ben/upskill-event-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
upskill-event-manager/includes
History
bengizmo 5ab2c58f68 feat: Implement comprehensive security fixes for production deployment 
- Fix production debug exposure in Zoho admin interface (WP_DEBUG conditional)
- Implement secure credential storage with AES-256-CBC encryption
- Add file upload size limits (5MB profiles, 2MB logos) with enhanced validation
- Fix privilege escalation via PHP Reflection bypass with public method alternative
- Add comprehensive input validation and security headers
- Update plugin version to 1.0.7 with security hardening

Security improvements:
 Debug information exposure eliminated in production
 API credentials now encrypted in database storage
 File upload security enhanced with size/type validation
 AJAX endpoints secured with proper capability checks
 SQL injection protection verified via parameterized queries
 CSRF protection maintained with nonce verification

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-06 13:31:38 -03:00
..
admin feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-attendee-profile.php fix: Resolve duplicate initialization and jQuery selector errors 2025-07-28 17:58:39 -03:00
class-event-author-fixer.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-event-form-handler.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-access-control.php fix: Resolve duplicate content and raw shortcode display on manage event page 2025-07-30 10:06:49 -03:00
class-hvac-activator.php fix: Update registration pending page email to joe@upskillhvac.com with bot protection 2025-08-06 07:55:02 -03:00
class-hvac-approval-workflow.php fix: Resolve duplicate initialization and jQuery selector errors 2025-07-28 17:58:39 -03:00
class-hvac-astra-integration.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-breadcrumbs.php feat: Implement comprehensive user role field and certification tracking system 2025-08-01 10:52:11 -03:00
class-hvac-community-events.php feat: Implement comprehensive manual geocoding trigger system with 85% coverage 2025-08-01 23:49:27 -03:00
class-hvac-dashboard-data-fixed.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-dashboard-data-refactored.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-dashboard-data.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-dashboard.php fix: Resolve duplicate initialization and jQuery selector errors 2025-07-28 17:58:39 -03:00
class-hvac-deactivator.php fix: Resolve duplicate initialization and jQuery selector errors 2025-07-28 17:58:39 -03:00
class-hvac-event-manage-header.php feat: Implement comprehensive user role field and certification tracking system 2025-08-01 10:52:11 -03:00
class-hvac-event-navigation.php feat: Implement comprehensive user role field and certification tracking system 2025-08-01 10:52:11 -03:00
class-hvac-form-builder.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-geocoding-ajax.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-geocoding-service.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-help-system.php feat: Implement Training Leads system and restructure navigation menu 2025-08-05 16:02:57 -03:00
class-hvac-logger.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-manage-event.php fix: Remove persistent HTML comment from manage event page 2025-07-30 11:27:58 -03:00
class-hvac-master-dashboard-data.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-menu-system.php feat: Implement Training Leads system and restructure navigation menu 2025-08-05 16:02:57 -03:00
class-hvac-organizers.php fix: Resolve organizer and venue display issues after CSV import 2025-08-01 14:05:10 -03:00
class-hvac-page-content-fixer.php fix: Resolve event manage page CSS override and duplicate header issues 2025-07-30 15:36:39 -03:00
class-hvac-page-manager.php fix: Update registration pending page email to joe@upskillhvac.com with bot protection 2025-08-06 07:55:02 -03:00
class-hvac-plugin.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-profile-sync-handler.php feat: Implement comprehensive trainer profile custom post type system 2025-08-01 18:45:41 -03:00
class-hvac-qr-generator.php feat: Implement Training Leads system and restructure navigation menu 2025-08-05 16:02:57 -03:00
class-hvac-registration.backup.php feat: Major registration refactor and new trainer management pages 2025-07-30 16:29:51 -03:00
class-hvac-registration.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-role-consolidator.php feat: Implement comprehensive user role field and certification tracking system 2025-08-01 10:52:11 -03:00
class-hvac-roles.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-route-manager.php fix: Resolve duplicate content and raw shortcode display on manage event page 2025-07-30 10:06:49 -03:00
class-hvac-scripts-styles.php feat: Implement Training Leads system and restructure navigation menu 2025-08-05 16:02:57 -03:00
class-hvac-secure-storage.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-security.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-settings-refactored.php fix: Ensure trainer registration page is publicly accessible 2025-07-28 10:30:54 -03:00
class-hvac-settings.php fix: Resolve duplicate initialization and jQuery selector errors 2025-07-28 17:58:39 -03:00
class-hvac-shortcodes.php feat: Implement comprehensive trainer profile custom post type system 2025-08-01 18:45:41 -03:00
class-hvac-template-integration.php fix: Implement proper WordPress standards for navigation system 2025-07-30 22:32:23 -03:00
class-hvac-template-loader.php fix: Resolve duplicate content and raw shortcode display on manage event page 2025-07-30 10:06:49 -03:00
class-hvac-trainer-navigation.php feat: Implement comprehensive user role field and certification tracking system 2025-08-01 10:52:11 -03:00
class-hvac-trainer-profile-manager.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-trainer-profile-settings.php feat: Implement comprehensive security fixes for production deployment 2025-08-06 13:31:38 -03:00
class-hvac-trainer-status.php feat: Implement trainer approval workflow with status management 2025-07-28 12:38:34 -03:00
class-hvac-training-leads.php feat: Implement Training Leads system and restructure navigation menu 2025-08-05 16:02:57 -03:00
class-hvac-venues.php fix: Resolve organizer and venue display issues after CSV import 2025-08-01 14:05:10 -03:00
class-hvac-welcome-popup.php feat: Implement Training Leads system and restructure navigation menu 2025-08-05 16:02:57 -03:00
enhanced-csv-import-from-file.php feat: Implement comprehensive enhanced CSV import system with taxonomy integration 2025-08-04 05:57:08 -03:00
legacy-redirects.php fix: Resolve duplicate initialization and jQuery selector errors 2025-07-28 17:58:39 -03:00
migration-trainer-profiles.php feat: Implement comprehensive manual geocoding trigger system with 85% coverage 2025-08-01 23:49:27 -03:00
taxonomy-migration.php feat: Implement comprehensive enhanced CSV import system with taxonomy integration 2025-08-04 05:57:08 -03:00