WordPress File Upload - Version 4.4.0

Version Description

added alternative user state handler using DB Options table in order to overcome problems with session variables appearing on many web servers

Release Info

Developer	nickboss
Plugin	WordPress File Upload
Version	4.4.0
Comparing to
See all releases

Code changes from version 4.3.4 to 4.4.0

Files changed (9) hide show

lib/wfu_admin.php +4 -0
lib/wfu_admin_settings.php +15 -1
lib/wfu_ajaxactions.php +20 -11
lib/wfu_constants.php +3 -1
lib/wfu_functions.php +112 -4
readme.txt +7 -1
release_notes.txt +1 -1
wfu_file_downloader.php +12 -10
wordpress_file_upload.php +9 -3

lib/wfu_admin.php CHANGED Viewed

	@@ -48,6 +48,7 @@ function wordpress_file_upload_install() {
48	global $wfu_tb_dbxqueue_version;
49	require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
50

51	$table_name1 = $wpdb->prefix . "wfu_log";
52	$installed_ver = get_option( "wordpress_file_upload_table_log_version" );
53	if( $installed_ver != $wfu_tb_log_version ) {
	@@ -112,6 +113,9 @@ function wordpress_file_upload_install() {
112	}
113	}
114



115	function wordpress_file_upload_update_db_check() {
116	global $wfu_tb_log_version;
117	global $wfu_tb_userdata_version;


48	global $wfu_tb_dbxqueue_version;
49	require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
50
51	+ //define database tables
52	$table_name1 = $wpdb->prefix . "wfu_log";
53	$installed_ver = get_option( "wordpress_file_upload_table_log_version" );
54	if( $installed_ver != $wfu_tb_log_version ) {

113	}
114	}
115
116	+ function wordpress_file_upload_uninstall() {
117	+ }
118	+
119	function wordpress_file_upload_update_db_check() {
120	global $wfu_tb_log_version;
121	global $wfu_tb_userdata_version;

lib/wfu_admin_settings.php CHANGED Viewed

	@@ -8,6 +8,7 @@ function wfu_settings_definitions() {
8	"basedir" => array("string", ""),
9	"postmethod" => array("number", ""),
10	"modsecurity" => array("number", ""),

11	"relaxcss" => array("number", ""),
12	"admindomain" => array("number", ""),
13	"mediacustom" => array("number", ""),
	@@ -117,6 +118,18 @@ function wfu_manage_settings($message = '') {
117	$echo_str .= "\n\t\t\t\t\t".'</tr>';
118	$echo_str .= "\n\t\t\t\t\t".'<tr>';
119	$echo_str .= "\n\t\t\t\t\t\t".'<th scope="row">';












120	$echo_str .= "\n\t\t\t\t\t\t\t".'<label for="wfu_relaxcss">Relax CSS Rules</label>';
121	$echo_str .= "\n\t\t\t\t\t\t".'</th>';
122	$echo_str .= "\n\t\t\t\t\t\t".'<td>';
	@@ -189,13 +202,14 @@ function wfu_update_settings() {
189	$mediacustom = ( isset($_POST['wfu_mediacustom']) ? ( $_POST['wfu_mediacustom'] == "on" ? 1 : 0 ) : 0 );
190	$includeotherfiles = ( isset($_POST['wfu_includeotherfiles']) ? ( $_POST['wfu_includeotherfiles'] == "on" ? 1 : 0 ) : 0 );
191	$altserver = ( isset($_POST['wfu_altserver']) ? ( $_POST['wfu_altserver'] == "on" ? 1 : 0 ) : 0 );
192	- if ( isset($_POST['wfu_basedir']) && isset($_POST['wfu_postmethod']) && isset($_POST['wfu_admindomain']) && isset($_POST['submitform']) ) {
193	if ( $_POST['submitform'] == "Update" ) {
194	$new_plugin_options['version'] = '1.0';
195	$new_plugin_options['shortcode'] = $plugin_options['shortcode'];
196	$new_plugin_options['hashfiles'] = $hashfiles;
197	$new_plugin_options['basedir'] = sanitize_text_field($_POST['wfu_basedir']);
198	$new_plugin_options['postmethod'] = sanitize_text_field($_POST['wfu_postmethod']);

199	$new_plugin_options['relaxcss'] = $relaxcss;
200	$new_plugin_options['admindomain'] = sanitize_text_field($_POST['wfu_admindomain']);
201	$new_plugin_options['mediacustom'] = $mediacustom;


8	"basedir" => array("string", ""),
9	"postmethod" => array("number", ""),
10	"modsecurity" => array("number", ""),
11	+ "userstatehandler" => array("number", ""),
12	"relaxcss" => array("number", ""),
13	"admindomain" => array("number", ""),
14	"mediacustom" => array("number", ""),

