Version Description
- Fixed security issue that can occur if using database caching to disk. If using database caching to disk with a web server with directory listing or web accessible wp-content/w3tc/dbcache/* directories. This patch works for all hosting environments / types where PHP is properly configured, i.e. .htaccess modifications (or other web server configuration changes) are not necessary to ensure proper security. Empty the database cache after performing the update if you use database caching to disk.
Download this release
Release Info
| Developer | fredericktownes |
| Plugin |  W3 Total Cache |
| Version | 0.9.2.5 |
| Comparing to | |
| See all releases | |
Code changes from version 0.9.2.4 to 0.9.2.5
- inc/define.php +1 -1
- lib/W3/Cache/File.php +5 -5
- readme.txt +10 -2
- w3-total-cache.php +1 -1
inc/define.php
CHANGED
|
@@ -5,7 +5,7 @@ if (!defined('ABSPATH')) {
|
|
| 5 |
}
|
| 6 |
|
| 7 |
define('W3TC', true);
|
| 8 |
-
define('W3TC_VERSION', '0.9.2.
|
| 9 |
define('W3TC_POWERED_BY', 'W3 Total Cache/' . W3TC_VERSION);
|
| 10 |
define('W3TC_EMAIL', 'w3tc@w3-edge.com');
|
| 11 |
define('W3TC_PAYPAL_URL', 'https://www.paypal.com/cgi-bin/webscr');
|
| 5 |
}
|
| 6 |
|
| 7 |
define('W3TC', true);
|
| 8 |
+
define('W3TC_VERSION', '0.9.2.5');
|
| 9 |
define('W3TC_POWERED_BY', 'W3 Total Cache/' . W3TC_VERSION);
|
| 10 |
define('W3TC_EMAIL', 'w3tc@w3-edge.com');
|
| 11 |
define('W3TC_PAYPAL_URL', 'https://www.paypal.com/cgi-bin/webscr');
|
lib/W3/Cache/File.php
CHANGED
|
@@ -44,7 +44,7 @@ class W3_Cache_File extends W3_Cache_Base {
|
|
| 44 |
*/
|
| 45 |
var $_locking = false;
|
| 46 |
|
| 47 |
-
|
| 48 |
/**
|
| 49 |
* PHP5-style constructor
|
| 50 |
*
|
|
@@ -55,7 +55,7 @@ class W3_Cache_File extends W3_Cache_Base {
|
|
| 55 |
$this->_exclude = isset($config['exclude']) ? (array) $config['exclude'] : array();
|
| 56 |
$this->_flush_timelimit = isset($config['flush_timelimit']) ? (int) $config['flush_timelimit'] : 180;
|
| 57 |
$this->_locking = isset($config['locking']) ? (boolean) $config['locking'] : false;
|
| 58 |
-
if (isset($config['module']) && $config['module'] == 'dbcache')
|
| 59 |
$this->use_wp_hash = true;
|
| 60 |
}
|
| 61 |
|
|
@@ -106,8 +106,8 @@ class W3_Cache_File extends W3_Cache_Base {
|
|
| 106 |
if ($this->_locking) {
|
| 107 |
@flock($fp, LOCK_EX);
|
| 108 |
}
|
| 109 |
-
@fputs($fp, '<?php /* ');
|
| 110 |
@fputs($fp, pack('L', $expire));
|
|
|
|
| 111 |
@fputs($fp, @serialize($var));
|
| 112 |
@fclose($fp);
|
| 113 |
|
|
@@ -156,7 +156,7 @@ class W3_Cache_File extends W3_Cache_Base {
|
|
| 156 |
$data .= @fread($fp, 4096);
|
| 157 |
}
|
| 158 |
|
| 159 |
-
$
|
| 160 |
$var = @unserialize($data);
|
| 161 |
}
|
| 162 |
}
|
|
@@ -238,7 +238,7 @@ class W3_Cache_File extends W3_Cache_Base {
|
|
| 238 |
* @return string
|
| 239 |
*/
|
| 240 |
function _get_path($key) {
|
| 241 |
-
if (
|
| 242 |
$hash = wp_hash($key);
|
| 243 |
else
|
| 244 |
$hash = md5($key);
|
| 44 |
*/
|
| 45 |
var $_locking = false;
|
| 46 |
|
| 47 |
+
var $use_wp_hash = false;
|
| 48 |
/**
|
| 49 |
* PHP5-style constructor
|
| 50 |
*
|
| 55 |
$this->_exclude = isset($config['exclude']) ? (array) $config['exclude'] : array();
|
| 56 |
$this->_flush_timelimit = isset($config['flush_timelimit']) ? (int) $config['flush_timelimit'] : 180;
|
| 57 |
$this->_locking = isset($config['locking']) ? (boolean) $config['locking'] : false;
|
| 58 |
+
if (isset($config['module']) && $config['module'] == 'dbcache'&& function_exists('wp_hash'))
|
| 59 |
$this->use_wp_hash = true;
|
| 60 |
}
|
| 61 |
|
| 106 |
if ($this->_locking) {
|
| 107 |
@flock($fp, LOCK_EX);
|
| 108 |
}
|
|
|
|
| 109 |
@fputs($fp, pack('L', $expire));
|
| 110 |
+
@fputs($fp, '<?php exit; ?>');
|
| 111 |
@fputs($fp, @serialize($var));
|
| 112 |
@fclose($fp);
|
| 113 |
|
| 156 |
$data .= @fread($fp, 4096);
|
| 157 |
}
|
| 158 |
|
| 159 |
+
$data = substr($data, 14);
|
| 160 |
$var = @unserialize($data);
|
| 161 |
}
|
| 162 |
}
|
| 238 |
* @return string
|
| 239 |
*/
|
| 240 |
function _get_path($key) {
|
| 241 |
+
if ($this->use_wp_hash)
|
| 242 |
$hash = wp_hash($key);
|
| 243 |
else
|
| 244 |
$hash = md5($key);
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: fredericktownes
|
|
| 3 |
Tags: user experience, cache, caching, page cache, css cache, js cache, db cache, disk cache, disk caching, database cache, http compression, gzip, deflate, minify, cdn, content delivery network, media library, performance, speed, multiple hosts, css, merge, combine, unobtrusive javascript, compress, optimize, optimizer, javascript, js, cascading style sheet, plugin, yslow, yui, google, google rank, google page speed, mod_pagespeed, s3, cloudfront, aws, amazon web services, cloud files, rackspace, cotendo, max cdn, limelight, cloudflare, microsoft, microsoft azure, iis, nginx, litespeed, apache, varnish, xcache, apc, eacclerator, wincache, mysql, w3 total cache, batcache, wp cache, wp super cache, buddypress
|
| 4 |
Requires at least: 2.8
|
| 5 |
Tested up to: 3.5
|
| 6 |
-
Stable tag: 0.9.2.
