From 6bad43d93f0e5c2491530b9c0e04d39c69eeb96c Mon Sep 17 00:00:00 2001 From: Ilnur Basyrov Date: Thu, 5 Dec 2024 12:49:27 +0400 Subject: [PATCH 1/5] v 6.12.23 release preparations --- CHANGELOG.txt | 4 ++++ ecwid-shopping-cart.php | 2 +- readme.txt | 6 +++++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index e3dae123..f4da6438 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,4 +1,8 @@ == Changelog == += 6.12.23 - Dec 5, 2024 = +- Fixed a PHP error message ("Deprecated: Use of "self" in callables is deprecated") for PHP versions since 8.2. +- Internal improvements and optimizations. + = 6.12.22 - Nov 7, 2024 = - **WordPress 6.7 and Twenty Twenty Five theme compatibility.** The new WordPress version will be released soon. The Ecwid ecommerce shopping cart plugin is ready for the new release — everything works well in your WordPress admin and storefront pages. Feel free to upgrade your site to WordPress 6.7 and try a new theme. - Fixed issue with links of Product Small block when it contains non-latin characters. diff --git a/ecwid-shopping-cart.php b/ecwid-shopping-cart.php index 98a1cc1b..e2b659d7 100644 --- a/ecwid-shopping-cart.php +++ b/ecwid-shopping-cart.php @@ -5,7 +5,7 @@ Description: Ecwid by Lightspeed is a free full-featured shopping cart. It can be easily integrated with any Wordpress blog and takes less than 5 minutes to set up. Text Domain: ecwid-shopping-cart Author: Ecwid Ecommerce -Version: 6.12.22 +Version: 6.12.23 Author URI: https://ecwid.to/ecwid-site License: GPLv2 or later */ diff --git a/readme.txt b/readme.txt index 6d643692..7b438d98 100644 --- a/readme.txt +++ b/readme.txt @@ -5,7 +5,7 @@ License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Requires at least: 4.4 Tested up to: 6.7 -Stable tag: 6.12.22 +Stable tag: 6.12.23 Powerful, easy to use ecommerce shopping cart for WordPress. Sell on Facebook and Instagram. iPhone & Android apps. Superb support. Free plan available. @@ -153,6 +153,10 @@ You can use Ecwid’s built-in import tools to copy your store products from any * [Ecwid Help Center](http://help.ecwid.com "Ecwid Help") == Changelog == += 6.12.23 - Dec 5, 2024 = +- Fixed a PHP error message ("Deprecated: Use of "self" in callables is deprecated") for PHP versions since 8.2. +- Internal improvements and optimizations. + = 6.12.22 - Nov 7, 2024 = - **WordPress 6.7 and Twenty Twenty Five theme compatibility.** The new WordPress version will be released soon. The Ecwid ecommerce shopping cart plugin is ready for the new release — everything works well in your WordPress admin and storefront pages. Feel free to upgrade your site to WordPress 6.7 and try a new theme. - Fixed issue with links of Product Small block when it contains non-latin characters. From ca6eab99bd5b96b0d700bb4f477911c14dbd419c Mon Sep 17 00:00:00 2001 From: Ilnur Basyrov Date: Thu, 5 Dec 2024 15:53:31 +0400 Subject: [PATCH 2/5] added files to distignore --- .distignore | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.distignore b/.distignore index 55b299c5..5f290b9e 100644 --- a/.distignore +++ b/.distignore @@ -8,4 +8,7 @@ .gitignore composer.json CHANGELOG.txt -README.md \ No newline at end of file +README.md +.wp-env.json +package-lock.json +package.json \ No newline at end of file From 27e2a83d7e0aee7cd4dba3685bd97ee226a687a6 Mon Sep 17 00:00:00 2001 From: Ilnur Basyrov Date: Fri, 13 Dec 2024 11:06:44 +0400 Subject: [PATCH 3/5] PLUGINS-6956 replaced sha1 to sha256 in signatures for Customer SSO --- ecwid-shopping-cart.php | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) diff --git a/ecwid-shopping-cart.php