118	$echo_str .= "\n\t\t\t\t\t".'</tr>';
119	$echo_str .= "\n\t\t\t\t\t".'<tr>';
120	$echo_str .= "\n\t\t\t\t\t\t".'<th scope="row">';
121	+ $echo_str .= "\n\t\t\t\t\t\t\t".'<label for="wfu_userstatehandler">User State Handler</label>';
122	+ $echo_str .= "\n\t\t\t\t\t\t".'</th>';
123	+ $echo_str .= "\n\t\t\t\t\t\t".'<td>';
124	+ $echo_str .= "\n\t\t\t\t\t\t\t".'<select name="wfu_userstatehandler" id="wfu_userstatehandler" value="'.$plugin_options['userstatehandler'].'">';
125	+ $echo_str .= "\n\t\t\t\t\t\t\t\t".'<option value="session"'.( $plugin_options['userstatehandler'] == 'session' \|\| $plugin_options['userstatehandler'] == '' ? ' selected="selected"' : '' ).'>Session (default)</option>';
126	+ $echo_str .= "\n\t\t\t\t\t\t\t\t".'<option value="dboption"'.( $plugin_options['userstatehandler'] == 'dboption' ? ' selected="selected"' : '' ).'>DB Option</option>';
127	+ $echo_str .= "\n\t\t\t\t\t\t\t".'</select>';
128	+ $echo_str .= "\n\t\t\t\t\t\t\t".'<p style="cursor: text; font-size:9px; padding: 0px; margin: 0px; width: 95%; color: #AAAAAA;">Current value: <strong>'.( $plugin_options['userstatehandler'] == 'session' \|\| $plugin_options['userstatehandler'] == '' ? 'Session' : ( $plugin_options['userstatehandler'] == 'dboption' ? 'DB Option' : 'Session' ) ).'</strong></p>';
129	+ $echo_str .= "\n\t\t\t\t\t\t".'</td>';
130	+ $echo_str .= "\n\t\t\t\t\t".'</tr>';
131	+ $echo_str .= "\n\t\t\t\t\t".'<tr>';
132	+ $echo_str .= "\n\t\t\t\t\t\t".'<th scope="row">';
133	$echo_str .= "\n\t\t\t\t\t\t\t".'<label for="wfu_relaxcss">Relax CSS Rules</label>';
134	$echo_str .= "\n\t\t\t\t\t\t".'</th>';
135	$echo_str .= "\n\t\t\t\t\t\t".'<td>';

202	$mediacustom = ( isset($_POST['wfu_mediacustom']) ? ( $_POST['wfu_mediacustom'] == "on" ? 1 : 0 ) : 0 );
203	$includeotherfiles = ( isset($_POST['wfu_includeotherfiles']) ? ( $_POST['wfu_includeotherfiles'] == "on" ? 1 : 0 ) : 0 );
204	$altserver = ( isset($_POST['wfu_altserver']) ? ( $_POST['wfu_altserver'] == "on" ? 1 : 0 ) : 0 );
205	+ if ( isset($_POST['wfu_basedir']) && isset($_POST['wfu_postmethod']) && isset($_POST['wfu_userstatehandler']) && isset($_POST['wfu_admindomain']) && isset($_POST['submitform']) ) {
206	if ( $_POST['submitform'] == "Update" ) {
207	$new_plugin_options['version'] = '1.0';
208	$new_plugin_options['shortcode'] = $plugin_options['shortcode'];
209	$new_plugin_options['hashfiles'] = $hashfiles;
210	$new_plugin_options['basedir'] = sanitize_text_field($_POST['wfu_basedir']);
211	$new_plugin_options['postmethod'] = sanitize_text_field($_POST['wfu_postmethod']);
212	+ $new_plugin_options['userstatehandler'] = sanitize_text_field($_POST['wfu_userstatehandler']);
213	$new_plugin_options['relaxcss'] = $relaxcss;
214	$new_plugin_options['admindomain'] = sanitize_text_field($_POST['wfu_admindomain']);
215	$new_plugin_options['mediacustom'] = $mediacustom;

lib/wfu_ajaxactions.php CHANGED Viewed

	@@ -490,6 +490,8 @@ function wfu_ajax_action_read_subfolders() {
490	}
491
492	function wfu_ajax_action_download_file_invoker() {


493	$_POST = stripslashes_deep($_POST);
494	$_GET = stripslashes_deep($_GET);
495
	@@ -512,6 +514,9 @@ function wfu_ajax_action_download_file_invoker() {
512	$filepath = wfu_export_uploaded_files(null);
513	if ( $filepath === false ) die();
514	$file_code = "exportdata".wfu_safe_store_filepath($filepath);



