Page 1 of 1
Coming 2.0.2 fixes, logs, requests
Posted: Fri Dec 27, 2019 8:40 pm
by axew3
on next wp_w3all 2.0.2 will be checked fixed all about WP MUMS, wordpress network installations.
Just testing the code, there is already a deprecated filter in use to switch to:
wpmu_new_blog is obsolete and since wp 5.1.0 is now substituted by ->
wp_insert_site
all about wp mums will be checked and eventually fixed on 2.0.2.
More code cuts about redundant and (really not needed) redirects.
Fix a secondary security bug into the custom
config.php file, if used. To fix, it's needed to add just a line of code on top of the file, just after the starting
<?php tag:
Code: Select all
defined( 'ABSPATH' ) or die( 'forbidden' );
...
Re: Coming 2.0.2 fixes, logs, requests
Posted: Fri Dec 27, 2019 11:41 pm
by axew3
Looking into all about fixing mums network installations, i see that
Code: Select all
sanitize_user( $username, $strict = false );
transform something like
Btester
into
btester
beside the fact it can be easily worked around, how this happen i really do not know at moment .. will try to ask somewhere
Re: Coming 2.0.2 fixes, logs, requests
Posted: Sat Dec 28, 2019 10:47 am
by axew3
beside the fact it can be easily worked around, how this happen i really do not know at moment .. will try to ask somewhere
i already found this in the past, and i see that situation not changed.
sanitize_user and wp_insert_user seem to mess up in certain situations.
Then an improved fix to this has been added.
2.0.2 is coming very soon to fix and resolve several important issues.
Re: Coming 2.0.2 fixes, logs, requests
Posted: Sun Dec 29, 2019 1:29 am
by axew3
Since many bugs resolved, and after long time, network installations fixes
version 2.0.2 will be released as soon within few hours (if no evil come out)
Code: Select all
== Changelog ==
= 2.0.2 =
*Release Date - 29 Dic, 2019*
* Fix: mums network installations
* Fix: nicenames for network and common wp installations
* Fix: '/wp-content/plugins/wp-w3all-phpbb-integration/views/wp_w3all_login_form.php' to be suitable into any kind of wp installation
* Fix: (secondary) security fix for the custom phpBB config.php file '/wp-content/plugins/wp-w3all-phpbb-integration/addons/wp-w3all-config/config.php'. Please follow this step if you want to fix the issue: https://www.axew3.com/w3/forums/viewtopic.php?f=2&t=1448&p=4241#p4241
* Fix: correct profile fields (email) updates flow
* Minor fixes
Re: Coming 2.0.2 fixes, logs, requests
Posted: Sun Dec 29, 2019 9:39 pm
by axew3
If using the custom phpBB config.php file before 2.0.2
To fix the (secondary) phpBB custom
config.php security issue, open file
/wp-content/plugins/wp-w3all-config/config.php
and change the very first line:
into
Code: Select all
<?php defined( 'ABSPATH' ) or die( 'forbidden' );