b/ecwid-shopping-cart.php index e2b659d7..d5662b23 100644 --- a/ecwid-shopping-cart.php +++ b/ecwid-shopping-cart.php @@ -2906,7 +2906,7 @@ function ecwid_sso() { $user_data_encoded = base64_encode(json_encode($user_data)); $time = time(); - $hmac = ecwid_hmacsha1("$user_data_encoded $time", $key); + $hmac = hash_hmac('sha256', "$user_data_encoded $time", $key); $ecwid_sso_profile = "$user_data_encoded $hmac $time"; } @@ -2945,31 +2945,6 @@ function ecwid_sso() { return $ecwid_sso_script; } -// from: http://www.php.net/manual/en/function.sha1.php#39492 -function ecwid_hmacsha1($data, $key) { - if (function_exists("hash_hmac")) { - return hash_hmac('sha1', $data, $key); - } else { - $blocksize=64; - $hashfunc='sha1'; - if (strlen($key)>$blocksize) - $key=pack('H*', $hashfunc($key)); - $key=str_pad($key,$blocksize,chr(0x00)); - $ipad=str_repeat(chr(0x36),$blocksize); - $opad=str_repeat(chr(0x5c),$blocksize); - $hmac = pack( - 'H*',$hashfunc( - ($key^$opad).pack( - 'H*',$hashfunc( - ($key^$ipad).$data - ) - ) - ) - ); - return bin2hex($hmac); - } -} - function ecwid_should_display_escaped_fragment_catalog() { if (!isset($_GET['_escaped_fragment_'])) return; From d63db8b9752c3a0544509edf61399b512451e2b4 Mon Sep 17 00:00:00 2001 From: Ilnur Basyrov Date: Fri, 13 Dec 2024 11:23:33 +0400 Subject: [PATCH 4/5] PLUGINS-6968 moved app key to headers --- lib/ecwid_api_v3.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/ecwid_api_v3.php b/lib/ecwid_api_v3.php index 59ee06d4..e465e401 100644 --- a/lib/ecwid_api_v3.php +++ b/lib/ecwid_api_v3.php @@ -827,8 +827,6 @@ public function create_store( $params = array() ) { } $request_params = array( - 'appClientId', - 'appSecretKey', 'returnApiToken' => 'true', ); $url = $this->build_request_url( $this->_stores_api_url, $request_params ); @@ -840,6 +838,8 @@ public function create_store( $params = array() ) { 'timeout' => 20, 'headers' => array( 'Content-Type' => 'application/json;charset="utf-8"', + 'X-Ecwid-App-Client-Id' => Ecwid_Config::get_oauth_appid(), + 'X-Ecwid-App-Secret-Key' => Ecwid_Config::get_oauth_appsecret() ), ) ); From cee31e1f9709100ad440fb093fd4fe108c128550 Mon Sep 17 00:00:00 2001 From: Ilnur Basyrov Date: Thu, 19 Dec 2024 12:43:18 +0400 Subject: [PATCH 5/5] v 6.12.24 --- CHANGELOG.txt | 3 +++ readme.txt | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index f4da6438..3b90250b 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,4 +1,7 @@ == Changelog == += 6.12.24 - Dec 19, 2024 = +- Plugin code improvements for better security and stability. + = 6.12.23 - Dec 5, 2024 = - Fixed a PHP error message ("Deprecated: Use of "self" in callables is deprecated") for PHP versions since 8.2. - Internal improvements and optimizations. diff --git a/readme.txt b/readme.txt index 7b438d98..7e975bac 100644 --- a/readme.txt +++ b/readme.txt @@ -5,7 +5,7 @@ License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Requires at least: 4.4 Tested up to: 6.7 -Stable tag: 6.12.23 +Stable tag: 6.12.24 Powerful, easy to use ecommerce shopping cart for WordPress. Sell on Facebook and Instagram. iPhone & Android apps. Superb support. Free plan available. @@ -153,6 +153,9 @@ You can use Ecwid’s built-in import tools to copy your store products from any * [Ecwid Help Center](http://help.ecwid.com "Ecwid Help") == Changelog == += 6.12.24 - Dec 19, 2024 = +- Plugin code improvements for better security and stability. + = 6.12.23 - Dec 5, 2024 = - Fixed a PHP error message ("Deprecated: Use of "self" in callables is deprecated") for PHP versions since 8.2. - Internal improvements and optimizations.