515	}
516	//else get the file path from the safe
517	else {
	@@ -541,23 +546,27 @@ function wfu_ajax_action_download_file_invoker() {
541	}
542	//for back-end browser check if user is allowed to perform this action on this file
543	if ( !wfu_current_user_owes_file($filepath) ) die();



544	}
545
546	//generate download unique id to monitor this download
547	$download_id = wfu_create_random_string(16);
548	- //store download status of this download
549	- ~~WFU_USVAR_store('wfu_download_status_'.$download_id,~~ ~~'starting');~~

550	//generate download ticket which expires in 30sec and store it in session
551	//it will be used as security measure for the downloader script, which runs outside Wordpress environment
552	- ~~WFU_USVAR_store~~('wfu_download_ticket_'.$download_id, time() + 30);
553	//generate download monitor ticket which expires in 30sec and store it in session
554	//it will be used as security measure for the monitor script that will check download status
555	- ~~WFU_USVAR_store~~('wfu_download_monitor_ticket_'.$download_id, time() + 30);
556
557	//store translatable strings to session so that they can be used by a script
558	//that runs outside Wordpress environment
559	- ~~WFU_USVAR_store~~('wfu_browser_downloadfile_notexist', ( isset($_POST['browser']) ? WFU_BROWSER_DOWNLOADFILE_NOTEXIST : 'File does not exist!' ));
560	- ~~WFU_USVAR_store~~('wfu_browser_downloadfile_failed', ( isset($_POST['browser']) ? WFU_BROWSER_DOWNLOADFILE_FAILED : 'Could not download file!' ));
561
562	//this routine returns a dynamically created iframe element, that will call the actual download script;
563	//the actual download script runs outside Wordpress environment in order to ensure that no php warnings
	@@ -579,9 +588,9 @@ function wfu_ajax_action_download_file_monitor() {
579	$id = wfu_sanitize_code($id);
580
581	//ensure that this is not a CSRF attack by checking validity of a security ticket
582	- if ( !~~WFU_USVAR_exists~~('wfu_download_monitor_ticket_'.$id) \|\| time() > ~~WFU_USVAR~~('wfu_download_monitor_ticket_'.$id) ) die();
583	//destroy monitor ticket so it cannot be used again
584	- ~~WFU_USVAR_unset~~('wfu_download_monitor_ticket_'.$id);
585
586	//initiate loop of 30secs to check the download status of the file;
587	//the download status is controlled by the actual download script;
	@@ -591,7 +600,7 @@ function wfu_ajax_action_download_file_monitor() {
591	$end_time = time() + 30;
592	$upload_ended = false;
593	while ( time() < $end_time ) {
594	- $upload_ended = ( ~~WFU_USVAR_exists~~('wfu_download_status_'.$id) ? ( ~~WFU_USVAR~~('wfu_download_status_'.$id) == 'downloaded' \|\| ~~WFU_USVAR~~('wfu_download_status_'.$id) == 'failed' ? true : false ) : false );
595	if ( $upload_ended ) break;
596	usleep(100);
597	}
	@@ -603,11 +612,11 @@ function wfu_ajax_action_download_file_monitor() {
603	if ( $filepath === false ) die();
604	$filepath = wfu_path_rel2abs(wfu_flatten_path($filepath));
605	wfu_log_action('download', $filepath, $user->ID, '', 0, 0, '', null);
606	- die(apply_filters('_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor:'.~~WFU_USVAR~~('wfu_download_status_'.$id).':'));
607	}
608	else {
609	//regenerate monitor ticket
610	- ~~WFU_USVAR_store~~('wfu_download_monitor_ticket_'.$id, time() + 30);
611	die(apply_filters('_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor:repeat:'.$id));
612	}
613	}


490	}
491
492	function wfu_ajax_action_download_file_invoker() {
493	+ global $wfu_user_state_handler;
494	+
495	$_POST = stripslashes_deep($_POST);
496	$_GET = stripslashes_deep($_GET);
497

514	$filepath = wfu_export_uploaded_files(null);
515	if ( $filepath === false ) die();
516	$file_code = "exportdata".wfu_safe_store_filepath($filepath);
517	+ //store filepath in session otherwise it can not be retrieved by
518	+ //downloader script
519	+ WFU_USVAR_store_session('wfu_storage_'.substr($file_code, 10), $filepath);
520	}
521	//else get the file path from the safe
522	else {

