0/social_apps/salesforce.php (added)
tags/7.7.0/social_apps/slack.php (added)
tags/7.7.0/social_apps/snapchat.php (added)
tags/7.7.0/social_apps/spotify.php (added)
tags/7.7.0/social_apps/stackexchange.php (added)
tags/7.7.0/social_apps/stackoverflow.php (added)
tags/7.7.0/social_apps/steam.php (added)
tags/7.7.0/social_apps/strava.php (added)
tags/7.7.0/social_apps/teamsnap.php (added)
tags/7.7.0/social_apps/trello.php (added)
tags/7.7.0/social_apps/tumblr.php (added)
tags/7.7.0/social_apps/twitch.php (added)
tags/7.7.0/social_apps/twitter.php (added)
tags/7.7.0/social_apps/vimeo.php (added)
tags/7.7.0/social_apps/vkontakte.php (added)
tags/7.7.0/social_apps/wechat.php (added)
tags/7.7.0/social_apps/wiebo.php (added)
tags/7.7.0/social_apps/windowslive.php (added)
tags/7.7.0/social_apps/wordpress.php (added)
tags/7.7.0/social_apps/yahoo.php (added)
tags/7.7.0/social_apps/yandex.php (added)
tags/7.7.0/social_apps/youtube.php (added)
tags/7.7.0/social_apps/zoom.php (added)
tags/7.7.0/uninstall.php (added)
tags/7.7.0/view (added)
tags/7.7.0/view/add_on (added)
tags/7.7.0/view/add_on/custom_registration_form.php (added)
tags/7.7.0/view/add_on/mo_buddypress_add_on.php (added)
tags/7.7.0/view/add_on/mo_discord_add_on.php (added)
tags/7.7.0/view/add_on/mo_hubspot_add_on.php (added)
tags/7.7.0/view/add_on/mo_mailchimp_add_on.php (added)
tags/7.7.0/view/add_on/mo_woocommerce_add_on.php (added)
tags/7.7.0/view/config_apps (added)
tags/7.7.0/view/config_apps/mo_openid_config_apps.php (added)
tags/7.7.0/view/config_apps/mo_openid_config_apps_funct.php (added)
tags/7.7.0/view/customise_social_icons (added)
tags/7.7.0/view/customise_social_icons/mo_openid_cust_icons.php (added)
tags/7.7.0/view/disp_options (added)
tags/7.7.0/view/disp_options/mo_openid_dispopt.php (added)
tags/7.7.0/view/doc_tab (added)
tags/7.7.0/view/doc_tab/mo_openid_doc_tab.php (added)
tags/7.7.0/view/email_settings (added)
tags/7.7.0/view/email_settings/mo_openid_email_settings_functions.php (added)
tags/7.7.0/view/email_settings/mo_openid_set_email.php (added)
tags/7.7.0/view/integration (added)
tags/7.7.0/view/integration/mo_openid_integrate.php (added)
tags/7.7.0/view/licensing_plans (added)
tags/7.7.0/view/licensing_plans/mo_openid_lic_plans.php (added)
tags/7.7.0/view/link_social_account (added)
tags/7.7.0/view/link_social_account/mo_openid_Acclink.php (added)
tags/7.7.0/view/premium_features (added)
tags/7.7.0/view/premium_features/mo_openid_prem_feat.php (added)
tags/7.7.0/view/profile (added)
tags/7.7.0/view/profile/mo_openid_profile.php (added)
tags/7.7.0/view/profile_completion (added)
tags/7.7.0/view/profile_completion/mo_openid_prof_comp.php (added)
tags/7.7.0/view/profile_completion/mo_openid_prof_comp_funct.php (added)
tags/7.7.0/view/rate_us (added)
tags/7.7.0/view/rate_us/rate_us.php (added)
tags/7.7.0/view/recaptcha (added)
tags/7.7.0/view/recaptcha/mo_openid_recap.php (added)
tags/7.7.0/view/redirect_options (added)
tags/7.7.0/view/redirect_options/mo_openid_redirect_op.php (added)
tags/7.7.0/view/registration (added)
tags/7.7.0/view/registration/mo_openid_registration.php (added)
tags/7.7.0/view/reports (added)
tags/7.7.0/view/reports/mo_openid_reports.php (added)
tags/7.7.0/view/rest_api (added)
tags/7.7.0/view/rest_api/mo_rest_api_page.php (added)
tags/7.7.0/view/shrtco (added)
tags/7.7.0/view/shrtco/mo_openid_shrtco.php (added)
tags/7.7.0/view/soc_com (added)
tags/7.7.0/view/soc_com/com_Cust (added)
tags/7.7.0/view/soc_com/com_Cust/class-mo-openid-social-comment.php (added)
tags/7.7.0/view/soc_com/com_Cust/mo_openid_comm_cust.php (added)
tags/7.7.0/view/soc_com/com_Enable (added)
tags/7.7.0/view/soc_com/com_Enable/mo_openid_comm_enable.php (added)
tags/7.7.0/view/soc_com/com_display_options (added)
tags/7.7.0/view/soc_com/com_display_options/mo_openid_comm_disp_opt.php (added)
tags/7.7.0/view/soc_com/com_select_app (added)
tags/7.7.0/view/soc_com/com_select_app/mo_openid_comm_select_app.php (added)
tags/7.7.0/view/soc_com/com_shrtco (added)
tags/7.7.0/view/soc_com/com_shrtco/comm_shrtco.php (added)
tags/7.7.0/view/soc_sha (added)
tags/7.7.0/view/soc_sha/cust_text (added)
tags/7.7.0/view/soc_sha/cust_text/mo_openid_cust_shricon.php (added)
tags/7.7.0/view/soc_sha/disp_shropt (added)
tags/7.7.0/view/soc_sha/disp_shropt/mo_openid_disp_shropt.php (added)
tags/7.7.0/view/soc_sha/share_cnt (added)
tags/7.7.0/view/soc_sha/share_cnt/mo_openid_shrcnt.php (added)
tags/7.7.0/view/soc_sha/shrt_co (added)
tags/7.7.0/view/soc_sha/shrt_co/mo_openid_shrtco.php (added)
tags/7.7.0/view/soc_sha/soc_apps (added)
tags/7.7.0/view/soc_sha/soc_apps/mo_openid_sharing.php (added)
tags/7.7.0/view/soc_sha/soc_med_cust (added)
tags/7.7.0/view/soc_sha/soc_med_cust/mo_openid_social_media_cust.php (added)
tags/7.7.0/view/soc_sha/soc_med_ser (added)
tags/7.7.0/view/soc_sha/soc_med_ser/mo_openid_social_media_services.php (added)
tags/7.7.0/view/soc_sha/twitter_btn (added)
tags/7.7.0/view/soc_sha/twitter_btn/mo_twitter_btn.php (added)
tags/7.7.0/view/support_form (added)
tags/7.7.0/view/support_form/miniorange_openid_support_form.php (added)
trunk/miniorange_openid_sso_settings.php (modified) (2 diffs)
trunk/mo-openid-social-login-functions.php (modified) (2 diffs)
trunk/readme.txt (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

