Changeset 3483392

Timestamp:

03/16/2026 04:32:49 AM (2 weeks ago)

Author:

htplugins

Message:

Update to version 1.5.3 from GitHub

Location:

wishsuite

Files:

• tags/1.5.3 (copied) (copied from wishsuite/trunk)
• tags/1.5.3/includes/classes/Admin/Wishlist_Table_List.php (modified) (3 diffs)
• tags/1.5.3/includes/classes/Frontend/Manage_Wishlist.php (modified) (8 diffs)
• tags/1.5.3/includes/classes/Installer.php (modified) (3 diffs)
• tags/1.5.3/includes/classes/Manage_Data.php (modified) (5 diffs)
• tags/1.5.3/readme.txt (modified) (2 diffs)
• tags/1.5.3/wishsuite.php (modified) (4 diffs)
• trunk/includes/classes/Admin/Wishlist_Table_List.php (modified) (3 diffs)
• trunk/includes/classes/Frontend/Manage_Wishlist.php (modified) (8 diffs)
• trunk/includes/classes/Installer.php (modified) (3 diffs)
• trunk/includes/classes/Manage_Data.php (modified) (5 diffs)
• trunk/readme.txt (modified) (2 diffs)
• trunk/wishsuite.php (modified) (4 diffs)

wishsuite/tags/1.5.3/includes/classes/Admin/Wishlist_Table_List.php

@@ -25 +25 @@
     private $order_by;
     private $order;
+    private $total_items = 0;
 
     public function __construct() {
@@ -56 +57 @@
         ];
         if($this->user_id === '') {
-            $data = Manage_Data::instance()->getWishlist( $query_args )['items'];
+            $result = Manage_Data::instance()->getWishlist( $query_args );
         }
         if($this->user_id && $this->user_id !== '') {
             $query_args = array_merge($query_args, ['user_id'=>$this->user_id]);
-            $data = Manage_Data::instance()->getWishlistByUserId( $query_args )['items'];
-        }
-        $this->items= $data;
+            $result = Manage_Data::instance()->getWishlistByUserId( $query_args );
+        }
+        $this->items = $result['items'] ?? [];
+        $this->total_items = $result['total_items'] ?? 0;
     }
     
@@ -210 +212 @@
     function prepare_items(){
         $this->_column_headers = array($this->get_columns(),array('id'),$this->get_sortable_columns());
-        $total_items = 0;
-
-        $query_args = [
-            'limit'=>$this->limit,
-            'offset'=>$this->offset,
-            'orderby'=>$this->order_by,
-            'order'=>$this->order
-        ];
-
-        if($this->user_id === '') {
-            $result = Manage_Data::instance()->getWishlist( $query_args );
-            $total_items = $result['total_items'];
-        }
-        if($this->user_id && $this->user_id !== '' ) {
-            $query_args = array_merge($query_args, ['user_id'=>$this->user_id]);
-            $result = Manage_Data::instance()->getWishlistByUserId( $query_args );
-            $total_items = $result['total_items'];
-        }
 
         $this->set_pagination_args( [
-            'total_items' => $total_items,
+            'total_items' => $this->total_items,
             'per_page'    => $this->limit
         ] );

wishsuite/tags/1.5.3/includes/classes/Frontend/Manage_Wishlist.php

@@ -31 +31 @@
 
     /**
+     * Request-level cache for wishlist product IDs
+     * @var array|null
+     */
+    private static $cached_wishlist = null;
+
+    /**
      * [instance] Initializes a singleton instance
      * @return [Manage_Wishlist]
@@ -60 +66 @@
      */
     public function add_product( $id ){
+        self::$cached_wishlist = null;
 
         $user_id = get_current_user_id();
@@ -104 +111 @@
         }
 
+        self::$cached_wishlist = null;
         return $add_status;
 
@@ -114 +122 @@
      */
     public function remove_product( $id ){
+        self::$cached_wishlist = null;
+
         $user_id = get_current_user_id();
         $delete_status = false;
@@ -155 +165 @@
         }
 
