You've already forked wc-licensed-product
Prepare v0.1.0 release - code review and documentation updates
- Conducted comprehensive security and best practices review - Fixed VersionManager null format handling for attachment updates - Improved input sanitization in AdminController for page context checks - Updated README.md with complete feature documentation - Updated CHANGELOG.md with 0.1.0 release notes - Updated translations (.pot, .po, .mo files) to version 0.1.0 - Bumped version to 0.1.0 in plugin header and constant Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
25
CHANGELOG.md
25
CHANGELOG.md
@@ -7,6 +7,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
## [0.1.0] - 2026-01-22
|
||||
|
||||
### Added
|
||||
|
||||
- First stable minor release
|
||||
- Comprehensive code review for WordPress/WooCommerce best practices
|
||||
- Security audit completed
|
||||
|
||||
### Changed
|
||||
|
||||
- Improved input sanitization for admin page context checks
|
||||
- Fixed VersionManager null format handling for attachment updates
|
||||
|
||||
### Technical Details
|
||||
|
||||
- All code reviewed for OWASP Top 10 security vulnerabilities
|
||||
- Verified proper nonce verification, capability checks, and input sanitization
|
||||
- SQL injection prevention confirmed using `$wpdb->prepare()` throughout
|
||||
- XSS prevention confirmed with proper output escaping
|
||||
- Rate limiting verified on REST API endpoints
|
||||
- README.md updated with full feature documentation
|
||||
|
||||
## [0.0.11] - 2026-01-22
|
||||
|
||||
### Added
|
||||
@@ -275,7 +297,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
- WordPress REST API integration
|
||||
- Custom WooCommerce product type extending WC_Product
|
||||
|
||||
[Unreleased]: https://src.bundespruefstelle.ch/magdev/wc-licensed-product/compare/v0.0.11...HEAD
|
||||
[Unreleased]: https://src.bundespruefstelle.ch/magdev/wc-licensed-product/compare/v0.1.0...HEAD
|
||||
[0.1.0]: https://src.bundespruefstelle.ch/magdev/wc-licensed-product/compare/v0.0.11...v0.1.0
|
||||
[0.0.11]: https://src.bundespruefstelle.ch/magdev/wc-licensed-product/compare/v0.0.10...v0.0.11
|
||||
[0.0.10]: https://src.bundespruefstelle.ch/magdev/wc-licensed-product/compare/v0.0.9...v0.0.10
|
||||
[0.0.9]: https://src.bundespruefstelle.ch/magdev/wc-licensed-product/compare/v0.0.8...v0.0.9
|
||||
|
||||
@@ -36,6 +36,13 @@ This project is proudly **"vibe-coded"** using Claude.AI - the entire codebase w
|
||||
|
||||
No known bugs at the moment
|
||||
|
||||
### Release 0.1.0
|
||||
|
||||
- Check the code for wordpress best practices, WooCommerce best practices and common security pitfalls. Refactor if needed.
|
||||
- Update the README.md according to the current featureset
|
||||
- Update all translations
|
||||
- Create a release package 0.1.0
|
||||
|
||||
## Technical Stack
|
||||
|
||||
- **Language:** PHP 8.3.x
|
||||
|
||||
@@ -17,6 +17,7 @@ WC Licensed Product adds a new product type "Licensed Product" to WooCommerce, e
|
||||
- **Version Binding**: Optional binding to major software versions
|
||||
- **Expiration Support**: Set license validity periods or lifetime licenses
|
||||
- **Rate Limiting**: API endpoints protected with rate limiting (30 requests/minute)
|
||||
- **Checkout Blocks**: Full support for WooCommerce Checkout Blocks (default since WC 8.3+)
|
||||
|
||||
### Customer Features
|
||||
|
||||
@@ -30,12 +31,16 @@ WC Licensed Product adds a new product type "Licensed Product" to WooCommerce, e
|
||||
- **License Management**: Full CRUD interface for license management
|
||||
- **License Dashboard**: Statistics and analytics (WooCommerce > Reports > Licenses)
|
||||
- **Search & Filtering**: Search by license key, domain, status, or product
|
||||
- **Live Search**: AJAX-powered instant search results
|
||||
- **Inline Editing**: Edit license status, expiry, and domain directly in the list
|
||||
- **Bulk Operations**: Activate, deactivate, revoke, extend, or delete multiple licenses
|
||||
- **License Transfer**: Transfer licenses to new domains
|
||||
- **CSV Export/Import**: Export and import licenses via CSV
|
||||
- **Order Integration**: View and manage licenses directly from order pages
|
||||
- **Expiration Warnings**: Automatic email notifications before license expiration
|
||||
- **Version Management**: Manage multiple versions per product with file attachments
|
||||
- **Global Settings**: Default license settings via WooCommerce settings tab
|
||||
- **WooCommerce HPOS**: Compatible with High-Performance Order Storage
|
||||
|
||||
## Requirements
|
||||
|
||||
@@ -60,7 +65,6 @@ WC Licensed Product adds a new product type "Licensed Product" to WooCommerce, e
|
||||
- **Max Activations**: Number of domains allowed per license
|
||||
- **License Validity**: Days until expiration (empty = lifetime)
|
||||
- **Bind to Major Version**: Lock license to current major version
|
||||
- **Current Version**: Your software's current version
|
||||
|
||||
### Managing Product Versions
|
||||
|
||||
|
||||
Binary file not shown.
