Version Description
- Tested up to WC3.6
- Fix: Prevent infinite loop on temporary folder creation for partially migrated sites or write permission issues
- Tweak: Removed height & width attributes from logo image (+filter
wpo_wcpdf_header_logo_img_element) - Dev: Enable guest access to PDF with order key in URL
Download this release
Release Info
| Developer | pomegranate |
| Plugin |  WooCommerce PDF Invoices & Packing Slips |
| Version | 2.2.12 |
| Comparing to | |
| See all releases | |
Code changes from version 2.2.11 to 2.2.12
includes/class-wcpdf-main.php
CHANGED
|
@@ -15,6 +15,7 @@ class Main {
|
|
| 15 |
|
| 16 |
function __construct() {
|
| 17 |
add_action( 'wp_ajax_generate_wpo_wcpdf', array($this, 'generate_pdf_ajax' ) );
|
|
|
|
| 18 |
add_filter( 'woocommerce_email_attachments', array( $this, 'attach_pdf_to_email' ), 99, 3 );
|
| 19 |
add_filter( 'wpo_wcpdf_custom_attachment_condition', array( $this, 'disable_free_attachment'), 1001, 4 );
|
| 20 |
|
|
@@ -199,8 +200,13 @@ class Main {
|
|
| 199 |
* Load and generate the template output with ajax
|
| 200 |
*/
|
| 201 |
public function generate_pdf_ajax() {
|
| 202 |
-
|
| 203 |
-
if
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 204 |
wp_die( __( 'You do not have sufficient permissions to access this page.', 'woocommerce-pdf-invoices-packing-slips' ) );
|
| 205 |
}
|
| 206 |
|
|
@@ -218,7 +224,7 @@ class Main {
|
|
| 218 |
}
|
| 219 |
|
| 220 |
// debug enabled by URL
|
| 221 |
-
if ( isset( $_GET['debug'] ) ) {
|
| 222 |
$this->enable_debug();
|
| 223 |
}
|
| 224 |
|
|
@@ -232,27 +238,40 @@ class Main {
|
|
| 232 |
// set default is allowed
|
| 233 |
$allowed = true;
|
| 234 |
|
| 235 |
-
// check if user is logged in
|
| 236 |
-
if ( ! is_user_logged_in() ) {
|
| 237 |
-
$allowed = false;
|
| 238 |
-
}
|
| 239 |
|
| 240 |
-
|
| 241 |
-
|
| 242 |
-
$allowed = false;
|
| 243 |
-
}
|
| 244 |
-
|
| 245 |
-
// User call from my-account page
|
| 246 |
-
if ( !current_user_can('manage_options') && isset( $_GET['my-account'] ) ) {
|
| 247 |
-
// Only for single orders!
|
| 248 |
if ( count( $order_ids ) > 1 ) {
|
| 249 |
$allowed = false;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 250 |
}
|
| 251 |
|
| 252 |
-
// Check
|
| 253 |
-
if
|
| 254 |
$allowed = false;
|
| 255 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 256 |
}
|
| 257 |
|
| 258 |
$allowed = apply_filters( 'wpo_wcpdf_check_privs', $allowed, $order_ids );
|
|
@@ -382,13 +401,17 @@ class Main {
|
|
| 382 |
*/
|
| 383 |
public function init_tmp ( $tmp_base ) {
|
| 384 |
// create plugin base temp folder
|
| 385 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 386 |
|
| 387 |
// create subfolders & protect
|
| 388 |
$subfolders = array( 'attachments', 'fonts', 'dompdf' );
|
| 389 |
foreach ( $subfolders as $subfolder ) {
|
| 390 |
$path = $tmp_base . $subfolder . '/';
|
| 391 |
-
|
| 392 |
|
| 393 |
// copy font files
|
| 394 |
if ( $subfolder == 'fonts' ) {
|
|
@@ -396,8 +419,8 @@ class Main {
|
|
| 396 |
}
|
| 397 |
|
| 398 |
// create .htaccess file and empty index.php to protect in case an open webfolder is used!