+        self::$cached_wishlist = null;
         return $delete_status;
     }
@@ -479 +490 @@
     public function get_wishlist_products(){
 
+        if ( self::$cached_wishlist !== null ) {
+            return self::$cached_wishlist;
+        }
+
         if( is_user_logged_in() ){
             $items = \WishSuite\Manage_Data::instance()->read();
@@ -485 +500 @@
                 $ids[] = $item['product_id'];
             }
+            self::$cached_wishlist = $ids;
             return $ids;
         }else{
             $cookie_name = $this->get_cookie_name();
-            // return isset( $_COOKIE[ $cookie_name ] ) ? array_map( 'sanitize_text_field', json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) ) : array();
             if( isset( $_COOKIE[ $cookie_name ] ) && is_array( json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) ) ){
-                return array_map( 'sanitize_text_field', json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) );
+                $result = array_map( 'sanitize_text_field', json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) );
             }else{
-                return array();
-            }
+                $result = array();
+            }
+            self::$cached_wishlist = $result;
+            return $result;
         }
 
@@ -504 +521 @@
      */
     public function is_product_in_wishlist( $id ) {
+        if ( is_user_logged_in() ) {
+            $item = \WishSuite\Manage_Data::instance()->read_single_item( get_current_user_id(), (int) $id );
+            return ! empty( $item );
+        }
+
         $id = (string) $id;
         $list = $this->get_wishlist_products();
-        if ( is_array( $list ) ) {
-            return in_array( $id, $list, true );
-        }else{
-            return false;
-        }
+        return is_array( $list ) && in_array( $id, $list, true );
     }
 

wishsuite/tags/1.5.3/includes/classes/Installer.php

@@ -50 +50 @@
         }
 
-        $schema = "CREATE TABLE IF NOT EXISTS `{$wpdb->prefix}wishsuite_list` (
+        $schema = "CREATE TABLE `{$wpdb->prefix}wishsuite_list` (
           `id` bigint( 20 ) unsigned NOT NULL AUTO_INCREMENT,
           `user_id` bigint( 20 ) NULL DEFAULT NULL,
@@ -56 +56 @@
           `quantity` int(11) NULL DEFAULT NULL,
           `date_added` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-          PRIMARY KEY (`id`)
+          PRIMARY KEY (`id`),
+          KEY `idx_user_id` (`user_id`),
+          KEY `idx_product_id` (`product_id`),
+          KEY `idx_user_product` (`user_id`, `product_id`)
         ) $charset_collate";
 
@@ -64 +67 @@
 
         dbDelta( $schema );
+
+        $this->maybe_add_indexes();
+    }
+
+    /**
+     * Add missing indexes to the wishlist table via direct SQL.
+     * Handles existing installs where dbDelta may not have created indexes.
+     *
+     * @return void
+     */
+    public function maybe_add_indexes() {
+        global $wpdb;
+        $table = $wpdb->prefix . 'wishsuite_list';
+
+        if ( $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $table ) ) !== $table ) {
+            return;
+        }
+
+        $existing = $wpdb->get_results( "SHOW INDEX FROM `{$table}`", ARRAY_A );
+        $existing_names = array_column( $existing, 'Key_name' );
+
+        $indexes = [
+            'idx_user_id'      => '(`user_id`)',
+            'idx_product_id'   => '(`product_id`)',
+            'idx_user_product' => '(`user_id`, `product_id`)',
+        ];
+
+        foreach ( $indexes as $name => $columns ) {
+            if ( ! in_array( $name, $existing_names, true ) ) {
+                $wpdb->query( "ALTER TABLE `{$table}` ADD INDEX `{$name}` {$columns}" );
+            }
+        }
     }
 

wishsuite/tags/1.5.3/includes/classes/Manage_Data.php

@@ -21 +21 @@
         }
         return self::$_instance;
+    }
+
+    /**
+     * Sanitize orderby column against a whitelist.
+     *
+     * @param  string $orderby
+     * @return string
+     */
+    private function sanitize_orderby( $orderby ) {
+        $allowed = [ 'id', 'product_id', 'user_id', 'quantity', 'date_added' ];
+        return in_array( $orderby, $allowed, true ) ? $orderby : 'id';
+    }
+
+    /**
+     * Sanitize order direction.
+     *
+     * @param  string $order
+     * @return string
+     */
+    private function sanitize_order( $order ) {
+        $order = strtoupper( $order );
+        return in_array( $order, [ 'ASC', 'DESC' ], true ) ? $order : 'ASC';
     }
 
