Changeset 451246

Timestamp:

10/14/2011 10:57:56 PM (14 years ago)

Author:

Orson Teodoro

Message:

fix signature editing

Location:

forumconverter

Files:

• tags/1.13 (added)
• tags/1.13/Forum.php (added)
• tags/1.13/ForumConverter.php (added)
• tags/1.13/PhpbbAuth.php (added)
• tags/1.13/PhpbbToBbpress.php (added)
• tags/1.13/PhpbbToBpforums.php (added)
• tags/1.13/fc-auth.php (added)
• tags/1.13/fc-forum-password.php (added)
• tags/1.13/fc-main.php (added)
• tags/1.13/fc-options.php (added)
• tags/1.13/fc-sig-main.php (added)
• tags/1.13/fc-sig-req.php (added)
• tags/1.13/fc-sig-update.php (added)
• tags/1.13/license.txt (added)
• tags/1.13/readme.txt (added)
• tags/1.13/screenshot-1.png (added)
• tags/1.13/wp-db-ex.php (added)
• tags/1.13/wp-pass-ex.php (added)
• trunk/fc-sig-main.php (modified) (3 diffs)
• trunk/fc-sig-update.php (modified) (1 diff)
• trunk/readme.txt (modified) (3 diffs)

forumconverter/trunk/fc-sig-main.php

@@ -87 +87 @@
         else if (strstr($curl, 'user-edit.php'))
         {
-            $id = addslashes($_GET['user_id']);
+            $id = addslashes($_REQUEST['user_id']);
         }
         $sig = $wpdb->get_var('SELECT meta_value FROM '.$wpdb->prefix.'usermeta WHERE user_id='.$id.' AND meta_key="bbp_signature"');
-        $c = explode('/',plugin_basename(__FILE__));
-        $plugin_folder = $c[0];
-        $update_url = plugins_url().'/'.$plugin_folder.'/fc-sig-update.php';
         $sig = str_replace(array("\r\n", "\n"), '\n', $sig);
-        $sig = wp_kses($sig);
+        $sig = wp_kses($sig, array('a' => array('href'=>array()), 'font' => array('color'=>array(), 'size'=>array(), 'face'=>array()), 'br' => array(), 'img'=>array('src'=>array(),'alt'=>array(),'class'=>array(),'style'=>array())));
         
         echo <<<SIGUI2
@@ -107 +104 @@
             '   </tbody>' +
             '</table>' +
+            '<input type="hidden" name="bbp_sig_target" value="{$id}" />' +
             '';
             jQuery(".submit").before(out);
@@ -159 +157 @@
 
     $user = wp_get_current_user();
-    $id = $user->ID;
+    if (isset($_REQUEST['bbp_sig_target']))
+        $id = addslashes($_REQUEST['bbp_sig_target']);
+    else
+        $id = $user->ID;
     $sig = addslashes($_POST['sig']);
 

forumconverter/trunk/fc-sig-update.php

@@ -15 +15 @@
     Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */
+
+    //this is for the ajax update from buddypress
 
     require('../../../wp-load.php');

forumconverter/trunk/readme.txt

@@ -5 +5 @@
 Requires at least: 3.2.1
 Tested up to: 3.2.1
-Stable tag: 1.12
+Stable tag: 1.13
 
 Migrates a phpBB forum into a bbPress forum.
@@ -131 +131 @@
 
 == Upgrade Notice ==
+= 1.13 = 
+None
+
 = 1.12 =
 XSS Security vulnerability.  Please upgrade immediately if your using the signature plugin.  Versions 1.08-1.11 affected.
@@ -171 +174 @@
 
 == Changelog ==
+= 1.13 =
+* Bug Fix: Make signatures editing on WordPress backend only make changes to the viewed profile.
+
 = 1.12 =
 * Security Fix: Sanitize signatures.