|
| 399 |
-
|
| 400 |
-
|
| 401 |
}
|
| 402 |
|
| 403 |
}
|
| 15 |
|
| 16 |
function __construct() {
|
| 17 |
add_action( 'wp_ajax_generate_wpo_wcpdf', array($this, 'generate_pdf_ajax' ) );
|
| 18 |
+
add_action( 'wp_ajax_nopriv_generate_wpo_wcpdf', array($this, 'generate_pdf_ajax' ) );
|
| 19 |
add_filter( 'woocommerce_email_attachments', array( $this, 'attach_pdf_to_email' ), 99, 3 );
|
| 20 |
add_filter( 'wpo_wcpdf_custom_attachment_condition', array( $this, 'disable_free_attachment'), 1001, 4 );
|
| 21 |
|
| 200 |
* Load and generate the template output with ajax
|
| 201 |
*/
|
| 202 |
public function generate_pdf_ajax() {
|
| 203 |
+
$guest_access = isset( WPO_WCPDF()->settings->debug_settings['guest_access'] );
|
| 204 |
+
if ( !$guest_access && current_filter() == 'wp_ajax_nopriv_generate_wpo_wcpdf') {
|
| 205 |
+
wp_die( __( 'You do not have sufficient permissions to access this page.', 'woocommerce-pdf-invoices-packing-slips' ) );
|
| 206 |
+
}
|
| 207 |
+
|
| 208 |
+
// Check the nonce - guest access doesn't use nonces but checks the unique order key (hash)
|
| 209 |
+
if( empty( $_GET['action'] ) || ( !$guest_access && !check_admin_referer( $_GET['action'] ) ) ) {
|
| 210 |
wp_die( __( 'You do not have sufficient permissions to access this page.', 'woocommerce-pdf-invoices-packing-slips' ) );
|
| 211 |
}
|
| 212 |
|
| 224 |
}
|
| 225 |
|
| 226 |
// debug enabled by URL
|
| 227 |
+
if ( isset( $_GET['debug'] ) && !( $guest_access || isset( $_GET['my-account'] ) ) ) {
|
| 228 |
$this->enable_debug();
|
| 229 |
}
|
| 230 |
|
| 238 |
// set default is allowed
|
| 239 |
$allowed = true;
|
| 240 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 241 |
|
| 242 |
+
if ( $guest_access && isset( $_GET['order_key'] ) ) {
|
| 243 |
+
// Guest access with order key
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 244 |
if ( count( $order_ids ) > 1 ) {
|
| 245 |
$allowed = false;
|
| 246 |
+
} else {
|
| 247 |
+
$order = wc_get_order( $order_ids[0] );
|
| 248 |
+
if ( !$order || ! hash_equals( $order->get_order_key(), $_GET['order_key'] ) ) {
|
| 249 |
+
$allowed = false;
|
| 250 |
+
}
|
| 251 |
+
}
|
| 252 |
+
} else {
|
| 253 |
+
// check if user is logged in
|
| 254 |
+
if ( ! is_user_logged_in() ) {
|
| 255 |
+
$allowed = false;
|
| 256 |
}
|
| 257 |
|
| 258 |
+
// Check the user privileges
|
| 259 |
+
if( !( current_user_can( 'manage_woocommerce_orders' ) || current_user_can( 'edit_shop_orders' ) ) && !isset( $_GET['my-account'] ) ) {
|
| 260 |
$allowed = false;
|
| 261 |
}
|
| 262 |
+
|
| 263 |
+
// User call from my-account page
|
| 264 |
+
if ( !current_user_can('manage_options') && isset( $_GET['my-account'] ) ) {
|
| 265 |
+
// Only for single orders!
|
| 266 |
+
if ( count( $order_ids ) > 1 ) {
|
| 267 |
+
$allowed = false;
|
| 268 |
+
}
|
| 269 |
+
|
| 270 |
+
// Check if current user is owner of order IMPORTANT!!!
|
| 271 |
+
if ( ! current_user_can( 'view_order', $order_ids[0] ) ) {
|
| 272 |
+
$allowed = false;
|
| 273 |
+
}
|
| 274 |
+
}
|
| 275 |
}
|
| 276 |
|
| 277 |
$allowed = apply_filters( 'wpo_wcpdf_check_privs', $allowed, $order_ids );
|
| 401 |
*/
|
| 402 |
public function init_tmp ( $tmp_base ) {
|
| 403 |
// create plugin base temp folder
|
| 404 |
+
mkdir( $tmp_base );
|
| 405 |
+
|
| 406 |
+
if (!is_dir($tmp_base)) {
|
| 407 |
+
wcpdf_log_error( "Unable to create temp folder {$tmp_base}", 'critical' );
|
| 408 |
+
}
|
| 409 |
|
| 410 |
// create subfolders & protect
|
| 411 |
$subfolders = array( 'attachments', 'fonts', 'dompdf' );
|
| 412 |
foreach ( $subfolders as $subfolder ) {
|
| 413 |
$path = $tmp_base . $subfolder . '/';
|
| 414 |
+
mkdir( $path );
|
| 415 |
|
| 416 |
// copy font files
|
| 417 |
if ( $subfolder == 'fonts' ) {
|
| 419 |
}
|
| 420 |
|
| 421 |
// create .htaccess file and empty index.php to protect in case an open webfolder is used!