@@ -93 +115 @@
         $cache_key    = "all:$key:$last_changed";
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT * FROM {$wpdb->prefix}wishsuite_list
             WHERE user_id = %d
-            ORDER BY %s %s",
-            $args['user_id'], $args['orderby'], $args['order']
+            ORDER BY {$orderby} {$order}",
+            $args['user_id']
         );
 
@@ -136 +161 @@
         $total_items = (int) $wpdb->get_var($total_items_sql);
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT *, COUNT(*) AS product_count
             FROM {$wpdb->prefix}wishsuite_list AS wishlists
             GROUP BY wishlists.product_id
-            ORDER BY %s %s
+            ORDER BY {$orderby} {$order}
             LIMIT %d OFFSET %d",
-            $args['orderby'], $args['order'], $args['limit'], $args['offset']
+            $args['limit'], $args['offset']
         );
         $items = wp_cache_get( $cache_key, 'wishsuite' );
@@ -181 +209 @@
         $total_items = (int) $wpdb->get_var($total_items_sql);
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT *, COUNT(*) AS product_count
             FROM {$wpdb->prefix}wishsuite_list AS wishlists
             GROUP BY wishlists.user_id
-            ORDER BY %s %s
+            ORDER BY {$orderby} {$order}
             LIMIT %d OFFSET %d",
-            $args['orderby'], $args['order'], $args['limit'], $args['offset']
+            $args['limit'], $args['offset']
         );
         $items = wp_cache_get( $cache_key, 'wishsuite' );
@@ -227 +258 @@
         $total_items = $wpdb->get_var($total_items_sql);
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT *
             FROM {$wpdb->prefix}wishsuite_list AS wishlists
             WHERE wishlists.user_id = %d
-            ORDER BY %s %s
+            ORDER BY {$orderby} {$order}
             LIMIT %d OFFSET %d",
-            $args['user_id'], $args['orderby'], $args['order'], $args['limit'], $args['offset']
+            $args['user_id'], $args['limit'], $args['offset']
         );
         $items = wp_cache_get( $cache_key, 'wishsuite' );

wishsuite/tags/1.5.3/readme.txt

@@ -4 +4 @@
 Requires at least: 5.0
 Tested up to: 6.9
-Stable tag: 1.5.2
+Stable tag: 1.5.3
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html 
@@ -106 +106 @@
 
 == Changelog ==
+
+= Version: 1.5.3 - Date: 2026-03-16 =
+* Improved: Request-level caching for wishlist queries.
+* Improved: Optimized wishlist lookup for logged-in users.
+* Fixed: SQL injection risk in ORDER BY clauses.
 
 = Version: 1.5.2 - Date: 2025-12-14 =

wishsuite/tags/1.5.3/wishsuite.php

@@ -6 +6 @@
  * Author: HasThemes
  * Author URI: https://hasthemes.com/
- * Version: 1.5.2
+ * Version: 1.5.3
  * License: GPL2 or later
  * License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -26 +26 @@
      * @var string
      */
-    const version = '1.5.2';
+    const version = '1.5.3';
 
     /**
@@ -52 +52 @@
         $this->includes();
         register_activation_hook( WISHSUITE_FILE, [ $this, 'activate' ] );
-        if( empty( get_option('wishsuite_version', '') ) ){
-            $this->activate();
+        if ( version_compare( get_option( 'wishsuite_version', '' ), WISHSUITE_VERSION, '<' ) ) {
+            $this->maybe_upgrade();
         }
         add_action( 'init', [ $this, 'i18n' ] );
@@ -143 +143 @@
 
