WordPress Download Manager

Version Description

2021.06.07 =
Fixed file upload issue with the asset manager
Fixed an issue with the password lock option

Release Info

Developer	codename065
Plugin	WordPress Download Manager
Version	3.1.28
Comparing to
See all releases

Code changes from version 3.1.27 to 3.1.28

Files changed (12) hide show

admin/tpls/addons-list.php +1 -4
download-manager.php +6 -2
libs/class.Apply.php +3 -1
libs/class.AssetManager.php +2 -1
libs/class.FileSystem.php +1 -0
libs/class.Form.php +30 -0
libs/class.Package.php +2 -0
libs/class.Query.php +2 -1
libs/class.Session.php +7 -3
readme.txt +4 -0
wpdm-core.php +1 -1
wpdm-functions.php +1 -30

admin/tpls/addons-list.php CHANGED Viewed

	@@ -220,7 +220,7 @@
220	<div class="wrap w3eden">
221
222	<?php if(is_array($cats)){ ?>
223	- <div class="container~~-fluid~~">
224	<div class="row" id="addonlist" style="margin-top: -15px">
225	<div class="col-md-12"><div class="panel panel-default" style="margin-top: 30px">
226	<div class="panel-heading"><h3 style="font-size: 13pt;font-weight: 600;letter-spacing: 1px;line-height: 30px"><i class="fa fa-plug color-purple"></i>  <?php _e('WPDM Add-Ons','download-manager'); ?></h3></div>
	@@ -251,9 +251,6 @@
251	<div class="addonlist panel panel-default">
252	<div class="panel-body" style="height: 90px">
253	<div class="media">
254	- <div class="pull-left">
255	- <img style="width: 64px" src="<?php echo $package->thumbnail; ?>" alt="Thumb"/>
256	- </div>
257	<div class="media-body">
258	<b><a target="_blank" title="<?php echo $package->post_title; ?>" class="ttip"
259	href="<?php echo $package->link; ?>"><?php echo $package->post_title; ?></a></b><br/>


220	<div class="wrap w3eden">
221
222	<?php if(is_array($cats)){ ?>
223	+ <div class="container">
224	<div class="row" id="addonlist" style="margin-top: -15px">
225	<div class="col-md-12"><div class="panel panel-default" style="margin-top: 30px">
226	<div class="panel-heading"><h3 style="font-size: 13pt;font-weight: 600;letter-spacing: 1px;line-height: 30px"><i class="fa fa-plug color-purple"></i>  <?php _e('WPDM Add-Ons','download-manager'); ?></h3></div>

251	<div class="addonlist panel panel-default">
252	<div class="panel-body" style="height: 90px">
253	<div class="media">



254	<div class="media-body">
255	<b><a target="_blank" title="<?php echo $package->post_title; ?>" class="ttip"
256	href="<?php echo $package->link; ?>"><?php echo $package->post_title; ?></a></b><br/>

download-manager.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: Download Manager
4	Plugin URI: https://www.wpdownloadmanager.com/pricing/
5	Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
6	Author: W3 Eden
7	- Version: 3.1.27
8	Author URI: https://www.wpdownloadmanager.com/
9	Text Domain: download-manager
10	Domain Path: /languages
	@@ -108,7 +108,7 @@ class WordPressDownloadManager{
108
109	function __construct(){
110
111	- define('WPDM_Version','3.1.27');
112
113	register_activation_hook(__FILE__, array($this, 'Install'));
114
	@@ -128,6 +128,8 @@ class WordPressDownloadManager{
128	include(dirname(__FILE__)."/wpdm-core.php");
129	include(dirname(__FILE__)."/libs/class.AssetManager.php");
130


131	$this->userDashboard = new UserDashboard();
132	$this->userProfile = new UserProfile();
133	$this->user = new User();
	@@ -473,3 +475,5 @@ class WordPressDownloadManager{
473	}
474
475	$WPDM = WordPressDownloadManager::instance();


4	Plugin URI: https://www.wpdownloadmanager.com/pricing/
5	Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
6	Author: W3 Eden
7	+ Version: 3.1.28
8	Author URI: https://www.wpdownloadmanager.com/
9	Text Domain: download-manager
10	Domain Path: /languages

108
109	function __construct(){
110
111	+ define('WPDM_Version','3.1.28');
112
113	register_activation_hook(__FILE__, array($this, 'Install'));
114