|
| 7 |
|
| 8 |
Improve site performance and user experience via caching: browser, page, object, database, minify and content delivery network support.
|
| 9 |
|
|
@@ -462,6 +462,9 @@ Please reach out to all of these people and support their projects if you're so
|
|
| 462 |
|
| 463 |
== Changelog ==
|
| 464 |
|
|
|
|
|
|
|
|
|
|
| 465 |
= 0.9.2.4 =
|
| 466 |
* Added support for Microsoft SQL Server
|
| 467 |
* Added API support for MediaTemple ProCDN (EdgeCast)
|
|
@@ -790,4 +793,9 @@ Please reach out to all of these people and support their projects if you're so
|
|
| 790 |
* Resolved bug in minification of feeds
|
| 791 |
|
| 792 |
= 0.5 =
|
| 793 |
-
* Initial release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3 |
Tags: user experience, cache, caching, page cache, css cache, js cache, db cache, disk cache, disk caching, database cache, http compression, gzip, deflate, minify, cdn, content delivery network, media library, performance, speed, multiple hosts, css, merge, combine, unobtrusive javascript, compress, optimize, optimizer, javascript, js, cascading style sheet, plugin, yslow, yui, google, google rank, google page speed, mod_pagespeed, s3, cloudfront, aws, amazon web services, cloud files, rackspace, cotendo, max cdn, limelight, cloudflare, microsoft, microsoft azure, iis, nginx, litespeed, apache, varnish, xcache, apc, eacclerator, wincache, mysql, w3 total cache, batcache, wp cache, wp super cache, buddypress
|
| 4 |
Requires at least: 2.8
|
| 5 |
Tested up to: 3.5
|
| 6 |
+
Stable tag: 0.9.2.5
|
| 7 |
|
| 8 |
Improve site performance and user experience via caching: browser, page, object, database, minify and content delivery network support.
|
| 9 |
|
| 462 |
|
| 463 |
== Changelog ==
|
| 464 |
|
| 465 |
+
= 0.9.2.5 =
|
| 466 |
+
* Fixed security issue that can occur if using database caching to disk. If using database caching to disk with a web server with directory listing or web accessible wp-content/w3tc/dbcache/* directories. This patch works for all hosting environments / types where PHP is properly configured, i.e. .htaccess modifications (or other web server configuration changes) are *not* necessary to ensure proper security. Empty the database cache after performing the update if you use database caching to disk.
|
| 467 |
+
|
| 468 |
= 0.9.2.4 =
|
| 469 |
* Added support for Microsoft SQL Server
|
| 470 |
* Added API support for MediaTemple ProCDN (EdgeCast)
|
| 793 |
* Resolved bug in minification of feeds
|
| 794 |
|
| 795 |
= 0.5 =
|
| 796 |
+
* Initial release
|
| 797 |
+
|
| 798 |
+
== Upgrade Notice ==
|
| 799 |
+
|
| 800 |
+
= 0.9.2.5 =
|
| 801 |
+
* Fixed security issue that can occur if using database caching to disk. If using database caching to disk with a web server with directory listing or web accessible wp-content/w3tc/dbcache/* directories. This patch works for all hosting environments / types where PHP is properly configured, i.e. .htaccess modifications (or other web server configuration changes) are *not* necessary to ensure proper security. Empty the database cache after performing the update if you use database caching to disk.
|
w3-total-cache.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
/*
|
| 3 |
Plugin Name: W3 Total Cache
|
| 4 |
Description: The highest rated and most complete WordPress performance plugin. Dramatically improve the speed and user experience of your site. Add browser, page, object and database caching as well as minify and content delivery network (CDN) to WordPress.
|
| 5 |
-
Version: 0.9.2.
|
| 6 |
Plugin URI: http://www.w3-edge.com/wordpress-plugins/w3-total-cache/
|
| 7 |
Author: Frederick Townes
|
| 8 |
Author URI: http://www.linkedin.com/in/w3edge
|
| 2 |
/*
|
| 3 |
Plugin Name: W3 Total Cache
|
| 4 |
Description: The highest rated and most complete WordPress performance plugin. Dramatically improve the speed and user experience of your site. Add browser, page, object and database caching as well as minify and content delivery network (CDN) to WordPress.
|
| 5 |
+
Version: 0.9.2.5
|
| 6 |
Plugin URI: http://www.w3-edge.com/wordpress-plugins/w3-total-cache/
|
| 7 |
Author: Frederick Townes
|
| 8 |
Author URI: http://www.linkedin.com/in/w3edge
|