     /**
+     * Run upgrade routines when the plugin version changes.
+     * Only updates the DB schema and version — no page creation or redirects.
+     *
+     * @return void
+     */
+    public function maybe_upgrade() {
+        $installer = new WishSuite\Installer();
+        $installer->create_tables();
+        $installer->add_version();
+    }
+
+    /**
      * Do stuff upon plugin activation
      *

wishsuite/trunk/includes/classes/Admin/Wishlist_Table_List.php

@@ -25 +25 @@
     private $order_by;
     private $order;
+    private $total_items = 0;
 
     public function __construct() {
@@ -56 +57 @@
         ];
         if($this->user_id === '') {
-            $data = Manage_Data::instance()->getWishlist( $query_args )['items'];
+            $result = Manage_Data::instance()->getWishlist( $query_args );
         }
         if($this->user_id && $this->user_id !== '') {
             $query_args = array_merge($query_args, ['user_id'=>$this->user_id]);
-            $data = Manage_Data::instance()->getWishlistByUserId( $query_args )['items'];
-        }
-        $this->items= $data;
+            $result = Manage_Data::instance()->getWishlistByUserId( $query_args );
+        }
+        $this->items = $result['items'] ?? [];
+        $this->total_items = $result['total_items'] ?? 0;
     }
     
@@ -210 +212 @@
     function prepare_items(){
         $this->_column_headers = array($this->get_columns(),array('id'),$this->get_sortable_columns());
-        $total_items = 0;
-
-        $query_args = [
-            'limit'=>$this->limit,
-            'offset'=>$this->offset,
-            'orderby'=>$this->order_by,
-            'order'=>$this->order
-        ];
-
-        if($this->user_id === '') {
-            $result = Manage_Data::instance()->getWishlist( $query_args );
-            $total_items = $result['total_items'];
-        }
-        if($this->user_id && $this->user_id !== '' ) {
-            $query_args = array_merge($query_args, ['user_id'=>$this->user_id]);
-            $result = Manage_Data::instance()->getWishlistByUserId( $query_args );
-            $total_items = $result['total_items'];
-        }
 
         $this->set_pagination_args( [
-            'total_items' => $total_items,
+            'total_items' => $this->total_items,
             'per_page'    => $this->limit
         ] );

wishsuite/trunk/includes/classes/Frontend/Manage_Wishlist.php

@@ -31 +31 @@
 
     /**
+     * Request-level cache for wishlist product IDs
+     * @var array|null
+     */
+    private static $cached_wishlist = null;
+
+    /**
      * [instance] Initializes a singleton instance
      * @return [Manage_Wishlist]
@@ -60 +66 @@
      */
     public function add_product( $id ){
+        self::$cached_wishlist = null;
 
         $user_id = get_current_user_id();
@@ -104 +111 @@
         }
 
+        self::$cached_wishlist = null;
         return $add_status;
 
@@ -114 +122 @@
      */
     public function remove_product( $id ){
+        self::$cached_wishlist = null;
+
         $user_id = get_current_user_id();
         $delete_status = false;
@@ -155 +165 @@
         }
 
+        self::$cached_wishlist = null;
         return $delete_status;
     }
@@ -479 +490 @@
     public function get_wishlist_products(){
 
+        if ( self::$cached_wishlist !== null ) {
+            return self::$cached_wishlist;
+        }
+
         if( is_user_logged_in() ){
             $items = \WishSuite\Manage_Data::instance()->read();
@@ -485 +500 @@
                 $ids[] = $item['product_id'];
             }
+            self::$cached_wishlist = $ids;
             return $ids;
         }else{
             $cookie_name = $this->get_cookie_name();
-            // return isset( $_COOKIE[ $cookie_name ] ) ? array_map( 'sanitize_text_field', json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) ) : array();
             if( isset( $_COOKIE[ $cookie_name ] ) && is_array( json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) ) ){
-                return array_map( 'sanitize_text_field', json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) );
+                $result = array_map( 'sanitize_text_field', json_decode( wp_unslash( $_COOKIE[ $cookie_name ] ), true ) );
             }else{
-                return array();
-            }
+                $result = array();
+            }
+            self::$cached_wishlist = $result;
+            return $result;
         }
 