miniorange-login-openid/trunk/miniorange_openid_sso_settings.php

-                      r3297954
+                      r3306672
  * Plugin URI: https://www.miniorange.com
  * Description: Allow your users to login, comment and share with Facebook, Google, Apple, Twitter, LinkedIn etc using customizable buttons.
  * Version: 7.6.10
+ * Version: 7.7.0
  * Author: <a href="https://www.miniorange.com/">miniOrange</a>
  * License: Expat
 …
  */
 define( 'MO_OPENID_SOCIAL_LOGIN_VERSION', '7.6.10' );
+define( 'MO_OPENID_SOCIAL_LOGIN_VERSION', '7.7.0' );
 define( 'PLUGIN_URL', esc_url( plugin_dir_url( __FILE__ ) ) . 'includes/images/icons/' );
 define( 'MOSL_PLUGIN_DIR', str_replace( '/', '\\', plugin_dir_path( __FILE__ ) ) );

miniorange-login-openid/trunk/mo-openid-social-login-functions.php

-                      r2999714
+                      r3306672
+}
+// Whitelist of allowed social apps
+function mo_openid_get_allowed_social_apps() {
+    return array(
+        'amazon',
+        'apple',
+        'baidu',
+        'discord',
+        'dribbble',
+        'disqus',
+        'dropbox',
+        'facebook',
+        'flickr',
+        'fitbit',
+        'foursquare',
+        'github',
+        'gitlab',
+        'google',
+        'hubspot',
+        'instagram',
+        'kakao',
+        'line',
+        'linkedin',
+        'linkedin_oidc',
+        'livejournal',
+        'mailchimp',
+        'mailru',
+        'meetup',
+        'naver',
+        'odnoklassniki',
+        'paypal',
+        'pinterest',
+        'qq',
+        'reddit',
+        'renren',
+        'salesforce',
+        'slack',
+        'snapchat',
+        'spotify',
+        'stackexchange',
+        'stackoverflow',
+        'steam',
+        'strava',
+        'teamsnap',
+        'trello',
+        'tumblr',
+        'twitch',
+        'twitter',
+        'vimeo',
+        'vkontakte',
+        'wechat',
+        'wiebo',
+        'windowslive',
+        'wordpress',
+        'yahoo',
+        'yandex',
+        'youtube',
+        'zoom'
+    );
+}
+function mo_openid_validate_social_app($appname) {
+    $allowed_apps = mo_openid_get_allowed_social_apps();
+    return in_array(strtolower($appname), $allowed_apps);
+}
 function mo_openid_custom_app_oauth_redirect( $appname ) {
+    if (!mo_openid_validate_social_app($appname)) {
+        wp_die('Invalid social app specified.');
+    }
     if ( isset( $_REQUEST['test'] ) ) {     // phpcs:ignore
         setcookie( 'mo_oauth_test', true );
 …
         $appname = 'yahoo';
+    }
+    // Validate the appname against whitelist
+    if (!mo_openid_validate_social_app($appname)) {
+        wp_die('Invalid social app specified.');
+    }
     require 'social_apps/' . $appname . '.php';
     $mo_appname     = 'mo_' . $appname;

miniorange-login-openid/trunk/readme.txt

-                      r3297954
+                      r3306672
 Requires at least: 2.0.2
 Tested up to: 6.8
 Stable tag: 7.6.10
+Stable tag: 7.7.0
 Requires PHP: 5.4
 License: Expat
 …
 ==Changelog==
+= 7.7.0 =
+* Added filter to appname to prevent potential LFI risk
 = 7.6.10 =
 * Added compatibility with WP 6.8
 …
 == Upgrade Notice ==
+= 7.7.0 =
+* Added filter to appname to prevent potential LFI risk
 = 7.6.10 =
 * Added compatibility with WP 6.8

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory