Version Description
- 2021.05.07 =
- Fixed an issue with file type validation in file download function
Download this release
Release Info
| Developer | codename065 |
| Plugin |  WordPress Download Manager |
| Version | 3.1.27 |
| Comparing to | |
| See all releases | |
Code changes from version 3.1.26 to 3.1.27
- download-manager.php +2 -2
- libs/class.FileSystem.php +12 -5
- readme.txt +3 -0
download-manager.php
CHANGED
|
@@ -4,7 +4,7 @@ Plugin Name: Download Manager
|
|
| 4 |
Plugin URI: https://www.wpdownloadmanager.com/pricing/
|
| 5 |
Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
|
| 6 |
Author: W3 Eden
|
| 7 |
-
Version: 3.1.
|
| 8 |
Author URI: https://www.wpdownloadmanager.com/
|
| 9 |
Text Domain: download-manager
|
| 10 |
Domain Path: /languages
|
|
@@ -108,7 +108,7 @@ class WordPressDownloadManager{
|
|
| 108 |
|
| 109 |
function __construct(){
|
| 110 |
|
| 111 |
-
define('WPDM_Version','3.1.
|
| 112 |
|
| 113 |
register_activation_hook(__FILE__, array($this, 'Install'));
|
| 114 |
|
| 4 |
Plugin URI: https://www.wpdownloadmanager.com/pricing/
|
| 5 |
Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
|
| 6 |
Author: W3 Eden
|
| 7 |
+
Version: 3.1.27
|
| 8 |
Author URI: https://www.wpdownloadmanager.com/
|
| 9 |
Text Domain: download-manager
|
| 10 |
Domain Path: /languages
|
| 108 |
|
| 109 |
function __construct(){
|
| 110 |
|
| 111 |
+
define('WPDM_Version','3.1.27');
|
| 112 |
|
| 113 |
register_activation_hook(__FILE__, array($this, 'Install'));
|
| 114 |
|
libs/class.FileSystem.php
CHANGED
|
@@ -55,7 +55,7 @@ class FileSystem
|
|
| 55 |
die();
|
| 56 |
}
|
| 57 |
|
| 58 |
-
if (WPDM()->fileSystem->isBlocked($filename
|
| 59 |
|
| 60 |
$content_type = function_exists('mime_content_type') ? mime_content_type($filepath) : self::mime_type($filepath);
|
| 61 |
|
|
@@ -715,13 +715,20 @@ class FileSystem
|
|
| 715 |
$types = wpdm_get_allowed_file_types();
|
| 716 |
|
| 717 |
if(in_array('*', $types)) return false;
|
| 718 |
-
|
| 719 |
if($abspath && file_exists($abspath)) {
|
| 720 |
-
$
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 721 |
$ext = wpdm_valueof($fileinfo,'ext');
|
| 722 |
-
} else {
|
| 723 |
-
$ext = self::fileExt($filename);
|
| 724 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
| 725 |
return !in_array($ext, $types);
|
| 726 |
}
|
| 727 |
|
| 55 |
die();
|
| 56 |
}
|
| 57 |
|
| 58 |
+
if (WPDM()->fileSystem->isBlocked($filename)) \WPDM_Messages::error("Invalid File Type ({$filename})!", 1);
|
| 59 |
|
| 60 |
$content_type = function_exists('mime_content_type') ? mime_content_type($filepath) : self::mime_type($filepath);
|
| 61 |
|
| 715 |
$types = wpdm_get_allowed_file_types();
|
| 716 |
|
| 717 |
if(in_array('*', $types)) return false;
|
| 718 |
+
$ext = null;
|
| 719 |
if($abspath && file_exists($abspath)) {
|
| 720 |
+
$mimes = wp_get_mime_types();
|
| 721 |
+
foreach ($types as $type){
|
| 722 |
+
if(!isset($mimes[$type]))
|
| 723 |
+
$mimes[$type] = 'application/'.$type;
|
| 724 |
+
}
|
| 725 |
+
$fileinfo = wp_check_filetype_and_ext($abspath, $filename, $mimes);
|
| 726 |
$ext = wpdm_valueof($fileinfo,'ext');
|
|
|
|
|
|
|
| 727 |
}
|
| 728 |
+
|
| 729 |
+
if(!$ext)
|
| 730 |
+
$ext = self::fileExt($filename);
|
| 731 |
+
|
| 732 |
return !in_array($ext, $types);
|
| 733 |
}
|
| 734 |
|
readme.txt
CHANGED
|
@@ -181,6 +181,9 @@ Check download stats and get a push notification when someone downloads, install
|
|
| 181 |
|
| 182 |
== Changelog ==
|
| 183 |
|
|
|
|
|
|
|
|
|
|
| 184 |
= 3.1.26 - 2021.05.07 =
|
| 185 |
* Improved file type validation function
|
| 186 |
|
| 181 |
|
| 182 |
== Changelog ==
|
| 183 |
|
| 184 |
+
= 3.1.27 - 2021.05.07 =
|
| 185 |
+
* Fixed an issue with file type validation in file download function
|
| 186 |
+
|
| 187 |
= 3.1.26 - 2021.05.07 =
|
| 188 |
* Improved file type validation function
|
| 189 |
|