@@ -504 +521 @@
      */
     public function is_product_in_wishlist( $id ) {
+        if ( is_user_logged_in() ) {
+            $item = \WishSuite\Manage_Data::instance()->read_single_item( get_current_user_id(), (int) $id );
+            return ! empty( $item );
+        }
+
         $id = (string) $id;
         $list = $this->get_wishlist_products();
-        if ( is_array( $list ) ) {
-            return in_array( $id, $list, true );
-        }else{
-            return false;
-        }
+        return is_array( $list ) && in_array( $id, $list, true );
     }
 

wishsuite/trunk/includes/classes/Installer.php

@@ -50 +50 @@
         }
 
-        $schema = "CREATE TABLE IF NOT EXISTS `{$wpdb->prefix}wishsuite_list` (
+        $schema = "CREATE TABLE `{$wpdb->prefix}wishsuite_list` (
           `id` bigint( 20 ) unsigned NOT NULL AUTO_INCREMENT,
           `user_id` bigint( 20 ) NULL DEFAULT NULL,
@@ -56 +56 @@
           `quantity` int(11) NULL DEFAULT NULL,
           `date_added` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-          PRIMARY KEY (`id`)
+          PRIMARY KEY (`id`),
+          KEY `idx_user_id` (`user_id`),
+          KEY `idx_product_id` (`product_id`),
+          KEY `idx_user_product` (`user_id`, `product_id`)
         ) $charset_collate";
 
@@ -64 +67 @@
 
         dbDelta( $schema );
+
+        $this->maybe_add_indexes();
+    }
+
+    /**
+     * Add missing indexes to the wishlist table via direct SQL.
+     * Handles existing installs where dbDelta may not have created indexes.
+     *
+     * @return void
+     */
+    public function maybe_add_indexes() {
+        global $wpdb;
+        $table = $wpdb->prefix . 'wishsuite_list';
+
+        if ( $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $table ) ) !== $table ) {
+            return;
+        }
+
+        $existing = $wpdb->get_results( "SHOW INDEX FROM `{$table}`", ARRAY_A );
+        $existing_names = array_column( $existing, 'Key_name' );
+
+        $indexes = [
+            'idx_user_id'      => '(`user_id`)',
+            'idx_product_id'   => '(`product_id`)',
+            'idx_user_product' => '(`user_id`, `product_id`)',
+        ];
+
+        foreach ( $indexes as $name => $columns ) {
+            if ( ! in_array( $name, $existing_names, true ) ) {
+                $wpdb->query( "ALTER TABLE `{$table}` ADD INDEX `{$name}` {$columns}" );
+            }
+        }
     }
 

wishsuite/trunk/includes/classes/Manage_Data.php

@@ -21 +21 @@
         }
         return self::$_instance;
+    }
+
+    /**
+     * Sanitize orderby column against a whitelist.
+     *
+     * @param  string $orderby
+     * @return string
+     */
+    private function sanitize_orderby( $orderby ) {
+        $allowed = [ 'id', 'product_id', 'user_id', 'quantity', 'date_added' ];
+        return in_array( $orderby, $allowed, true ) ? $orderby : 'id';
+    }
+
+    /**
+     * Sanitize order direction.
+     *
+     * @param  string $order
+     * @return string
+     */
+    private function sanitize_order( $order ) {
+        $order = strtoupper( $order );
+        return in_array( $order, [ 'ASC', 'DESC' ], true ) ? $order : 'ASC';
     }
 