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -105,7 +105,9 @@ final class AdminController
|
||||
{
|
||||
// Check for our pages and WooCommerce Reports page with licenses tab
|
||||
$isLicensePage = in_array($hook, ['woocommerce_page_wc-licenses', 'woocommerce_page_wc-license-dashboard'], true);
|
||||
$isReportsPage = $hook === 'woocommerce_page_wc-reports' && isset($_GET['tab']) && $_GET['tab'] === 'licenses';
|
||||
// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Only checking current page context
|
||||
$currentTab = isset($_GET['tab']) ? sanitize_text_field(wp_unslash($_GET['tab'])) : '';
|
||||
$isReportsPage = $hook === 'woocommerce_page_wc-reports' && $currentTab === 'licenses';
|
||||
|
||||
if (!$isLicensePage && !$isReportsPage) {
|
||||
return;
|
||||
|
||||
@@ -167,8 +167,20 @@ class VersionManager
|
||||
}
|
||||
|
||||
if ($attachmentId !== null) {
|
||||
$data['attachment_id'] = $attachmentId > 0 ? $attachmentId : null;
|
||||
$formats[] = $attachmentId > 0 ? '%d' : null;
|
||||
if ($attachmentId > 0) {
|
||||
$data['attachment_id'] = $attachmentId;
|
||||
$formats[] = '%d';
|
||||
} else {
|
||||
// Set to NULL using raw SQL instead of adding to $data
|
||||
global $wpdb;
|
||||
$tableName = Installer::getVersionsTable();
|
||||
$wpdb->query(
|
||||
$wpdb->prepare(
|
||||
"UPDATE {$tableName} SET attachment_id = NULL WHERE id = %d",
|
||||
$versionId
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($data)) {
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
* Plugin Name: WooCommerce Licensed Product
|
||||
* Plugin URI: https://src.bundespruefstelle.ch/magdev/wc-licensed-product
|
||||
* Description: WooCommerce plugin to sell software products using license keys with domain-based validation.
|
||||
* Version: 0.0.11
|
||||
* Version: 0.1.0
|
||||
* Author: Marco Graetsch
|
||||
* Author URI: https://src.bundespruefstelle.ch/magdev
|
||||
* License: GPL-2.0-or-later
|
||||
@@ -28,7 +28,7 @@ if (!defined('ABSPATH')) {
|
||||
}
|
||||
|
||||
// Plugin constants
|
||||
define('WC_LICENSED_PRODUCT_VERSION', '0.0.11');
|
||||
define('WC_LICENSED_PRODUCT_VERSION', '0.1.0');
|
||||
define('WC_LICENSED_PRODUCT_PLUGIN_FILE', __FILE__);
|
||||
define('WC_LICENSED_PRODUCT_PLUGIN_DIR', plugin_dir_path(__FILE__));
|
||||
define('WC_LICENSED_PRODUCT_PLUGIN_URL', plugin_dir_url(__FILE__));
|
||||
|
||||
Reference in New Issue
Block a user