Version Description
- Fix plugin vulnerabilities and added nonce checks
Download this release
Release Info
| Developer | rickardw |
| Plugin |  ImageMagick Engine |
| Version | 1.7.6 |
| Comparing to | |
| See all releases | |
Code changes from version 1.7.5 to 1.7.6
- imagemagick-engine.php +19 -18
- js/ime-admin.js +4 -3
- readme.txt +5 -2
imagemagick-engine.php
CHANGED
|
@@ -5,7 +5,7 @@
|
|
| 5 |
Description: Improve the quality of re-sized images by replacing standard GD library with ImageMagick
|
| 6 |
Author: Orangelab
|
| 7 |
Author URI: https://orangelab.com/
|
| 8 |
-
Version: 1.7.
|
| 9 |
Text Domain: imagemagick-engine
|
| 10 |
|
| 11 |
Copyright @ 2022 Orangelab AB
|
|
@@ -35,7 +35,7 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
| 35 |
* Constants
|
| 36 |
*/
|
| 37 |
define( 'IME_OPTION_VERSION', 1 );
|
| 38 |
-
define( 'IME_VERSION', '1.7.
|
| 39 |
|
| 40 |
/*
|
| 41 |
* Global variables
|
|
@@ -659,19 +659,19 @@ function ime_im_cli_resize( $old_file, $new_file, $width, $height, $crop, $resiz
|
|
| 659 |
|
| 660 |
// Test if a path is correct for IM binary
|
| 661 |
function ime_ajax_test_im_path() {
|
| 662 |
-
if ( ! current_user_can( 'manage_options' ) ) {
|
| 663 |
-
|
| 664 |
}
|
| 665 |
$r = ime_im_cli_check_command( $_REQUEST['cli_path'] );
|
| 666 |
echo empty( $r ) ? '0' : '1';
|
| 667 |
-
|
| 668 |
}
|
| 669 |
|
| 670 |
// Get list of attachments to regenerate
|
| 671 |
function ime_ajax_regeneration_get_images() {
|
| 672 |
global $wpdb;
|
| 673 |
|
| 674 |
-
if ( ! current_user_can( 'manage_options' ) ) {
|
| 675 |
wp_die( 'Sorry, but you do not have permissions to perform this action.' );
|
| 676 |
}
|
| 677 |
|
|
@@ -685,7 +685,7 @@ function ime_ajax_regeneration_get_images() {
|
|
| 685 |
}
|
| 686 |
$ids = implode( ',', $ids );
|
| 687 |
|
| 688 |
-
|
| 689 |
}
|
| 690 |
|
| 691 |
// Process single attachment ID
|
|
@@ -694,26 +694,26 @@ function ime_ajax_process_image() {
|
|
| 694 |
|
| 695 |
error_reporting( E_ERROR | E_WARNING );
|
| 696 |
|
| 697 |
-
if ( ! current_user_can( 'manage_options' ) || ! ime_mode_valid() ) {
|
| 698 |
-
|
| 699 |
}
|
| 700 |
|
| 701 |
if ( ! isset( $_REQUEST['id'] ) ) {
|
| 702 |
-
|
| 703 |
}
|
| 704 |
|
| 705 |
$id = intval( $_REQUEST['id'] );
|
| 706 |
if ( $id <= 0 ) {
|
| 707 |
-
|
| 708 |
}
|
| 709 |
|
| 710 |
$temp_sizes = $_REQUEST['sizes'];
|
| 711 |
if ( empty( $temp_sizes ) ) {
|
| 712 |
-
|
| 713 |
}
|
| 714 |
$temp_sizes = explode( '|', $temp_sizes );
|
| 715 |
if ( count( $temp_sizes ) < 1 ) {
|
| 716 |
-
|
| 717 |
}
|
| 718 |
|
| 719 |
$temp_sizes = apply_filters( 'intermediate_image_sizes', $temp_sizes );
|
|
@@ -749,7 +749,7 @@ function ime_ajax_process_image() {
|
|
| 749 |
$ime_image_file = function_exists('wp_get_original_image_path') ? wp_get_original_image_path( $id ) : get_attached_file( $id );
|
| 750 |
|
| 751 |
if ( false === $ime_image_file || ! file_exists( $ime_image_file ) ) {
|
| 752 |
-
|
| 753 |
}
|
| 754 |
|
| 755 |
$metadata = wp_get_attachment_metadata( $id );