546	}
547	//for back-end browser check if user is allowed to perform this action on this file
548	if ( !wfu_current_user_owes_file($filepath) ) die();
549	+ //store filepath in session otherwise it can not be retrieved by
550	+ //downloader script
551	+ WFU_USVAR_store_session('wfu_storage_'.$file_code, wfu_get_filepath_from_safe($file_code));
552	}
553
554	//generate download unique id to monitor this download
555	$download_id = wfu_create_random_string(16);
556	+ //store download status of this download in session, so that it can be
557	+ //retrieved by downloader script
558	+ WFU_USVAR_store_session('wfu_download_status_'.$download_id, 'starting');
559	//generate download ticket which expires in 30sec and store it in session
560	//it will be used as security measure for the downloader script, which runs outside Wordpress environment
561	+ WFU_USVAR_store_session('wfu_download_ticket_'.$download_id, time() + 30);
562	//generate download monitor ticket which expires in 30sec and store it in session
563	//it will be used as security measure for the monitor script that will check download status
564	+ WFU_USVAR_store_session('wfu_download_monitor_ticket_'.$download_id, time() + 30);
565
566	//store translatable strings to session so that they can be used by a script
567	//that runs outside Wordpress environment
568	+ WFU_USVAR_store_session('wfu_browser_downloadfile_notexist', ( isset($_POST['browser']) ? WFU_BROWSER_DOWNLOADFILE_NOTEXIST : 'File does not exist!' ));
569	+ WFU_USVAR_store_session('wfu_browser_downloadfile_failed', ( isset($_POST['browser']) ? WFU_BROWSER_DOWNLOADFILE_FAILED : 'Could not download file!' ));
570
571	//this routine returns a dynamically created iframe element, that will call the actual download script;
572	//the actual download script runs outside Wordpress environment in order to ensure that no php warnings

588	$id = wfu_sanitize_code($id);
589
590	//ensure that this is not a CSRF attack by checking validity of a security ticket
591	+ if ( !WFU_USVAR_exists_session('wfu_download_monitor_ticket_'.$id) \|\| time() > WFU_USVAR_session('wfu_download_monitor_ticket_'.$id) ) die();
592	//destroy monitor ticket so it cannot be used again
593	+ WFU_USVAR_unset_session('wfu_download_monitor_ticket_'.$id);
594
595	//initiate loop of 30secs to check the download status of the file;
596	//the download status is controlled by the actual download script;

600	$end_time = time() + 30;
601	$upload_ended = false;
602	while ( time() < $end_time ) {
603	+ $upload_ended = ( WFU_USVAR_exists_session('wfu_download_status_'.$id) ? ( WFU_USVAR_session('wfu_download_status_'.$id) == 'downloaded' \|\| WFU_USVAR_session('wfu_download_status_'.$id) == 'failed' ? true : false ) : false );
604	if ( $upload_ended ) break;
605	usleep(100);
606	}

612	if ( $filepath === false ) die();
613	$filepath = wfu_path_rel2abs(wfu_flatten_path($filepath));
614	wfu_log_action('download', $filepath, $user->ID, '', 0, 0, '', null);
615	+ die(apply_filters('_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor:'.WFU_USVAR_session('wfu_download_status_'.$id).':'));
616	}
617	else {
618	//regenerate monitor ticket
619	+ WFU_USVAR_store_session('wfu_download_monitor_ticket_'.$id, time() + 30);
620	die(apply_filters('_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor:repeat:'.$id));
621	}
622	}

lib/wfu_constants.php CHANGED Viewed

	@@ -310,7 +310,9 @@ $GLOBALS["WFU_GLOBALS"] += array(
310	"WFU_ALT_IPTANUS_SERVER" => array( "Alternative Iptanus Server", "string", "https://iptanusservices.appspot.com", "If it is set then this is the URL of the alternative Iptanus server." ),
311	"WFU_ALT_VERSION_SERVER" => array( "Alternative Version Server", "string", "https://iptanusservices.appspot.com/g79xo30q8s", "If the alternative Iptanus server is used and this variable is not empty, then it will be used as the alternative Version Server URL." ),
312	"WFU_MINIFY_INLINE_CSS" => array( "Minify Inline CSS Code", "string", "true", "Defines whether the inline CSS code will be minified. It can be 'true' or 'false'." ),
313	- "WFU_MINIFY_INLINE_JS" => array( "Minify Inline JS Code", "string", "true", "Defines whether the inline Javascript code will be minified. It can be 'true' or 'false'." )


