Blog

Pods 1.9.6: Security Update / New Features / Bug Fixes

Release Notes

  • Security Update: New security settings section in the Pods >> Setup >> Settings tab to restrict access to the File Browser / Uploader used in publicForm — adjust the settings to fit your site if you experience any problems with your File Uploader
  • Changed: PICK Field Multi-select saving now uses data-value=”…” instead of value=”…” for the divs (WP 3.2 / jQuery 1.6.1 compatibility)
  • Added: New TinyMCE API for use with the new TinyMCE package update at https://pods.io/packages/tinymce-for-pods/
  • Added: New get_current_url() function to get current page URL
  • Bugfix: Fixed pod_page_exists() bug with $home path
  • Bugfix: Fixed publicForm bug with $css_id always using form_count 1 (now uses correct $form_count)
  • Bugfix: Fixed access to Pod Pages tab in Pods >> Setup menu (manage_pages >> manage_pod_pages)
  • Bugfix: Added $params and $columns to actions for pods_pre_save_pod_item and pods_post_save_pod_item in PodAPI :: save_pod_item
  • Bugfix: Moved $params->pod_id and $params->tbl_row_id setup to above pre_save_helpers run in PodAPI :: save_pod_item
  • Bugfix: tbl_row_id now sent in publicForm (not just pod_id)
  • Bugfix: Fixed WP 3.2 bugs regarding jQuery upgrade to 1.6.1
  • Bugfix: Fixed some PHP warnings dependant on error_reporting level and PHP version

Get it at http://wordpress.org/extend/plugins/pods/

Security Update

As usual, we recommend you run the latest stable version of WordPress, PHP, MySQL, and your WordPress plugins. This release includes a Security Update that’s necessary to ensure access to the File Browser / Uploader remains restricted for users who haven’t implemented an advanced solution already. WordPress already utilizes a number of safe-checks, so this wasn’t a critical security issue, just upgrade as soon as you’re able to for the additional security.

We have added a new Security Settings section to the Pods >> Setup >> Settings tab. In this new section, you can restrict access to the File Browser / Uploader used in publicForm, so just adjust the settings to fit your site if you do experience any problems.

Adjustments required for File Upload Input Helpers

If you are using SWFUpload in an Input Helper for your File Uploading, you will need to adjust it to set the post_params variable from:

post_params: {"action": "wp_handle_upload"},

to:

post_params: {"action": "wp_handle_upload", "auth_cookie": "<?php echo (is_ssl() ? $_COOKIE[SECURE_AUTH_COOKIE] : $_COOKIE[AUTH_COOKIE]); ?>", "logged_in_cookie": "<?php echo $_COOKIE[LOGGED_IN_COOKIE]; ?>"},

Adjustments required for PICK (multi-select) Helpers

If you are using our base PICK html for your multi-select helper, you’ll need to adjust a line so it’s compatible with our latest jQuery updates:

<div class="option<?php echo $active; ?>" value="<?php echo $val['id']; ?>"><?php echo $val['name']; ?></div>

to:

<div class="option<?php echo $active; ?>" data-value="<?php echo $val['id']; ?>"><?php echo $val['name']; ?></div>

Upgrade Problems?

Post your issues in our Q&A system at https://pods.io/qna/ and we’ll assist you in getting things figured out.

4 thoughts on “Pods 1.9.6: Security Update / New Features / Bug Fixes”

  1. What does this mean?

    Adjustments required for PICK (multi-select) Helpers

    If you are using our base PICK html for your multi-select helper, you’ll need to adjust a line so it’s compatible with our latest jQuery updates:

    <div class="option” value=””>

    to:

    <div class="option” data-value=””>

    Where am I changing that exactly? My picks stopped working with this update, and I’m guessing it’s because I have no idea what the above means.

    • That’s only if you’re using custom input helpers for your multi-select PICK fields. If you’re not, there may be something else going on that I’d be happy to help you figure out. Contact me at scott (at) podscms .org

  2. Sadly it looks like there’s a bug in jQuery 1.4.2 on the .data() function, which is the version that WP 3.0.x is using. I think it’s only effecting WP 3.0.x, so be sure to upgrade if you can to fix any issues regarding saving PICK fields and getting an ‘undefined’ error message back.

Comments are closed.