|
|
@@ -764,7 +764,7 @@ function ime_ajax_process_image() {
|
|
| 764 |
}
|
| 765 |
}
|
| 766 |
if ( count( $sizes ) < 1 ) {
|
| 767 |
-
|
| 768 |
}
|
| 769 |
}
|
| 770 |
|
|
@@ -774,7 +774,7 @@ function ime_ajax_process_image() {
|
|
| 774 |
|
| 775 |
$new_meta = ime_filter_attachment_metadata( $metadata, $id );
|
| 776 |
if ( is_wp_error( $new_meta ) ) {
|
| 777 |
-
|
| 778 |
}
|
| 779 |
wp_update_attachment_metadata( $id, $new_meta );
|
| 780 |
|
|
@@ -790,7 +790,7 @@ function ime_ajax_process_image() {
|
|
| 790 |
|
| 791 |
// No old sizes, nothing to check
|
| 792 |
if ( ! isset( $metadata['sizes'] ) || empty( $metadata['sizes'] ) ) {
|
| 793 |
-
|
| 794 |
}
|
| 795 |
|
| 796 |
$dir = trailingslashit( dirname( $ime_image_file ) );
|
|
@@ -815,7 +815,7 @@ function ime_ajax_process_image() {
|
|
| 815 |
@ unlink( $dir . $old_file );
|
| 816 |
}
|
| 817 |
|
| 818 |
-
|
| 819 |
}
|
| 820 |
|
| 821 |
|
|
@@ -844,6 +844,7 @@ function ime_admin_print_scripts() {
|
|
| 844 |
'processed_fmt' => __( 'Processed %d images', 'imagemagick-engine' ),
|
| 845 |
'failed' => '<strong>' . __( 'Failed to resize image!', 'imagemagick-engine' ) . '</strong>',
|
| 846 |
'resized' => __( 'Resized using ImageMagick Engine', 'imagemagick-engine' ),
|
|
|
|
| 847 |
];
|
| 848 |
wp_localize_script( 'ime-admin', 'ime_admin', $data );
|
| 849 |
}
|
| 5 |
Description: Improve the quality of re-sized images by replacing standard GD library with ImageMagick
|
| 6 |
Author: Orangelab
|
| 7 |
Author URI: https://orangelab.com/
|
| 8 |
+
Version: 1.7.6
|
| 9 |
Text Domain: imagemagick-engine
|
| 10 |
|
| 11 |
Copyright @ 2022 Orangelab AB
|
| 35 |
* Constants
|
| 36 |
*/
|
| 37 |
define( 'IME_OPTION_VERSION', 1 );
|
| 38 |
+
define( 'IME_VERSION', '1.7.6' );
|
| 39 |
|
| 40 |
/*
|
| 41 |
* Global variables
|
| 659 |
|
| 660 |
// Test if a path is correct for IM binary
|
| 661 |
function ime_ajax_test_im_path() {
|
| 662 |
+
if ( ! current_user_can( 'manage_options' ) || ! wp_verify_nonce( $_REQUEST['ime_nonce'], 'ime-admin-nonce') ) {
|
| 663 |
+
wp_die( 'Sorry, but you do not have permissions to perform this action.' );
|
| 664 |
}
|
| 665 |
$r = ime_im_cli_check_command( $_REQUEST['cli_path'] );
|
| 666 |
echo empty( $r ) ? '0' : '1';
|
| 667 |
+
wp_die();
|
| 668 |
}
|
| 669 |
|
| 670 |
// Get list of attachments to regenerate
|
| 671 |
function ime_ajax_regeneration_get_images() {
|
| 672 |
global $wpdb;
|
| 673 |
|
| 674 |
+
if ( ! current_user_can( 'manage_options' ) || ! wp_verify_nonce( $_REQUEST['ime_nonce'], 'ime-admin-nonce') ) {
|
| 675 |
wp_die( 'Sorry, but you do not have permissions to perform this action.' );
|
| 676 |
}
|
| 677 |
|
| 685 |
}
|
| 686 |
$ids = implode( ',', $ids );
|
| 687 |
|
| 688 |
+
wp_die( $ids );
|
| 689 |
}
|
| 690 |
|
| 691 |
// Process single attachment ID
|
| 694 |
|
| 695 |
error_reporting( E_ERROR | E_WARNING );
|
| 696 |
|
| 697 |
+
if ( ! current_user_can( 'manage_options' ) || ! ime_mode_valid() || ! wp_verify_nonce( $_REQUEST['ime_nonce'], 'ime-admin-nonce') ) {