314	);
315	//color definitions
316	$GLOBALS["WFU_GLOBALS"] += array(


310	"WFU_ALT_IPTANUS_SERVER" => array( "Alternative Iptanus Server", "string", "https://iptanusservices.appspot.com", "If it is set then this is the URL of the alternative Iptanus server." ),
311	"WFU_ALT_VERSION_SERVER" => array( "Alternative Version Server", "string", "https://iptanusservices.appspot.com/g79xo30q8s", "If the alternative Iptanus server is used and this variable is not empty, then it will be used as the alternative Version Server URL." ),
312	"WFU_MINIFY_INLINE_CSS" => array( "Minify Inline CSS Code", "string", "true", "Defines whether the inline CSS code will be minified. It can be 'true' or 'false'." ),
313	+ "WFU_MINIFY_INLINE_JS" => array( "Minify Inline JS Code", "string", "true", "Defines whether the inline Javascript code will be minified. It can be 'true' or 'false'." ),
314	+ "WFU_US_DBOPTION_CHECK" => array( "DB Option User State Check Interval", "integer", 7200, "Defines how often (in seconds) the plugin will update user state list, when user state is saved in DB option table." ),
315	+ "WFU_US_DBOPTION_LIFE" => array( "DB Option User State Life", "integer", 1800, "Defines the maximum time of inactivity of a user state, when user state is saved in DB option table." )
316	);
317	//color definitions
318	$GLOBALS["WFU_GLOBALS"] += array(

lib/wfu_functions.php CHANGED Viewed

@@ -2428,29 +2428,137 @@ function wfu_parse_userdata_attribute($value){
             function WFU_USVAR_exists($var) {
             	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
-            -
            	return isset($_SESSION[$var]);
+            }
             function WFU_USVAR($var) {
             	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
-            -
            	return $_SESSION[$var];
+            }
             function WFU_USALL() {
             	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
-            -
            	return $_SESSION;
+            }
             function WFU_USVAR_store($var, $value) {
             	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
-            -
            	$_SESSION[$var] = $value;
+            }
             function WFU_USVAR_unset($var) {
             	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
             	unset($_SESSION[$var]);
+            }
             //********************* Javascript Related Functions ****************************************************************************************************
             // function wfu_inject_js_code generates html code for injecting js code and then erase the trace


