It’s been just over a month since we’ve released an update. We’ve been pretty hard at work on various things at once, and some exciting things should start coming through over the coming weeks and months. Here’s a small teaser ;)
FullCalendar will soon be on WordPress.org
One major thing to expect later this week is the release of the FullCalendar plugin on WordPress.org! You can already see it in action on our demo site:
http://demo.wp-events-plugin.com/calendar/
Any beta testers welcome (Pro users, delete the old calendar add-on first), please post questions on the EM forums (either free or pro) – http://wp-events-plugin.com/wp-fullcalendar.zip
I’ll post more about this later, because otherwise I’ll digress, but I’d like to pre-thank Michael Lynn for donating the wp-fullcalendar plugin name since he was not going to continue with it. That’s where future updates will be published, and the above beta will also automatically check there for updates.
Update Details
Updates and bugfixes are first priority, so first thing out the door is versions 5.1.7 and Pro 2.1.4.
Important Security Update
One important fix in this update is a vulnerability in the links to jsonp requests, so if you can’t update to the latest version for whatever reason, be sure to at least implement this change in the file events-manager/classes/em-object.php around 996
replace
if( isset($_REQUEST['callback']) ){
with
if( isset($_REQUEST['callback']) && preg_match("/^jQuery[_a-zA-Z0-9]+$/", $_REQUEST['callback']) ){
that’s it. Fixed!
Updates to Events Manager 5.1.7
- added excludeable categories (use negative numbers instead)
- clarified some of the field tips of “other pages” in options
- fixed thumbnail issue in MS (again)
- added event dates and times as sortable booking collumns
- fixed multisite duplicate post id bug in global mode
- simplified meaning of EM_Bookings::get_booked_spaces, so it’s just booked spaces, not pending. get_available_spaces() should be used for reserved seats instead.
- replaced old default date formats with #_EVENTDATES and #_EVENTTIMES
- fixed some datepicker problems in single ticket mode with start/end date tickets
- removed jQuery datepicker and autocomplete libraries, now using WP’s internal scripts instead
- improved the reliability of returned json data in booking form
- fixed categories not editable in front-end,
- added email not sent flag to booking object
- fixed tags not working for slug searches
- fixed dst issues in ical calendars
- added name/slug search fall back for tags search
- added datepicker custom date formatting
- fixed non registered user problem for failed JS submissions
- fixed some rsvp conditional and gcal placeholders
- added jquery-ui-css id to jquery ui css loader to promote compatability with others
- you can now add a custom functions.php file within yourtheme/plugins/events-manager/
- improved title rewriting compatibility
- added hierarchies to category dropdowns
- fixed an object reference error in em-object.php send_mail()
- added jQuery em_booking_success event to document
- fixed tickets not showing start/end dates in admin after editing
- fully booked message now shown rather than closed message
- location description won’t take event description in public submission forms
- re-added get_date_format for backwards compatability with overriding templates
- fixed pagination issue in my events page on front-end
- fixed potential security xss exploit in json call links
- fixed default country overriding all country search option on search pages
- fixed pagination issue on my events page on the front-end
Updates to Pro 2.1.4
- fixed authorize.net conflicts if SDK already loaded by another plugin
- added failed email message to offline bookings that go through
- improved fallback for javascript booking form failures (particularly paypal)
- added input class to text fields in booking form for coupons and gateways
- fixed manual booking link issues
- fixed authorize.net “invalid line 1” errors due to long ticket names
- fixed email regex settings not working (requires a resave of form settings)
- manual bookings accept partial payments
- fixed invalid coupons still allowing bookings to go through