128	include(dirname(__FILE__)."/wpdm-core.php");
129	include(dirname(__FILE__)."/libs/class.AssetManager.php");
130
131	+ new Session();
132	+
133	$this->userDashboard = new UserDashboard();
134	$this->userProfile = new UserProfile();
135	$this->user = new User();

475	}
476
477	$WPDM = WordPressDownloadManager::instance();
478	+
479	+

libs/class.Apply.php CHANGED Viewed

	@@ -789,7 +789,8 @@ class Apply {
789	* @usage Add generator tag
790	*/
791	function addGenerator(){
792	- ~~echo '<meta name=~~"~~generator~~" ~~content="WordPress Download Manager '.WPDM_Version.'" />'."\r\n";~~

793	}
794
795	function oEmbed($content){
	@@ -974,3 +975,4 @@ class Apply {
974
975
976	}


789	* @usage Add generator tag
790	*/
791	function addGenerator(){
792	+ if(apply_filters("wpdm_generator_meta", true))
793	+ echo '<meta name="generator" content="WordPress Download Manager '.WPDM_Version.'" />'."\r\n";
794	}
795
796	function oEmbed($content){

975
976
977	}
978	+

libs/class.AssetManager.php CHANGED Viewed

	@@ -243,6 +243,7 @@ class AssetManager
243	$path = AssetManager::root($relpath);
244	if (!$path) wp_send_json(array('success' => false, 'message' => __("Error! Unauthorized Path.", "download-manager")));
245	$items = scandir($path, SCANDIR_SORT_ASCENDING);

246	$items = array_diff($items, array('.', '..'));
247	$_items = array();
248	$_dirs = array();
	@@ -616,7 +617,7 @@ class AssetManager
616
617	function upload($file)
618	{
619	- if (isset($_REQUEST['__wpdmfm_upload']) && wp_verify_nonce($_REQUEST['__wpdmfm_upload'], ~~WPDMAM_NONCE_KEY~~)) {
620	$working_dir = Session::get('working_dir');
621	$root = AssetManager::root();
622	if (!strstr($working_dir, $root)) wp_send_json(array('success' => false));


243	$path = AssetManager::root($relpath);
244	if (!$path) wp_send_json(array('success' => false, 'message' => __("Error! Unauthorized Path.", "download-manager")));
245	$items = scandir($path, SCANDIR_SORT_ASCENDING);
246	+ if(!is_array($items)) $items = [];
247	$items = array_diff($items, array('.', '..'));
248	$_items = array();
249	$_dirs = array();

617
618	function upload($file)
619	{
620	+ if (isset($_REQUEST['__wpdmfm_upload']) && wp_verify_nonce($_REQUEST['__wpdmfm_upload'], NONCE_KEY)) {
621	$working_dir = Session::get('working_dir');
622	$root = AssetManager::root();
623	if (!strstr($working_dir, $root)) wp_send_json(array('success' => false));

libs/class.FileSystem.php CHANGED Viewed

	@@ -708,6 +708,7 @@ class FileSystem
708	/**
709	* Check for blocked file types
710	* @param $filename

711	* @return bool
712	*/
713	function isBlocked($filename, $abspath = '')


708	/**
709	* Check for blocked file types
710	* @param $filename
711	+ * @param string $abspath
712	* @return bool
713	*/
714	function isBlocked($filename, $abspath = '')

libs/class.Form.php CHANGED Viewed

@@ -144,6 +144,36 @@ class Form
                     return "<select $_attrs>\r\n{$_options}\r\n</select>";
+                }
                 function reCaptcha($attrs){
                     ob_start();
                     ?>


144	return "<select $_attrs>\r\n{$_options}\r\n</select>";
145	}
146
147	+ function checkbox($attrs){
148	+ $_attrs = "";
149	+ if(isset($attrs['class'])) unset($attrs['class']);
150	+ $options = $attrs['options'];
151	+ unset($attrs['options']);
152	+ foreach ($attrs as $key => $value){
153	+ $_attrs .= "{$key}='{$value}' ";
154	+ }
155	+ $_options = "";
156	+ foreach ($options as $value => $label){
157	+ $_options .= "<div><label class='d-block option-label'><input type='checkbox' $_attrs value='{$value}'> {$label}</label></div>\r\n";
158	+ }
159	+ return $_options;
160	+ }
161	+
162	+ function radio($attrs){
163	+ $_attrs = "";
164	+ if(isset($attrs['class'])) unset($attrs['class']);
165	+ $options = $attrs['options'];
166	+ unset($attrs['options']);
167	+ foreach ($attrs as $key => $value){
168	+ $_attrs .= "{$key}='{$value}' ";
169	+ }
170	+ $_options = "";
171	+ foreach ($options as $value => $label){
172	+ $_options .= "<div><label class='d-block option-label'><input type='radio' $_attrs value='{$value}'> {$label}</label></div>\r\n";
173	+ }
174	+ return $_options;
175	+ }
176	+
177	function reCaptcha($attrs){
178	ob_start();
179	?>