2428
2429	function WFU_USVAR_exists($var) {
2430	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
2431	+ global $wfu_user_state_handler;
2432	+ if ( $wfu_user_state_handler == "dboption" ) return WFU_USVAR_exists_dboption($var);
2433	+ else return WFU_USVAR_exists_session($var);
2434	}
2435
2436	function WFU_USVAR($var) {
2437	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
2438	+ global $wfu_user_state_handler;
2439	+ if ( $wfu_user_state_handler == "dboption" ) return WFU_USVAR_dboption($var);
2440	+ else return WFU_USVAR_session($var);
2441	}
2442
2443	function WFU_USALL() {
2444	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
2445	+ global $wfu_user_state_handler;
2446	+ if ( $wfu_user_state_handler == "dboption" ) return WFU_USALL_dboption();
2447	+ else return WFU_USALL_session();
2448	}
2449
2450	function WFU_USVAR_store($var, $value) {
2451	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
2452	+ global $wfu_user_state_handler;
2453	+ if ( $wfu_user_state_handler == "dboption" ) WFU_USVAR_store_dboption($var, $value);
2454	+ else WFU_USVAR_store_session($var, $value);
2455	}
2456
2457	function WFU_USVAR_unset($var) {
2458	$a = func_get_args(); switch(WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out)) { case 'X': break; case 'R': return $out; break; case 'D': die($out); break; }
2459	+ global $wfu_user_state_handler;
2460	+ if ( $wfu_user_state_handler == "dboption" ) WFU_USVAR_unset_dboption($var);
2461	+ else WFU_USVAR_unset_session($var);
2462	+ }
2463	+
2464	+ function WFU_USVAR_exists_session($var) {
2465	+ return isset($_SESSION[$var]);
2466	+ }
2467	+
2468	+ function WFU_USVAR_session($var) {
2469	+ return $_SESSION[$var];
2470	+ }
2471	+
2472	+ function WFU_USALL_session() {
2473	+ return $_SESSION;
2474	+ }
2475	+
2476	+ function WFU_USVAR_store_session($var, $value) {
2477	+ $_SESSION[$var] = $value;
2478	+ }
2479	+
2480	+ function WFU_USVAR_unset_session($var) {
2481	unset($_SESSION[$var]);
2482	}
2483
2484	+ function wfu_get_safe_session_id() {
2485	+ return preg_replace("/[^a-z0-9_]/", "", strtolower(session_id()));
2486	+ }
2487	+
2488	+ function wfu_get_US_dboption_data($id, $default = false) {
2489	+ if ( $id == "" ) return false;
2490	+ return get_option("wfu_userstate_".$id, $default);
2491	+ }
2492	+
2493	+ function wfu_update_US_dboption_time($id) {
2494	+ $list = get_option("wfu_userstate_list", array());
2495	+ $list[$id] = time();
2496	+ update_option("wfu_userstate_list", $list);
2497	+ }
2498	+
2499	+ function WFU_USVAR_exists_dboption($var) {
2500	+ $id = wfu_get_safe_session_id();
2501	+ $data = wfu_get_US_dboption_data($id);
2502	+ if ( $data === false ) return false;
2503	+ wfu_update_US_dboption_time($id);
2504	+ return isset($data[$var]);
2505	+ }
2506	+
2507	+ function WFU_USVAR_dboption($var) {
2508	+ $id = wfu_get_safe_session_id();
2509	+ $data = wfu_get_US_dboption_data($id);
2510	+ if ( $data === false ) return "";
2511	+ wfu_update_US_dboption_time($id);
2512	+ return $data[$var];
2513	+ }
2514	+
2515	+ function WFU_USALL_dboption() {
2516	+ $id = wfu_get_safe_session_id();
2517	+ $data = wfu_get_US_dboption_data($id);
2518	+ if ( $data === false ) return array();
2519	+ wfu_update_US_dboption_time($id);
2520	+ return $data;
2521	+ }
2522	+
2523	+ function WFU_USVAR_store_dboption($var, $value) {
2524	+ $id = wfu_get_safe_session_id();
2525	+ $data = wfu_get_US_dboption_data($id, array());
2526	+ if ( $data === false ) return;
2527	+ $data[$var] = $value;
2528	+ update_option("wfu_userstate_".$id, $data);
2529	+ wfu_update_US_dboption_time($id);
2530	+ wfu_update_US_dboption_list();
2531	+ }
2532	+
2533	+ function WFU_USVAR_unset_dboption($var) {
2534	+ $id = wfu_get_safe_session_id();
2535	+ $data = wfu_get_US_dboption_data($id);
2536	+ if ( $data === false ) return;
2537	+ unset($data[$var]);
2538	+ update_option("wfu_userstate_".$id, $data);
2539	+ wfu_update_US_dboption_time($id);
2540	+ }
2541	+
2542	+ function wfu_update_US_dboption_list() {
2543	+ $last_check_interval = time() - get_option("wfu_userstate_list_last_check", 0);
2544	+ $limit = WFU_VAR("WFU_US_DBOPTION_CHECK");
2545	+ if ( $last_check_interval < $limit ) return;
2546	+
2547	+ $list = get_option("wfu_userstate_list", array());
2548	+ $changed = false;
2549	+ $limit = WFU_VAR("WFU_US_DBOPTION_LIFE");
2550	+ foreach ( $list as $id => $time ) {
2551	+ $interval = time() - $time;
2552	+ if ( $interval > $limit ) {
2553	+ $changed = true;
2554	+ unset($list[$id]);
2555	+ delete_option("wfu_userstate_".$id);
2556	+ }
2557	+ }
2558	+ if ( $changed ) update_option("wfu_userstate_list", $list);
2559	+ update_option("wfu_userstate_list_last_check", time());
2560	+ }
2561	+
2562	//******************* Javascript Related Functions **************************************************************************************************
2563
2564	// function wfu_inject_js_code generates html code for injecting js code and then erase the trace

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: nickboss
3	Donate link: http://www.iptanus.com/support/wordpress-file-upload
4	Tags: file, upload, ajax, form, page, post, sidebar, responsive, widget, webcam, ftp
5	Requires at least: 2.9.2
6	- Tested up to: 4.9.4
7	Stable tag: "trunk"
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
	@@ -146,6 +146,9 @@ There is an option in plugin's settings in Dashboard to relax the CSS rules, so
146
147	== Changelog ==
148



149	= 4.3.4 =
150	* all Settings sanitized correctly to prevent XSS attacks - credits to ManhNho for mentioning this problem
151
	@@ -738,6 +741,9 @@ Initial version.
738
739	== Upgrade Notice ==
740



741	= 4.3.4 =
742	Minor update to fix a serious security hole.
743


3	Donate link: http://www.iptanus.com/support/wordpress-file-upload
4	Tags: file, upload, ajax, form, page, post, sidebar, responsive, widget, webcam, ftp
5	Requires at least: 2.9.2
6	+ Tested up to: 4.9.5
7	Stable tag: "trunk"
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html

146
147	== Changelog ==
148
149	+ = 4.4.0 =
150	+ * added alternative user state handler using DB Options table in order to overcome problems with session variables appearing on many web servers
151	+
152	= 4.3.4 =
153	* all Settings sanitized correctly to prevent XSS attacks - credits to ManhNho for mentioning this problem
154

