Version Description
- 2022.06.23 =
- Internal codebase update
Download this release
Release Info
| Developer | codename065 |
| Plugin |  WordPress Download Manager |
| Version | 3.2.45 |
| Comparing to | |
| See all releases | |
Code changes from version 3.2.44 to 3.2.45
- download-manager.php +1 -1
- readme.txt +4 -1
- src/Package/PackageController.php +11 -12
- src/User/Login.php +6 -6
- src/User/views/modal-login-form.php +1 -1
- src/__/Apply.php +2 -2
download-manager.php
CHANGED
|
@@ -5,7 +5,7 @@ Plugin URI: https://www.wpdownloadmanager.com/purchases/
|
|
| 5 |
Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
|
| 6 |
Author: W3 Eden, Inc.
|
| 7 |
Author URI: https://www.wpdownloadmanager.com/
|
| 8 |
-
Version: 3.2.
|
| 9 |
Text Domain: download-manager
|
| 10 |
Domain Path: /languages
|
| 11 |
*/
|
| 5 |
Description: Manage, Protect and Track file downloads, and sell digital products from your WordPress site. A complete digital asset management solution.
|
| 6 |
Author: W3 Eden, Inc.
|
| 7 |
Author URI: https://www.wpdownloadmanager.com/
|
| 8 |
+
Version: 3.2.45
|
| 9 |
Text Domain: download-manager
|
| 10 |
Domain Path: /languages
|
| 11 |
*/
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Tags: download manager, document management, file manager, digital store, ecomme
|
|
| 5 |
Requires at least: 5.3
|
| 6 |
Tested up to: 6.0
|
| 7 |
License: GPLv2 or later
|
| 8 |
-
Stable tag: 3.2.
|
| 9 |
|
| 10 |
|
| 11 |
This File Management & Digital Store plugin will help you to control file downloads & sell digital products from your WP site.
|
|
@@ -181,6 +181,9 @@ Check download stats and get a push notification when someone downloads, install
|
|
| 181 |
|
| 182 |
== Changelog ==
|
| 183 |
|
|
|
|
|
|
|
|
|
|
| 184 |
= 3.2.44 - 2022.06.23 =
|
| 185 |
* Improved email template options
|
| 186 |
* Internal codebase improvements
|
| 5 |
Requires at least: 5.3
|
| 6 |
Tested up to: 6.0
|
| 7 |
License: GPLv2 or later
|
| 8 |
+
Stable tag: 3.2.45
|
| 9 |
|
| 10 |
|
| 11 |
This File Management & Digital Store plugin will help you to control file downloads & sell digital products from your WP site.
|
| 181 |
|
| 182 |
== Changelog ==
|
| 183 |
|
| 184 |
+
= 3.2.45 - 2022.06.23 =
|
| 185 |
+
* Internal codebase update
|
| 186 |
+
|
| 187 |
= 3.2.44 - 2022.06.23 =
|
| 188 |
* Improved email template options
|
| 189 |
* Internal codebase improvements
|
src/Package/PackageController.php
CHANGED
|
@@ -298,14 +298,14 @@ class PackageController extends PackageTemplate {
|
|
| 298 |
else if ( ! is_user_logged_in() && ! self::userCanAccess( $post_vars['ID'] ) ) {
|
| 299 |
$packurl = get_permalink( $post_vars['ID'] );
|
| 300 |
$loginform = WPDM()->user->login->form( array( 'redirect' => $packurl ) );
|
| 301 |
-
$post_vars['download_url'] = WPDM()->user->login->url( $_SERVER
|
| 302 |
$post_vars['download_link'] =
|
| 303 |
$post_vars['download_link_extended'] =
|
| 304 |
$post_vars['download_link_popup'] = stripcslashes( str_replace( array(
|
| 305 |
"[loginform]",
|
| 306 |
"[this_url]",
|
| 307 |
"[package_url]"
|
| 308 |
-
), array( $loginform, $_SERVER
|
| 309 |
$post_vars['download_link'] =
|
| 310 |
$post_vars['download_link_extended'] =
|
| 311 |