libs/class.Package.php CHANGED Viewed

	@@ -44,7 +44,9 @@ class Package {
44
45	$post_vars['title'] = stripcslashes($post_vars['post_title']);
46	$post_vars['description'] = stripcslashes($post_vars['post_content']);

47	$post_vars['description'] = wpautop(stripslashes($post_vars['description']));

48	$post_vars['excerpt'] = stripcslashes(strip_tags($post_vars['post_excerpt']));
49	$author = get_user_by('id', $post_vars['post_author']);
50	if(is_object($author)) $post_vars['author_name'] = $author->display_name;


44
45	$post_vars['title'] = stripcslashes($post_vars['post_title']);
46	$post_vars['description'] = stripcslashes($post_vars['post_content']);
47	+ $post_vars['description'] = str_replace("[wpdm", "[__wpdm", $post_vars['description']);
48	$post_vars['description'] = wpautop(stripslashes($post_vars['description']));
49	+ $post_vars['description'] = do_shortcode($post_vars['description']);
50	$post_vars['excerpt'] = stripcslashes(strip_tags($post_vars['post_excerpt']));
51	$author = get_user_by('id', $post_vars['post_author']);
52	if(is_object($author)) $post_vars['author_name'] = $author->display_name;

libs/class.Query.php CHANGED Viewed

	@@ -292,7 +292,8 @@ class Query
292	*/
293	function process()
294	{
295	- if(count($this->params['tax_query']) <= 1 && isset($this->params['tax_query']['relation'])) ~~unset(~~$this->params['tax_query']['relation']);

296	$this->params = apply_filters('wpdm_packages_query_params', $this->params);
297	$this->params['post_type'] = $this->post_type;
298	//wpdmdd($this->params);


292	*/
293	function process()
294	{
295	+ if(count($this->params['tax_query']) <= 2 && !isset($this->params['tax_query']['relation'])) $this->params['tax_query']['relation'] = 'OR';
296	+ //echo "<pre>".print_r($this->params, 1)."</pre>";
297	$this->params = apply_filters('wpdm_packages_query_params', $this->params);
298	$this->params['post_type'] = $this->post_type;
299	//wpdmdd($this->params);

libs/class.Session.php CHANGED Viewed

	@@ -19,7 +19,13 @@ class Session
19	function __construct()
20	{
21
22	- ~~$deviceID = md5~~(~~wpdm_get_client_ip~~(~~).$_SERVER~~['~~HTTP_USER_AGENT~~']);






23
24	if(file_exists(WPDM_CACHE_DIR."session-{$deviceID}.txt")) {
25	$data = file_get_contents(WPDM_CACHE_DIR . "session-{$deviceID}.txt");
	@@ -84,5 +90,3 @@ class Session
84
85	}
86
87	- new Session();
88	-


19	function __construct()
20	{
21
22	+ if(isset($_COOKIE['__wpdm_client']))
23	+ $deviceID = $_COOKIE['__wpdm_client'];
24	+ else {
25	+ $agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
26	+ $deviceID = md5(wpdm_get_client_ip() . $agent);
27	+ setcookie('__wpdm_client', $deviceID);
28	+ }
29
30	if(file_exists(WPDM_CACHE_DIR."session-{$deviceID}.txt")) {
31	$data = file_get_contents(WPDM_CACHE_DIR . "session-{$deviceID}.txt");

90
91	}
92

readme.txt CHANGED Viewed

	@@ -181,6 +181,10 @@ Check download stats and get a push notification when someone downloads, install
181
182	== Changelog ==
183




184	= 3.1.27 - 2021.05.07 =
185	* Fixed an issue with file type validation in file download function
186