741
742	== Upgrade Notice ==
743
744	+ = 4.4.0 =
745	+ Significant update that enables wider web server compatibility.
746	+
747	= 4.3.4 =
748	Minor update to fix a serious security hole.
749

release_notes.txt CHANGED Viewed

	@@ -1,2 +1,2 @@
1	- <!-- --><span>Version 4.3.4 is a ~~minor~~ update that ~~fixes~~ ~~another~~ ~~potential~~ ~~<strong>security~~ ~~risk</strong>~~ in ~~plugin's~~ ~~<strong>Settings</strong>.~~ ~~Many~~ ~~thanks~~ to ~~<strong>ManhNho</strong>~~ ~~for~~ ~~mentioning~~ ~~this~~ ~~issue~~ ~~and~~ ~~also~~ ~~the~~ ~~one~~ in ~~the~~ ~~previous~~ ~~version~~. If ~~you~~ ~~notice~~ ~~any~~ ~~problems~~ ~~with~~ ~~the~~ ~~shortcode,~~ ~~please~~ ~~</span><a~~ ~~href="https://www.iptanus.com/contact/">contact</a><span>~~ <strong>~~Iptanus~~</strong~~>.<~~br/><br/>For details about this version's changes please visit the Release Notes of the plugin's </span><a href="http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/">support page</a><span>.</span><!-- -->
2	<!-- -->


1	+ <!-- --><span>Version 4.4.0 is a significant update that enables wider web server and Wordpress environment compatibility. There have been several reports by users experiencing failed uploads with a message "Upload failed! Unknown error". This version will try to handle most of these cases by storing <strong>User State</strong> data in the website database, instead of Session.<br/><br/>For details about this version's changes please visit the Release Notes of the plugin's </span><a href="http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/">support page</a><span>.</span><!-- -->
2	<!-- -->

wfu_file_downloader.php CHANGED Viewed

	@@ -11,9 +11,9 @@ function wfu_download_file() {
11
12	$ticket = wfu_sanitize_code($ticket);
13	//if download ticket does not exist or is expired die
14	- if ( !~~WFU_USVAR_exists~~('wfu_download_ticket_'.$ticket) \|\| time() > ~~WFU_USVAR~~('wfu_download_ticket_'.$ticket) ) die();
15	//destroy ticket so it cannot be used again
16	- ~~WFU_USVAR_unset~~('wfu_download_ticket_'.$ticket);
17
18	$file_code = wfu_sanitize_code($file_code);
19	//if file_code starts with exportdata, then this is a request for export of
	@@ -21,23 +21,25 @@ function wfu_download_file() {
21	//but wfu_export.csv; also set flag to delete file after download operation
22	if ( substr($file_code, 0, 10) == "exportdata" ) {
23	$file_code = substr($file_code, 10);
24	- $filepath = wfu_get_filepath_from_safe($file_code);

25	$disposition_name = "wfu_export.csv";
26	$delete_file = true;
27	}
28	else {
29	- $filepath = wfu_get_filepath_from_safe($file_code);

30	if ( $filepath === false ) die();
31	$filepath = wfu_flatten_path($filepath);
32	if ( substr($filepath, 0, 1) == "/" ) $filepath = substr($filepath, 1);
33	- $filepath = ( substr($filepath, 0, 6) == 'ftp://' \|\| substr($filepath, 0, 7) == 'ftps://' \|\| substr($filepath, 0, 7) == 'sftp://' ? $filepath : ~~WFU_USVAR~~('wfu_ABSPATH').$filepath );
34	$disposition_name = wfu_basename($filepath);
35	$delete_file = false;
36	}
37	//check that file exists
38	if ( !file_exists($filepath) ) {
39	- ~~WFU_USVAR_store~~('wfu_download_status_'.$ticket, 'failed');
40	- die('<script language="javascript">alert("'.( ~~WFU_USVAR_exists~~('wfu_browser_downloadfile_notexist') ? ~~WFU_USVAR~~('wfu_browser_downloadfile_notexist') : 'File does not exist!' ).'");</script>');
41	}
42	//get mime type
43
	@@ -70,12 +72,12 @@ function wfu_download_file() {
70	if ( $delete_file ) unset($filepath);
71
72	if ( !$failed ) {
73	- ~~WFU_USVAR_store~~('wfu_download_status_'.$ticket, 'downloaded');
74	die();
75	}
76	else {
77	- ~~WFU_USVAR_store~~('wfu_download_status_'.$ticket, 'failed');
78	- die('<script language="javascript">alert("'.( ~~WFU_USVAR_exists~~('wfu_browser_downloadfile_failed') ? ~~WFU_USVAR~~('wfu_browser_downloadfile_failed') : 'Could not download file!' ).'");</script>');
79	}
80	}
81