|
| 422 |
+
file_put_contents( $path . '.htaccess', 'deny from all' );
|
| 423 |
+
touch( $path . 'index.php' );
|
| 424 |
}
|
| 425 |
|
| 426 |
}
|
includes/class-wcpdf-settings-debug.php
CHANGED
|
@@ -169,6 +169,18 @@ class Settings_Debug {
|
|
| 169 |
'description' => __( "Legacy mode ensures compatibility with templates and filters from previous versions.", 'woocommerce-pdf-invoices-packing-slips' ),
|
| 170 |
)
|
| 171 |
),
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 172 |
array(
|
| 173 |
'type' => 'setting',
|
| 174 |
'id' => 'calculate_document_numbers',
|
| 169 |
'description' => __( "Legacy mode ensures compatibility with templates and filters from previous versions.", 'woocommerce-pdf-invoices-packing-slips' ),
|
| 170 |
)
|
| 171 |
),
|
| 172 |
+
array(
|
| 173 |
+
'type' => 'setting',
|
| 174 |
+
'id' => 'guest_access',
|
| 175 |
+
'title' => __( 'Allow guest access', 'woocommerce-pdf-invoices-packing-slips' ),
|
| 176 |
+
'callback' => 'checkbox',
|
| 177 |
+
'section' => 'debug_settings',
|
| 178 |
+
'args' => array(
|
| 179 |
+
'option_name' => $option_name,
|
| 180 |
+
'id' => 'guest_access',
|
| 181 |
+
'description' => __( 'Enable this to allow customers that purchase without an account to access their PDF with a unique key', 'woocommerce-pdf-invoices-packing-slips' ),
|
| 182 |
+
)
|
| 183 |
+
),
|
| 184 |
array(
|
| 185 |
'type' => 'setting',
|
| 186 |
'id' => 'calculate_document_numbers',
|
includes/documents/abstract-wcpdf-order-document.php
CHANGED
|
@@ -487,7 +487,9 @@ abstract class Order_Document {
|
|
| 487 |
$src = $attachment_src;
|
| 488 |
}
|
| 489 |
|
| 490 |
-
|
|
|
|
|
|
|
| 491 |
}
|
| 492 |
}
|
| 493 |
}
|
| 487 |
$src = $attachment_src;
|
| 488 |
}
|
| 489 |
|
| 490 |
+
$img_element = sprintf('<img src="%1$s" alt="%4$s" />', $src, $attachment_width, $attachment_height, esc_attr( $company ) );
|
| 491 |
+
|
| 492 |
+
echo apply_filters( 'wpo_wcpdf_header_logo_img_element', $img_element, $attachment, $this );
|
| 493 |
}
|
| 494 |
}
|
| 495 |
}
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Tags: woocommerce, pdf, invoices, packing slips, print, delivery notes, invoice,
|
|
| 5 |
Requires at least: 3.5
|
| 6 |
Tested up to: 5.1
|
| 7 |
Requires PHP: 5.3
|
| 8 |
-
Stable tag: 2.2.
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
|
@@ -103,6 +103,12 @@ There's a setting on the Status tab of the settings page that allows you to togg
|
|
| 103 |
|
| 104 |
== Changelog ==
|
| 105 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 106 |
= 2.2.11 =
|
| 107 |
* Fix: Fatal error on orders with multiple refunds
|
| 108 |
|
| 5 |
Requires at least: 3.5
|
| 6 |
Tested up to: 5.1
|
| 7 |
Requires PHP: 5.3
|
| 8 |
+
Stable tag: 2.2.12
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
| 103 |
|
| 104 |
== Changelog ==
|
| 105 |
|
| 106 |
+
= 2.2.12 =
|
| 107 |
+
* Tested up to WC3.6
|
| 108 |
+
* Fix: Prevent infinite loop on temporary folder creation for partially migrated sites or write permission issues
|
| 109 |
+
* Tweak: Removed height & width attributes from logo image (+filter `wpo_wcpdf_header_logo_img_element`)
|
| 110 |
+
* Dev: Enable guest access to PDF with order key in URL
|
| 111 |
+
|
| 112 |
= 2.2.11 =
|
| 113 |
* Fix: Fatal error on orders with multiple refunds
|
| 114 |
|
woocommerce-pdf-invoices-packingslips.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: WooCommerce PDF Invoices & Packing Slips
|
| 4 |
* Plugin URI: http://www.wpovernight.com
|
| 5 |
* Description: Create, print & email PDF invoices & packing slips for WooCommerce orders.
|
| 6 |
-
* Version: 2.2.
|
| 7 |
* Author: Ewout Fernhout
|
| 8 |
* Author URI: http://www.wpovernight.com
|
| 9 |
* License: GPLv2 or later
|
|
@@ -21,7 +21,7 @@ if ( !class_exists( 'WPO_WCPDF' ) ) :
|
|
| 21 |
|
| 22 |
class WPO_WCPDF {
|
| 23 |
|
| 24 |
-
public $version = '2.2.
|
| 25 |
public $plugin_basename;
|
| 26 |
public $legacy_mode;
|
| 27 |
|
| 3 |
* Plugin Name: WooCommerce PDF Invoices & Packing Slips
|
| 4 |
* Plugin URI: http://www.wpovernight.com
|
| 5 |
* Description: Create, print & email PDF invoices & packing slips for WooCommerce orders.
|
| 6 |
+
* Version: 2.2.12
|
| 7 |
* Author: Ewout Fernhout
|
| 8 |
* Author URI: http://www.wpovernight.com
|
| 9 |
* License: GPLv2 or later
|
| 21 |
|
| 22 |
class WPO_WCPDF {
|
| 23 |
|
| 24 |
+
public $version = '2.2.12';
|
| 25 |
public $plugin_basename;
|
| 26 |
public $legacy_mode;
|
| 27 |
|
