Version Description
- 2021.04.16 =
- Fixed a security issue with the file copy/duplicate option
Download this release
Release Info
| Developer | codename065 |
| Plugin |  WordPress Download Manager |
| Version | 3.1.18 |
| Comparing to | |
| See all releases | |
Code changes from version 3.1.17 to 3.1.18
- admin/menus/class.Packages.php +2 -1
- download-manager.php +2 -2
- libs/class.Package.php +1 -0
- libs/class.Template.php +1 -1
- readme.txt +3 -0
admin/menus/class.Packages.php
CHANGED
|
@@ -205,7 +205,7 @@ class Packages
|
|
| 205 |
function rowActions($actions, $post)
|
| 206 |
{
|
| 207 |
if($post->post_type == 'wpdmpro') {
|
| 208 |
-
$actions['duplicate'] = '<a title="' . __( "Duplicate" , "download-manager" ) . '" href="' . admin_url("/?wpdm_duplicate={$post->ID}") . '" class="wpdm_duplicate w3eden">'.esc_attr__( 'Duplicate', 'download-manager' ).'</a>';
|
| 209 |
$actions['download_link'] = '<a title="' . __('Direct Download', 'download-manager') . '" href="' . \WPDM\Package::getMasterDownloadURL($post->ID) . '" class="view_stats"><i class="fa fa-download text-success"></i></a>';
|
| 210 |
}
|
| 211 |
|
|
@@ -308,6 +308,7 @@ class Packages
|
|
| 308 |
function duplicate()
|
| 309 |
{
|
| 310 |
if(wpdm_query_var('wpdm_duplicate', 'int') > 0 && get_post_type(wpdm_query_var('wpdm_duplicate')) === 'wpdmpro') {
|
|
|
|
| 311 |
Package::copy(wpdm_query_var('wpdm_duplicate', 'int'));
|
| 312 |
wp_redirect("edit.php?post_type=wpdmpro");
|
| 313 |
die();
|
| 205 |
function rowActions($actions, $post)
|
| 206 |
{
|
| 207 |
if($post->post_type == 'wpdmpro') {
|
| 208 |
+
$actions['duplicate'] = '<a title="' . __( "Duplicate" , "download-manager" ) . '" href="' . admin_url("/?wpdm_duplicate={$post->ID}&__copynonce=".wp_create_nonce(NONCE_KEY)) . '" class="wpdm_duplicate w3eden">'.esc_attr__( 'Duplicate', 'download-manager' ).'</a>';
|
| 209 |
$actions['download_link'] = '<a title="' . __('Direct Download', 'download-manager') . '" href="' . \WPDM\Package::getMasterDownloadURL($post->ID) . '" class="view_stats"><i class="fa fa-download text-success"></i></a>';
|
| 210 |
}
|
| 211 |
|
| 308 |
function duplicate()
|
| 309 |
{
|
| 310 |
if(wpdm_query_var('wpdm_duplicate', 'int') > 0 && get_post_type(wpdm_query_var('wpdm_duplicate')) === 'wpdmpro') {
|
| 311 |
+
if(!current_user_can('edit_posts') || !wp_verify_nonce(wpdm_query_var('__copynonce'), NONCE_KEY)) wp_die(esc_attr__( 'You are not authorized!', 'download-manager' ));
|
| 312 |
Package::copy(wpdm_query_var('wpdm_duplicate', 'int'));
|
| 313 |
wp_redirect("edit.php?post_type=wpdmpro");
|
| 314 |
die();
|
download-manager.php
CHANGED
|
@@ -4,7 +4,7 @@ Plugin Name: Download Manager
|
|
| 4 |
Plugin URI: https://www.wpdownloadmanager.com/pricing/
|
| 5 |
Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
|
| 6 |
Author: W3 Eden
|
| 7 |
-
Version: 3.1.
|
| 8 |
Author URI: https://www.wpdownloadmanager.com/
|
| 9 |
Text Domain: download-manager
|
| 10 |
Domain Path: /languages
|
|
@@ -108,7 +108,7 @@ class WordPressDownloadManager{
|
|
| 108 |
|
| 109 |
function __construct(){
|
| 110 |
|
| 111 |
-
define('WPDM_Version','3.1.
|
| 112 |
|
| 113 |
register_activation_hook(__FILE__, array($this, 'Install'));
|
| 114 |
|
| 4 |
Plugin URI: https://www.wpdownloadmanager.com/pricing/
|
| 5 |
Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
|
| 6 |
Author: W3 Eden
|
| 7 |
+
Version: 3.1.18
|
| 8 |
Author URI: https://www.wpdownloadmanager.com/
|
| 9 |
Text Domain: download-manager
|
| 10 |
Domain Path: /languages
|
| 108 |
|
| 109 |
function __construct(){
|
| 110 |
|
| 111 |
+
define('WPDM_Version','3.1.18');
|
| 112 |
|
| 113 |
register_activation_hook(__FILE__, array($this, 'Install'));
|
| 114 |
|
libs/class.Package.php
CHANGED
|
@@ -1401,3 +1401,4 @@ class Package {
|
|
| 1401 |
|
| 1402 |
|
| 1403 |
}
|
|
|
| 1401 |
|
| 1402 |
|
| 1403 |
}
|
| 1404 |
+
|
libs/class.Template.php
CHANGED
|
@@ -28,8 +28,8 @@ class Template
|
|
| 28 |
$template_dirs[] = $fallback ? rtrim($fallback, '/').'/' : rtrim(WPDM_TPL_FALLBACK, '/').'/';
|
| 29 |
|
| 30 |
$template_dirs = apply_filters("wpdm_template_path", $template_dirs);
|
| 31 |
-
|
| 32 |
foreach ($template_dirs as $template_dir){
|
|
|
|
| 33 |
if(file_exists($template_dir.$file))
|
| 34 |
return $template_dir.$file;
|
| 35 |
}
|
| 28 |
$template_dirs[] = $fallback ? rtrim($fallback, '/').'/' : rtrim(WPDM_TPL_FALLBACK, '/').'/';
|
| 29 |
|
| 30 |
$template_dirs = apply_filters("wpdm_template_path", $template_dirs);
|
|
|
|
| 31 |
foreach ($template_dirs as $template_dir){
|
| 32 |
+
//echo "<pre>{$template_dir}{$file}</pre>";
|
| 33 |
if(file_exists($template_dir.$file))
|
| 34 |
return $template_dir.$file;
|
| 35 |
}
|
readme.txt
CHANGED
|
@@ -181,6 +181,9 @@ Check download stats and get a push notification when someone downloads, install
|
|
| 181 |
|
| 182 |
== Changelog ==
|
| 183 |
|
|
|
|
|
|
|
|
|
|
| 184 |
= 3.1.17 - 2021.04.08 =
|
| 185 |
* Adjusted shortcode column, removed the popup trigger button and reinstated the preview text field showing the shortcode
|
| 186 |
|
| 181 |
|
| 182 |
== Changelog ==
|
| 183 |
|
| 184 |
+
= 3.1.18 - 2021.04.16 =
|
| 185 |
+
* Fixed a security issue with the file copy/duplicate option
|
| 186 |
+
|
| 187 |
= 3.1.17 - 2021.04.08 =
|
| 188 |
* Adjusted shortcode column, removed the popup trigger button and reinstated the preview text field showing the shortcode
|
| 189 |
|