|
| 698 |
+
wp_die( '-1' );
|
| 699 |
}
|
| 700 |
|
| 701 |
if ( ! isset( $_REQUEST['id'] ) ) {
|
| 702 |
+
wp_die( '-1' );
|
| 703 |
}
|
| 704 |
|
| 705 |
$id = intval( $_REQUEST['id'] );
|
| 706 |
if ( $id <= 0 ) {
|
| 707 |
+
wp_die( '-1' );
|
| 708 |
}
|
| 709 |
|
| 710 |
$temp_sizes = $_REQUEST['sizes'];
|
| 711 |
if ( empty( $temp_sizes ) ) {
|
| 712 |
+
wp_die( '-1' );
|
| 713 |
}
|
| 714 |
$temp_sizes = explode( '|', $temp_sizes );
|
| 715 |
if ( count( $temp_sizes ) < 1 ) {
|
| 716 |
+
wp_die( '-1' );
|
| 717 |
}
|
| 718 |
|
| 719 |
$temp_sizes = apply_filters( 'intermediate_image_sizes', $temp_sizes );
|
| 749 |
$ime_image_file = function_exists('wp_get_original_image_path') ? wp_get_original_image_path( $id ) : get_attached_file( $id );
|
| 750 |
|
| 751 |
if ( false === $ime_image_file || ! file_exists( $ime_image_file ) ) {
|
| 752 |
+
wp_die( '-1' );
|
| 753 |
}
|
| 754 |
|
| 755 |
$metadata = wp_get_attachment_metadata( $id );
|
| 764 |
}
|
| 765 |
}
|
| 766 |
if ( count( $sizes ) < 1 ) {
|
| 767 |
+
wp_die( 1 );
|
| 768 |
}
|
| 769 |
}
|
| 770 |
|
| 774 |
|
| 775 |
$new_meta = ime_filter_attachment_metadata( $metadata, $id );
|
| 776 |
if ( is_wp_error( $new_meta ) ) {
|
| 777 |
+
wp_die( '-1' );
|
| 778 |
}
|
| 779 |
wp_update_attachment_metadata( $id, $new_meta );
|
| 780 |
|
| 790 |
|
| 791 |
// No old sizes, nothing to check
|
| 792 |
if ( ! isset( $metadata['sizes'] ) || empty( $metadata['sizes'] ) ) {
|
| 793 |
+
wp_die( '1' );
|
| 794 |
}
|
| 795 |
|
| 796 |
$dir = trailingslashit( dirname( $ime_image_file ) );
|
| 815 |
@ unlink( $dir . $old_file );
|
| 816 |
}
|
| 817 |
|
| 818 |
+
wp_die( '1' );
|
| 819 |
}
|
| 820 |
|
| 821 |
|
| 844 |
'processed_fmt' => __( 'Processed %d images', 'imagemagick-engine' ),
|
| 845 |
'failed' => '<strong>' . __( 'Failed to resize image!', 'imagemagick-engine' ) . '</strong>',
|
| 846 |
'resized' => __( 'Resized using ImageMagick Engine', 'imagemagick-engine' ),
|
| 847 |
+
'ime_nonce' => wp_create_nonce('ime-admin-nonce'),
|
| 848 |
];
|
| 849 |
wp_localize_script( 'ime-admin', 'ime_admin', $data );
|
| 850 |
}
|
js/ime-admin.js
CHANGED
|
@@ -12,6 +12,7 @@ function imeTestPath() {
|
|
| 12 |
jQuery( '#cli_path_progress' ).show();
|
| 13 |
jQuery.get( ajaxurl, {
|
| 14 |
action: 'ime_test_im_path',
|
|
|
|
| 15 |
cli_path: jQuery( '#cli_path' ).val()
|
| 16 |
}, function( data ) {
|
| 17 |
jQuery( '#cli_path_progress' ).hide();
|
|
@@ -65,7 +66,7 @@ rt_precision = 0;
|
|
| 65 |
|
| 66 |
//Regeneration of progressbar
|
| 67 |
function imeRegenImages( id ) {
|
| 68 |
-
jQuery.post( ajaxurl, { action: 'ime_process_image', id: id, sizes: rt_sizes, force: rt_force }, function( data ) {
|
| 69 |
var n = parseInt( data, 10 );
|
| 70 |
if ( isNaN( n ) ) {
|
| 71 |
alert( data );
|
|
@@ -105,7 +106,7 @@ return false;
|
|
| 105 |
spinner.show();
|
| 106 |
|
| 107 |
var message = jQuery( '#ime-message-' + id ).show();
|
| 108 |
-