@@ -93 +115 @@
         $cache_key    = "all:$key:$last_changed";
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT * FROM {$wpdb->prefix}wishsuite_list
             WHERE user_id = %d
-            ORDER BY %s %s",
-            $args['user_id'], $args['orderby'], $args['order']
+            ORDER BY {$orderby} {$order}",
+            $args['user_id']
         );
 
@@ -136 +161 @@
         $total_items = (int) $wpdb->get_var($total_items_sql);
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT *, COUNT(*) AS product_count
             FROM {$wpdb->prefix}wishsuite_list AS wishlists
             GROUP BY wishlists.product_id
-            ORDER BY %s %s
+            ORDER BY {$orderby} {$order}
             LIMIT %d OFFSET %d",
-            $args['orderby'], $args['order'], $args['limit'], $args['offset']
+            $args['limit'], $args['offset']
         );
         $items = wp_cache_get( $cache_key, 'wishsuite' );
@@ -181 +209 @@
         $total_items = (int) $wpdb->get_var($total_items_sql);
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT *, COUNT(*) AS product_count
             FROM {$wpdb->prefix}wishsuite_list AS wishlists
             GROUP BY wishlists.user_id
-            ORDER BY %s %s
+            ORDER BY {$orderby} {$order}
             LIMIT %d OFFSET %d",
-            $args['orderby'], $args['order'], $args['limit'], $args['offset']
+            $args['limit'], $args['offset']
         );
         $items = wp_cache_get( $cache_key, 'wishsuite' );
@@ -227 +258 @@
         $total_items = $wpdb->get_var($total_items_sql);
 
+        $orderby = $this->sanitize_orderby( $args['orderby'] );
+        $order   = $this->sanitize_order( $args['order'] );
+
         $sql = $wpdb->prepare(
             "SELECT *
             FROM {$wpdb->prefix}wishsuite_list AS wishlists
             WHERE wishlists.user_id = %d
-            ORDER BY %s %s
+            ORDER BY {$orderby} {$order}
             LIMIT %d OFFSET %d",
-            $args['user_id'], $args['orderby'], $args['order'], $args['limit'], $args['offset']
+            $args['user_id'], $args['limit'], $args['offset']
         );
         $items = wp_cache_get( $cache_key, 'wishsuite' );

wishsuite/trunk/readme.txt

@@ -4 +4 @@
 Requires at least: 5.0
 Tested up to: 6.9
-Stable tag: 1.5.2
+Stable tag: 1.5.3
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html 
@@ -106 +106 @@
 
 == Changelog ==
+
+= Version: 1.5.3 - Date: 2026-03-16 =
+* Improved: Request-level caching for wishlist queries.
+* Improved: Optimized wishlist lookup for logged-in users.
+* Fixed: SQL injection risk in ORDER BY clauses.
 
 = Version: 1.5.2 - Date: 2025-12-14 =

wishsuite/trunk/wishsuite.php

@@ -6 +6 @@
  * Author: HasThemes
  * Author URI: https://hasthemes.com/
- * Version: 1.5.2
+ * Version: 1.5.3
  * License: GPL2 or later
  * License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -26 +26 @@
      * @var string
      */
-    const version = '1.5.2';
+    const version = '1.5.3';
 
     /**
@@ -52 +52 @@
         $this->includes();
         register_activation_hook( WISHSUITE_FILE, [ $this, 'activate' ] );
-        if( empty( get_option('wishsuite_version', '') ) ){
-            $this->activate();
+        if ( version_compare( get_option( 'wishsuite_version', '' ), WISHSUITE_VERSION, '<' ) ) {
+            $this->maybe_upgrade();
         }
         add_action( 'init', [ $this, 'i18n' ] );
@@ -143 +143 @@
 
     /**
+     * Run upgrade routines when the plugin version changes.
+     * Only updates the DB schema and version — no page creation or redirects.
+     *
+     * @return void
+     */
+    public function maybe_upgrade() {
+        $installer = new WishSuite\Installer();
+        $installer->create_tables();
+        $installer->add_version();
+    }
+
+    /**
      * Do stuff upon plugin activation
      *