$post_vars['download_link_popup'] = get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : $post_vars['download_link'];
|
|
@@ -786,7 +786,6 @@ class PackageController extends PackageTemplate {
|
|
| 786 |
return;
|
| 787 |
}
|
| 788 |
$audios = array();
|
| 789 |
-
$nonce = wp_create_nonce( $_SERVER['REQUEST_URI'] );
|
| 790 |
$audio = $audx = null;
|
| 791 |
foreach ( $package['files'] as $index => $file ) {
|
| 792 |
$realpath = file_exists( $file ) ? $file : UPLOAD_DIR . $file;
|
|
@@ -1046,13 +1045,13 @@ class PackageController extends PackageTemplate {
|
|
| 1046 |
if ( get_option( '_wpdm_hide_all', 0 ) == 1 ) {
|
| 1047 |
return 'loginform';
|
| 1048 |
}
|
| 1049 |
-
$package['download_url'] = $vars['download_link_extended'] = $vars['download_link_popup'] = home_url( '/wp-login.php?redirect_to=' . urlencode( $_SERVER
|
| 1050 |
$loginmsg = Messages::login_required( $package['ID'] );
|
| 1051 |
$package['download_link'] = stripcslashes( str_replace( array(
|
| 1052 |
"[loginform]",
|
| 1053 |
"[this_url]",
|
| 1054 |
"[package_url]"
|
| 1055 |
-
), array( $loginform, $_SERVER
|
| 1056 |
|
| 1057 |
return get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : $package['download_link'];
|
| 1058 |
|
|
@@ -1346,25 +1345,25 @@ class PackageController extends PackageTemplate {
|
|
| 1346 |
//Login is required to download
|
| 1347 |
if ( ! @in_array( 'guest', $access ) && ! is_user_logged_in() ) {
|
| 1348 |
|
| 1349 |
-
$loginform = WPDM()->user->login->form( array( 'redirect' => $_SERVER
|
| 1350 |
if ( get_option( '_wpdm_hide_all', 0 ) == 1 ) {
|
| 1351 |
$hide_all_message = get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : stripcslashes( str_replace( array(
|
| 1352 |
"[loginform]",
|
| 1353 |
"[this_url]",
|
| 1354 |
"[package_url]"
|
| 1355 |
-
), array( $loginform, $_SERVER
|
| 1356 |
if ( $template_type == 'link' ) {
|
| 1357 |
-
return "<a href='" . wpdm_login_url( $_SERVER
|
| 1358 |
} else {
|
| 1359 |
return $hide_all_message;
|
| 1360 |
}
|
| 1361 |
}
|
| 1362 |
-
$download_url = wpdm_login_url( $_SERVER
|
| 1363 |
$download_link = $download_link_extended = $download_link_popup = stripcslashes( str_replace( array(
|
| 1364 |
"[loginform]",
|
| 1365 |
"[this_url]",
|
| 1366 |
"[package_url]"
|
| 1367 |
-
), array( $loginform, $_SERVER
|
| 1368 |
|
| 1369 |
return get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : $download_link;
|
| 1370 |
|
|
@@ -1578,7 +1577,7 @@ class PackageController extends PackageTemplate {
|
|
| 1578 |
"[loginform]",
|
| 1579 |
"[this_url]",
|
| 1580 |
"[package_url]"
|
| 1581 |
-
), array( $loginform, $_SERVER
|
| 1582 |
if ( get_option( '_wpdm_hide_all', 0 ) == 1 ) {
|
| 1583 |
return $type == 'page' ? $hide_all_message : '';
|
| 1584 |
}
|
|
@@ -1838,7 +1837,7 @@ class PackageController extends PackageTemplate {
|
|
| 1838 |
"[loginform]",
|
| 1839 |
"[this_url]",
|
| 1840 |
"[package_url]"
|
| 1841 |
-
), array( $loginform, $_SERVER
|
| 1842 |
|
| 1843 |
if ( $vars['download_link'] == 'blocked' && $type == 'link' ) {
|
| 1844 |
return "";
|
| 298 |
else if ( ! is_user_logged_in() && ! self::userCanAccess( $post_vars['ID'] ) ) {
|
| 299 |
$packurl = get_permalink( $post_vars['ID'] );
|
| 300 |
$loginform = WPDM()->user->login->form( array( 'redirect' => $packurl ) );
|
