WordPress.org
Get WordPress

Plugin Directory

Changeset 3434480


Ignore:
Timestamp:
01/07/2026 03:45:09 PM (6 weeks ago)
Author:
codeadapted
Message:

Release version 1.1.2

Location:
multisite-author-bio/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • multisite-author-bio/trunk/classes/mab-frontend.php

    r3252610 r3434480  
    1111    public function __construct() {
    1212
    13         // Hook into the author bio filter
    14         add_filter( 'get_the_author_user_description', array( $this, 'mab_author_description_filter' ) );
     13        // Hook into the author bio filter with priority 10 and 2 accepted arguments
     14        add_filter( 'get_the_author_user_description', array( $this, 'mab_author_description_filter' ), 10, 2 );
    1515
    1616    }
     
    1919     * Override standard user bio if translation exists for the current site.
    2020     *
    21      * @param   string $bio The standard user bio.
     21     * @param   string $bio     The standard user bio.
     22     * @param   int    $user_id The user ID (passed by the filter).
    2223     * @return  string Either the standard user bio or the translated one for the multisite.
    2324     */
    24     public function mab_author_description_filter( $bio ) {
     25    public function mab_author_description_filter( $bio, $user_id = 0 ) {
    2526
    2627        // Get current site's host
    2728        $site_slug = $this->mab_get_current_site_slug();
    2829
    29         // Get the post's author ID
    30         $user_id = get_post_field( 'post_author', get_the_ID() );
     30        // Get user ID from filter parameter, fallback to post author if not provided
     31        if ( empty( $user_id ) ) {
     32            $user_id = get_post_field( 'post_author', get_the_ID() );
     33        }
     34
     35        // If we still don't have a user ID, return original bio
     36        if ( empty( $user_id ) ) {
     37            return $bio;
     38        }
    3139
    3240        // Get the user's bio variation for the current site

  • multisite-author-bio/trunk/classes/mab-user-setup.php

    r3158266 r3434480  
    8181        $user_id = isset( $_POST['user_id'] ) ? absint( $_POST['user_id'] ) : 0;
    8282
     83        // Authorization check - ensure current user can edit the target user
     84        if ( ! current_user_can( 'edit_user', $user_id ) ) {
     85            wp_send_json_error( array( 'message' => __( 'You do not have permission to access this user\'s data.', 'multisite-author-bio' ) ) );
     86            return;
     87        }
     88
    8389        // Retrieve user meta for the selected site
    8490        $bio_variation = get_user_meta( $user_id, 'mab_profile_bio_' . $site_name, true );
     
    111117        foreach ( $sites as $site ) {
    112118            if ( $site->blog_id != $main_site_id ) {
    113                 $site_slug = explode( '.', $site->siteurl )[0];
    114                 $site_slug = str_replace( array( 'http://', 'https://' ), '', $site_slug );
     119                $site_slug = $this->mab_get_site_slug_from_url( $site->siteurl );
    115120                if ( $site_slug ) {
    116                     $options .= '<option value="' . esc_html( $site_slug ) . '"' . selected( $current_site_id, $site->blog_id, false ) . '>' . strtoupper( esc_html( $site_slug ) ) . '</option>';
     121                    $options .= '<option value="' . esc_attr( $site_slug ) . '"' . selected( $current_site_id, $site->blog_id, false ) . '>' . strtoupper( esc_html( $site_slug ) ) . '</option>';
    117122                }
    118123            }
     
    121126        // Return
    122127        return ! empty( $options ) ? $options : false;
     128
     129    }
     130
     131    /**
     132     * Extract the site slug from a site URL.
     133     * Handles both subdomain and subdirectory multisite configurations.
     134     *
     135     * @param   string $site_url The site URL to parse.
     136     * @return  string The sanitized site slug.
     137     */
     138    private function mab_get_site_slug_from_url( $site_url ) {
     139
     140        $parsed_url = wp_parse_url( $site_url );
     141       
     142        $domain = isset( $parsed_url['host'] ) ? $parsed_url['host'] : '';
     143        $path = isset( $parsed_url['path'] ) ? trim( $parsed_url['path'], '/' ) : '';
     144
     145        if ( ! empty( $path ) ) {
     146            // For path-based multisites (e.g., example.com/es)
     147            $slug = sanitize_title( $path );
     148        } else {
     149            // For domain-based multisites (e.g., es.example.com)
     150            $parts = explode( '.', $domain );
     151            $slug = ( count( $parts ) > 2 ) ? sanitize_title( $parts[0] ) : sanitize_title( $parts[0] );
     152        }
     153
     154        return $slug;
    123155
    124156    }
     
    179211    public function mab_save_custom_user_profile_fields( $user_id ) {
    180212       
    181         // Ensure only administrators can update this field
    182         if ( ! current_user_can( 'manage_network_options' ) ) {
     213        // Ensure the current user can edit this user's profile
     214        if ( ! current_user_can( 'edit_user', $user_id ) ) {
    183215            return false;
    184216        }

  • multisite-author-bio/trunk/multisite-author-bio.php

    r3252610 r3434480  
    33* Plugin Name:  Multisite Author Bio
    44* Description:  Allows you to add unique user biographical information for each Multisite instance.
    5 * Version:      1.1.0
     5* Version:      1.1.1
    66* Author:       CodeAdapted
    77* Author URI:   https://codeadapted.com
     
    3030
    3131        /** @var string The plugin version number. */
    32         var $version = '1.1.0';
     32        var $version = '1.1.1';
    3333
    3434        /** @var string Shortcuts. */

  • multisite-author-bio/trunk/readme.txt

    r3395235 r3434480  
    44Requires at least: 5.0
    55Tested up to: 6.8.1
    6 Stable tag: 1.1.1
     6Stable tag: 1.1.2
    77License: GPLv2 or later
    88License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    1212== Description ==
    1313
    14 Multisite Author Bio simplifies managing unique user biographical information across multiple sites in a WordPress Multisite network. This plugin allows administrators to update author bios from a single user edit page, streamlining the process of managing bio variations across different sites without having to switch between site dashboards.
     14Multisite Author Bio simplifies managing unique user biographical information across multiple sites in a WordPress Multisite network. This plugin allows administrators and editors to update author bios from a single user edit page, streamlining the process of managing bio variations across different sites without having to switch between site dashboards.
    1515
    1616= Features =
     
    7171== Changelog ==
    7272
     73= 1.1.2 =
     74* Security: Added authorization checks to AJAX endpoint to verify user permissions.
     75* Fixed capability check to use edit_user instead of manage_network_options, allowing Editors and Admins to manage bio variations.
     76* Fixed frontend bio filter to properly receive user ID from filter parameter, improving reliability in author archives, widgets, and REST API contexts.
     77* Fixed site slug generation in admin to be consistent with frontend for subdirectory multisite installations.
     78
    7379= 1.1.1 =
    7480* Apply view.php patch
Note: See TracChangeset for help on using the changeset viewer.