From 7876a1fbcb42eaac0da0b82ea46a8bf9a0a03ac6 Mon Sep 17 00:00:00 2001 From: magepeopleteam Date: Fri, 5 Jan 2024 06:08:23 +0000 Subject: [PATCH] v 4.1.2 release --- inc/mep_event_meta.php | 11 ++++++++++- readme.txt | 4 ++++ woocommerce-event-press.php | 2 +- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/inc/mep_event_meta.php b/inc/mep_event_meta.php index 031b758..d218b23 100644 --- a/inc/mep_event_meta.php +++ b/inc/mep_event_meta.php @@ -1437,10 +1437,19 @@ function mep_event_meta_save($post_id) $mep_available_seat = isset($_POST['mep_available_seat']) ? sanitize_text_field($_POST['mep_available_seat']) : 'off'; $_tax_status = isset($_POST['_tax_status']) ? sanitize_text_field($_POST['_tax_status']) : 'none'; $_tax_class = isset($_POST['_tax_class']) ? sanitize_text_field($_POST['_tax_class']) : ''; - $mep_member_only_user_role = isset($_POST['mep_member_only_user_role']) ? mage_array_strip(maybe_unserialize($_POST['mep_member_only_user_role'])) : maybe_unserialize(array('all')); + + $mep_member_only_user_role = isset($_POST['mep_member_only_user_role']) && is_array($_POST['mep_member_only_user_role']) ? array_map('sanitize_text_field',$_POST['mep_member_only_user_role']) : array_map('sanitize_text_field',['all']); + + + $off_days = isset($_POST['mptbm_off_days']) && is_array($_POST['mptbm_off_days']) ? : []; + + $sku = isset($_POST['mep_event_sku']) ? sanitize_text_field($_POST['mep_event_sku']) : $post_id; $mep_rich_text_status = isset($_POST['mep_rich_text_status']) ? sanitize_text_field($_POST['mep_rich_text_status']) : 'enable'; + + + if ($mep_reset_status == 'on') { mep_reset_event_booking($post_id); } diff --git a/readme.txt b/readme.txt index d877d61..a18e2be 100644 --- a/readme.txt +++ b/readme.txt @@ -430,6 +430,10 @@ A. You can create a support ticket here with problem details with possible scree == Changelog == += 4.1.2 = +* Security Issue Fixed + 05 Jan 2024* + = 4.1.1 = * Custom Styling issue has been fixed diff --git a/woocommerce-event-press.php b/woocommerce-event-press.php index 572c405..7d792fa 100644 --- a/woocommerce-event-press.php +++ b/woocommerce-event-press.php @@ -3,7 +3,7 @@ * Plugin Name: Event Manager and Tickets Selling Plugin for WooCommerce - WpEvently - WordPress Plugin * Plugin URI: http://mage-people.com * Description: A Complete Event Solution for WordPress by MagePeople.. - * Version: 4.1.1 + * Version: 4.1.2 * Author: MagePeople Team * Author URI: http://www.mage-people.com/ * Text Domain: mage-eventpress