| 301 |
+
$post_vars['download_url'] = WPDM()->user->login->url( __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']) );
|
| 302 |
$post_vars['download_link'] =
|
| 303 |
$post_vars['download_link_extended'] =
|
| 304 |
$post_vars['download_link_popup'] = stripcslashes( str_replace( array(
|
| 305 |
"[loginform]",
|
| 306 |
"[this_url]",
|
| 307 |
"[package_url]"
|
| 308 |
+
), array( $loginform, __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']), $packurl ), $loginmsg ) );
|
| 309 |
$post_vars['download_link'] =
|
| 310 |
$post_vars['download_link_extended'] =
|
| 311 |
$post_vars['download_link_popup'] = get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : $post_vars['download_link'];
|
| 786 |
return;
|
| 787 |
}
|
| 788 |
$audios = array();
|
|
|
|
| 789 |
$audio = $audx = null;
|
| 790 |
foreach ( $package['files'] as $index => $file ) {
|
| 791 |
$realpath = file_exists( $file ) ? $file : UPLOAD_DIR . $file;
|
| 1045 |
if ( get_option( '_wpdm_hide_all', 0 ) == 1 ) {
|
| 1046 |
return 'loginform';
|
| 1047 |
}
|
| 1048 |
+
$package['download_url'] = $vars['download_link_extended'] = $vars['download_link_popup'] = home_url( '/wp-login.php?redirect_to=' . urlencode( __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']) ) );
|
| 1049 |
$loginmsg = Messages::login_required( $package['ID'] );
|
| 1050 |
$package['download_link'] = stripcslashes( str_replace( array(
|
| 1051 |
"[loginform]",
|
| 1052 |
"[this_url]",
|
| 1053 |
"[package_url]"
|
| 1054 |
+
), array( $loginform, __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']), get_permalink( $package['ID'] ) ), $loginmsg ) );
|
| 1055 |
|
| 1056 |
return get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : $package['download_link'];
|
| 1057 |
|
| 1345 |
//Login is required to download
|
| 1346 |
if ( ! @in_array( 'guest', $access ) && ! is_user_logged_in() ) {
|
| 1347 |
|
| 1348 |
+
$loginform = WPDM()->user->login->form( array( 'redirect' => __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']) ) );
|
| 1349 |
if ( get_option( '_wpdm_hide_all', 0 ) == 1 ) {
|
| 1350 |
$hide_all_message = get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : stripcslashes( str_replace( array(
|
| 1351 |
"[loginform]",
|
| 1352 |
"[this_url]",
|
| 1353 |
"[package_url]"
|
| 1354 |
+
), array( $loginform, __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']), get_permalink( $ID ) ), $loginmsg ) );
|
| 1355 |
if ( $template_type == 'link' ) {
|
| 1356 |
+
return "<a href='" . wpdm_login_url( __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']) ) . "' class='btn btn-danger'>" . __( "Login", "download-manager" ) . "</a>";
|
| 1357 |
} else {
|
| 1358 |
return $hide_all_message;
|
| 1359 |
}
|
| 1360 |
}
|
| 1361 |
+
$download_url = wpdm_login_url( __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']) );
|
| 1362 |
$download_link = $download_link_extended = $download_link_popup = stripcslashes( str_replace( array(
|
| 1363 |
"[loginform]",
|
| 1364 |
"[this_url]",
|
| 1365 |
"[package_url]"
|
| 1366 |
+
), array( $loginform, __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']), get_permalink( $ID ) ), $loginmsg ) );
|
| 1367 |
|
| 1368 |
return get_option( '__wpdm_login_form', 0 ) == 1 ? $loginform : $download_link;