181
182	== Changelog ==
183
184	+ = 3.1.28 - 2021.06.07 =
185	+ * Fixed file upload issue with the asset manager
186	+ * Fixed an issue with the password lock option
187	+
188	= 3.1.27 - 2021.05.07 =
189	* Fixed an issue with file type validation in file download function
190

wpdm-core.php CHANGED Viewed

	@@ -322,7 +322,7 @@ function wpdm_access_token(){
322	function wpdm_get_allowed_file_types()
323	{
324	$allowed_file_types = get_option("__wpdm_allowed_file_types", '');
325	- if($allowed_file_types === '' ~~\|\| $allowed_file_types === '*'~~) {
326	$wp_allowed_file_types = get_allowed_mime_types();
327	$wp_allowed_file_exts = array_keys($wp_allowed_file_types);
328	$wp_allowed_file_exts = implode(",", $wp_allowed_file_exts);


322	function wpdm_get_allowed_file_types()
323	{
324	$allowed_file_types = get_option("__wpdm_allowed_file_types", '');
325	+ if($allowed_file_types === '') {
326	$wp_allowed_file_types = get_allowed_mime_types();
327	$wp_allowed_file_exts = array_keys($wp_allowed_file_types);
328	$wp_allowed_file_exts = implode(",", $wp_allowed_file_exts);

wpdm-functions.php CHANGED Viewed

@@ -276,36 +276,6 @@ function wpdm_getlink()
                     die();
+                }
-            -
                if (isset($_POST['force']) && $_POST['force'] != '') {
-            -
                    $vr = explode('|', base64_decode($_POST['force']));
-            -
                    if ($vr[0] == 'unlocked') {
-            -
                        $social = array('f' => 'wpdm_fb_likes', 'g' => 'wpdm_gplus1s', 't' => 'wpdm_tweets', 'l' => 'wpdm_lishare');
-            -
                        if ($_POST['social'] && isset($social[$_POST['social']]))
-            -
                            update_option($social[$_POST['social']], (int)get_option($social[$_POST['social']]) + 1);
-            -
-            -
                        $data['downloadurl'] = \WPDM\Package::expirableDownloadLink($file['ID'], 3, 10800);
-            -
                        $adata = apply_filters("wpdmgetlink", $data, $file);
-            -
                        $data = is_array($adata) ? $adata : $data;
-            -
-            -
                        if (!wpdm_is_ajax()) {
-            -
-            -
                            @setcookie("wpdm_getlink_data_" . $key, json_encode($data));
-            -
-            -
                            if (isset($data['downloadurl']) && $data['downloadurl'] != '') {
-            -
                                header("location: " . $data['downloadurl']);
-            -
                                die();
-            -
                            }
-            -
-            -
                            header("location: " . $_SERVER['HTTP_REFERER'] . "#nojs_popup|ckid:" . $key);
-            -
                            die();
-            -
                        }
-            -
-            -
                        header("Content-type: application/json");
-            -
                        die(json_encode($data));
-            -
                    }
-            -
-            -
                }
-            -
                 $decoded_pass = htmlspecialchars_decode($file['password']);
                 if ($plock === 1 && $password !== $file['password'] && $password !== $decoded_pass && !strpos("__" . $file['password'], "[$password]") && !strpos("__" . $decoded_pass, "[$password]")) {
                     $data['error'] = '<span style="font-size: 8pt"><i class="fas fa-sync"></i> ' . __('Wrong Password! Try Again.', 'download-manager') . "</span>";
@@ -746,6 +716,7 @@ function wpdm_embed_category($params = array('id' => '', 'operator' => 'IN', 'it
                 $params['orderby'] = $order_field;
                 $params['order'] = $order;
                 $params = apply_filters("wpdm_embed_category_query_params", $params);
                 $packs = new WP_Query($params);
                 $total = $packs->found_posts;

                     die();
+                }
                 $decoded_pass = htmlspecialchars_decode($file['password']);
                 if ($plock === 1 && $password !== $file['password'] && $password !== $decoded_pass && !strpos("__" . $file['password'], "[$password]") && !strpos("__" . $decoded_pass, "[$password]")) {
                     $data['error'] = '<span style="font-size: 8pt"><i class="fas fa-sync"></i> ' . __('Wrong Password! Try Again.', 'download-manager') . "</span>";
                 $params['orderby'] = $order_field;
                 $params['order'] = $order;
                 $params = apply_filters("wpdm_embed_category_query_params", $params);
+            +
                 $packs = new WP_Query($params);
                 $total = $packs->found_posts;

WordPress Download Manager - Version 3.1.28

Version Description

Release Info

Code changes from version 3.1.27 to 3.1.28