jQuery.post( ajaxurl, { action: 'ime_process_image', id: id, sizes: sizes, force: force }, function( data ) {
|
| 109 |
spinner.hide();
|
| 110 |
link.removeClass( 'disabled' );
|
| 111 |
|
|
@@ -141,7 +142,7 @@ jQuery( document ).ready( function( $ ) {
|
|
| 141 |
|
| 142 |
$( '#regenerate-images' ).click( function() {
|
| 143 |
$( '#regenerate-images-metabox img.ajax-feedback' ).show();
|
| 144 |
-
$.post( ajaxurl, { action: 'ime_regeneration_get_images' }, function( data ) {
|
| 145 |
jQuery( '#regen-message' ).addClass( 'hidden' );
|
| 146 |
rt_images = data.split( ',' );
|
| 147 |
rt_total = rt_images.length;
|
| 12 |
jQuery( '#cli_path_progress' ).show();
|
| 13 |
jQuery.get( ajaxurl, {
|
| 14 |
action: 'ime_test_im_path',
|
| 15 |
+
ime_nonce: ime_admin.ime_nonce,
|
| 16 |
cli_path: jQuery( '#cli_path' ).val()
|
| 17 |
}, function( data ) {
|
| 18 |
jQuery( '#cli_path_progress' ).hide();
|
| 66 |
|
| 67 |
//Regeneration of progressbar
|
| 68 |
function imeRegenImages( id ) {
|
| 69 |
+
jQuery.post( ajaxurl, { action: 'ime_process_image', ime_nonce: ime_admin.ime_nonce, id: id, sizes: rt_sizes, force: rt_force }, function( data ) {
|
| 70 |
var n = parseInt( data, 10 );
|
| 71 |
if ( isNaN( n ) ) {
|
| 72 |
alert( data );
|
| 106 |
spinner.show();
|
| 107 |
|
| 108 |
var message = jQuery( '#ime-message-' + id ).show();
|
| 109 |
+
jQuery.post( ajaxurl, { action: 'ime_process_image', ime_nonce: ime_admin.ime_nonce, id: id, sizes: sizes, force: force }, function( data ) {
|
| 110 |
spinner.hide();
|
| 111 |
link.removeClass( 'disabled' );
|
| 112 |
|
| 142 |
|
| 143 |
$( '#regenerate-images' ).click( function() {
|
| 144 |
$( '#regenerate-images-metabox img.ajax-feedback' ).show();
|
| 145 |
+
$.post( ajaxurl, { action: 'ime_regeneration_get_images', ime_nonce: ime_admin.ime_nonce, }, function( data ) {
|
| 146 |
jQuery( '#regen-message' ).addClass( 'hidden' );
|
| 147 |
rt_images = data.split( ',' );
|
| 148 |
rt_total = rt_images.length;
|
readme.txt
CHANGED
|
@@ -2,8 +2,8 @@
|
|
| 2 |
Contributors: rickardw, orangelab
|
| 3 |
Tags: image, images, picture, imagemagick, gd, regenerate
|
| 4 |
Requires at least: 3.0
|
| 5 |
-
Tested up to: 6.0.
|
| 6 |
-
Stable tag: 1.7.
|
| 7 |
|
| 8 |
Improve the quality of re-sized images by replacing standard GD library with ImageMagick.
|
| 9 |
|
|
@@ -74,6 +74,9 @@ You'll probably have problems with various other plugins too unless you fix this
|
|
| 74 |
|
| 75 |
== Changelog ==
|
| 76 |
|
|
|
|
|
|
|
|
|
|
| 77 |
= 1.7.4 =
|
| 78 |
* Important bugfix
|
| 79 |
|
| 2 |
Contributors: rickardw, orangelab
|
| 3 |
Tags: image, images, picture, imagemagick, gd, regenerate
|
| 4 |
Requires at least: 3.0
|
| 5 |
+
Tested up to: 6.0.3
|
| 6 |
+
Stable tag: 1.7.6
|
| 7 |
|
| 8 |
Improve the quality of re-sized images by replacing standard GD library with ImageMagick.
|
| 9 |
|
| 74 |
|
| 75 |
== Changelog ==
|
| 76 |
|
| 77 |
+
= 1.7.6 =
|
| 78 |
+
* Fix plugin vulnerabilities and added nonce checks
|
| 79 |
+
|
| 80 |
= 1.7.4 =
|
| 81 |
* Important bugfix
|
| 82 |
|