|
| 1369 |
|
| 1577 |
"[loginform]",
|
| 1578 |
"[this_url]",
|
| 1579 |
"[package_url]"
|
| 1580 |
+
), array( $loginform, __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']), get_permalink( $vars['ID'] ) ), $loginmsg ) );
|
| 1581 |
if ( get_option( '_wpdm_hide_all', 0 ) == 1 ) {
|
| 1582 |
return $type == 'page' ? $hide_all_message : '';
|
| 1583 |
}
|
| 1837 |
"[loginform]",
|
| 1838 |
"[this_url]",
|
| 1839 |
"[package_url]"
|
| 1840 |
+
), array( $loginform, __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']), get_permalink( $vars['ID'] ) ), $loginmsg ) );
|
| 1841 |
|
| 1842 |
if ( $vars['download_link'] == 'blocked' && $type == 'link' ) {
|
| 1843 |
return "";
|
src/User/Login.php
CHANGED
|
@@ -94,12 +94,12 @@ class Login
|
|
| 94 |
if ($regurl > 0)
|
| 95 |
$regurl = get_permalink($regurl);
|
| 96 |
}
|
| 97 |
-
$log_redirect = $_SERVER
|
| 98 |
if (isset($params['redirect'])) $log_redirect = esc_url_raw($params['redirect']);
|
| 99 |
if (isset($_GET['redirect_to'])) $log_redirect = esc_url_raw($_GET['redirect_to']);
|
| 100 |
|
| 101 |
$up = parse_url($log_redirect);
|
| 102 |
-
if (isset($up['host']) && $up['host'] != $_SERVER['SERVER_NAME']) $log_redirect = $_SERVER
|
| 103 |
|
| 104 |
$log_redirect = strip_tags($log_redirect);
|
| 105 |
|
|
@@ -322,12 +322,12 @@ class Login
|
|
| 322 |
if ($regurl > 0)
|
| 323 |
$regurl = get_permalink($regurl);
|
| 324 |
}
|
| 325 |
-
$log_redirect = $_SERVER
|
| 326 |
if (isset($params['redirect'])) $log_redirect = esc_url_raw($params['redirect']);
|
| 327 |
if (isset($_GET['redirect_to'])) $log_redirect = esc_url_raw($_GET['redirect_to']);
|
| 328 |
|
| 329 |
$up = parse_url($log_redirect);
|
| 330 |
-
if (isset($up['host']) && $up['host'] != $_SERVER['SERVER_NAME']) $log_redirect = $_SERVER
|
| 331 |
|
| 332 |
$log_redirect = strip_tags($log_redirect);
|
| 333 |
|
|
@@ -396,12 +396,12 @@ class Login
|
|
| 396 |
if ($regurl > 0)
|
| 397 |
$regurl = get_permalink($regurl);
|
| 398 |
}
|
| 399 |
-
$log_redirect = $_SERVER
|
| 400 |
if (isset($params['redirect'])) $log_redirect = esc_url_raw($params['redirect']);
|
| 401 |
if (isset($_GET['redirect_to'])) $log_redirect = esc_url_raw($_GET['redirect_to']);
|
| 402 |
|
| 403 |
$up = parse_url($log_redirect);
|
| 404 |
-
if (isset($up['host']) && $up['host'] != $_SERVER['SERVER_NAME']) $log_redirect = $_SERVER
|
| 405 |
|
| 406 |
$log_redirect = strip_tags($log_redirect);
|
| 407 |
|
| 94 |
if ($regurl > 0)
|
| 95 |
$regurl = get_permalink($regurl);
|
| 96 |
}
|
| 97 |
+
$log_redirect = __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']);
|
| 98 |
if (isset($params['redirect'])) $log_redirect = esc_url_raw($params['redirect']);
|
| 99 |
if (isset($_GET['redirect_to'])) $log_redirect = esc_url_raw($_GET['redirect_to']);
|
| 100 |
|
| 101 |
$up = parse_url($log_redirect);
|
| 102 |
+
if (isset($up['host']) && $up['host'] != $_SERVER['SERVER_NAME']) $log_redirect = __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']);
|
| 103 |
|
| 104 |
$log_redirect = strip_tags($log_redirect);
|
| 105 |
|
| 322 |
if ($regurl > 0)
|
| 323 |
$regurl = get_permalink($regurl);
|
| 324 |
}
|
| 325 |
+
$log_redirect = __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']);
|
| 326 |
if (isset($params['redirect'])) $log_redirect = esc_url_raw($params['redirect']);
|
| 327 |
if (isset($_GET['redirect_to'])) $log_redirect = esc_url_raw($_GET['redirect_to']);
|
| 328 |
|
| 329 |
$up = parse_url($log_redirect);
|
| 330 |
+
if (isset($up['host']) && $up['host'] != $_SERVER['SERVER_NAME']) $log_redirect = __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']);
|
| 331 |
|
| 332 |
$log_redirect = strip_tags($log_redirect);
|
| 333 |
|
| 396 |
if ($regurl > 0)
|
| 397 |
$regurl = get_permalink($regurl);
|
| 398 |
}
|
| 399 |
+
$log_redirect = __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']);
|
| 400 |
if (isset($params['redirect'])) $log_redirect = esc_url_raw($params['redirect']);
|
| 401 |
if (isset($_GET['redirect_to'])) $log_redirect = esc_url_raw($_GET['redirect_to']);
|
| 402 |
|
| 403 |
$up = parse_url($log_redirect);
|
| 404 |
+
if (isset($up['host']) && $up['host'] != $_SERVER['SERVER_NAME']) $log_redirect = __::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']);
|
| 405 |
|
| 406 |
$log_redirect = strip_tags($log_redirect);
|
| 407 |
|
src/User/views/modal-login-form.php
CHANGED
|
@@ -82,7 +82,7 @@ if(!defined('ABSPATH')) die(); ?>
|
|
| 82 |
<script>
|
| 83 |
jQuery(function ($) {
|
| 84 |
var llbl = $('#wpdmloginmodal-submit').html();
|
| 85 |
-
var __lm_redirect_to = "<?php echo $_SERVER
|
| 86 |
var __lm_logo = "<?php echo get_site_icon_url(); ?>";
|
| 87 |
var $body = $('body');
|
| 88 |
$('#modalloginform').submit(function () {
|
| 82 |
<script>
|
| 83 |
jQuery(function ($) {
|
| 84 |
var llbl = $('#wpdmloginmodal-submit').html();
|
| 85 |
+
var __lm_redirect_to = "<?php echo \WPDM\__\__::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']); ?>";
|
| 86 |
var __lm_logo = "<?php echo get_site_icon_url(); ?>";
|
| 87 |
var $body = $('body');
|
| 88 |
$('#modalloginform').submit(function () {
|
src/__/Apply.php
CHANGED
|
@@ -224,7 +224,7 @@ class Apply
|
|
| 224 |
|
| 225 |
global $wpdb, $current_user, $wp_query;
|
| 226 |
if (preg_match("/\/wpdmdl\/([\d]+)-([^\/]+)\/(.+)/", $_SERVER['REQUEST_URI'])) {
|
| 227 |
-
$uri = trim($_SERVER
|
| 228 |
$download_url_base = get_option('__wpdm_download_url_base', 'download');
|
| 229 |
$uri = explode("/" . $download_url_base . "/", $uri);
|
| 230 |
$parts = explode("/", $uri[1]);
|
|
@@ -234,7 +234,7 @@ class Apply
|
|
| 234 |
$parts = json_decode(base64_decode($parts[1]));
|
| 235 |
if (is_array($parts)) {
|
| 236 |
foreach ($parts as $key => $val) {
|
| 237 |
-
$_REQUEST[$key] = $_GET[$key] = $val;
|
| 238 |
}
|
| 239 |
}
|
| 240 |
}
|
| 224 |
|
| 225 |
global $wpdb, $current_user, $wp_query;
|
| 226 |
if (preg_match("/\/wpdmdl\/([\d]+)-([^\/]+)\/(.+)/", $_SERVER['REQUEST_URI'])) {
|
| 227 |
+
$uri = trim(__::valueof($_SERVER, 'REQUEST_URI', ['validate' => 'escs']), '/');
|
| 228 |
$download_url_base = get_option('__wpdm_download_url_base', 'download');
|
| 229 |
$uri = explode("/" . $download_url_base . "/", $uri);
|
| 230 |
$parts = explode("/", $uri[1]);
|
| 234 |
$parts = json_decode(base64_decode($parts[1]));
|
| 235 |
if (is_array($parts)) {
|
| 236 |
foreach ($parts as $key => $val) {
|
| 237 |
+
$_REQUEST[$key] = $_GET[$key] = esc_attr($val);
|
| 238 |
}
|
| 239 |
}
|
| 240 |
}
|