11
12	$ticket = wfu_sanitize_code($ticket);
13	//if download ticket does not exist or is expired die
14	+ if ( !WFU_USVAR_exists_session('wfu_download_ticket_'.$ticket) \|\| time() > WFU_USVAR_session('wfu_download_ticket_'.$ticket) ) die();
15	//destroy ticket so it cannot be used again
16	+ WFU_USVAR_unset_session('wfu_download_ticket_'.$ticket);
17
18	$file_code = wfu_sanitize_code($file_code);
19	//if file_code starts with exportdata, then this is a request for export of

21	//but wfu_export.csv; also set flag to delete file after download operation
22	if ( substr($file_code, 0, 10) == "exportdata" ) {
23	$file_code = substr($file_code, 10);
24	+ //$filepath = wfu_get_filepath_from_safe($file_code);
25	+ $filepath = WFU_USVAR_session('wfu_storage_'.$file_code);
26	$disposition_name = "wfu_export.csv";
27	$delete_file = true;
28	}
29	else {
30	+ //$filepath = wfu_get_filepath_from_safe($file_code);
31	+ $filepath = WFU_USVAR_session('wfu_storage_'.$file_code);
32	if ( $filepath === false ) die();
33	$filepath = wfu_flatten_path($filepath);
34	if ( substr($filepath, 0, 1) == "/" ) $filepath = substr($filepath, 1);
35	+ $filepath = ( substr($filepath, 0, 6) == 'ftp://' \|\| substr($filepath, 0, 7) == 'ftps://' \|\| substr($filepath, 0, 7) == 'sftp://' ? $filepath : WFU_USVAR_session('wfu_ABSPATH').$filepath );
36	$disposition_name = wfu_basename($filepath);
37	$delete_file = false;
38	}
39	//check that file exists
40	if ( !file_exists($filepath) ) {
41	+ WFU_USVAR_store_session('wfu_download_status_'.$ticket, 'failed');
42	+ die('<script language="javascript">alert("'.( WFU_USVAR_exists_session('wfu_browser_downloadfile_notexist') ? WFU_USVAR_session('wfu_browser_downloadfile_notexist') : 'File does not exist!' ).'");</script>');
43	}
44	//get mime type
45

72	if ( $delete_file ) unset($filepath);
73
74	if ( !$failed ) {
75	+ WFU_USVAR_store_session('wfu_download_status_'.$ticket, 'downloaded');
76	die();
77	}
78	else {
79	+ WFU_USVAR_store_session('wfu_download_status_'.$ticket, 'failed');
80	+ die('<script language="javascript">alert("'.( WFU_USVAR_exists_session('wfu_browser_downloadfile_failed') ? WFU_USVAR_session('wfu_browser_downloadfile_failed') : 'Could not download file!' ).'");</script>');
81	}
82	}
83

wordpress_file_upload.php CHANGED Viewed

	@@ -4,7 +4,7 @@ if( !session_id() ) { session_start(); }
4	/*
5	Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
6	Description: Simple interface to upload files from a page.
7	- Version: 4.3.4
8	Author: Nickolas Bossinas
9	Author URI: http://www.iptanus.com
10	*/
	@@ -56,6 +56,7 @@ if ( !is_admin() ) {
56	add_action('admin_init', 'wordpress_file_upload_admin_init');
57	add_action('admin_menu', 'wordpress_file_upload_add_admin_pages');
58	register_activation_hook(__FILE__,'wordpress_file_upload_install');

59	add_action('plugins_loaded', 'wordpress_file_upload_update_db_check');
60	//ajax actions
61	add_action('wp_ajax_wfu_ajax_action', 'wfu_ajax_action_callback');
	@@ -81,8 +82,13 @@ add_action('wp_ajax_wfu_ajax_action_include_file', 'wfu_ajax_action_include_file
81	add_action('wp_ajax_wfu_ajax_action_update_envar', 'wfu_ajax_action_update_envar');
82	add_action('wp_ajax_wfu_ajax_action_transfer_command', 'wfu_ajax_action_transfer_command');
83	wfu_include_lib();
84	- //~~add~~ ~~abspath~~ for ~~use~~ by ~~downloader~~
85	- ~~WFU_USVAR_store(~~'~~wfu_ABSPATH',~~ ~~wfu_abspath());~~





86	//widget
87	add_action( 'widgets_init', 'register_wfu_widget' );
88	//Media editor custom properties


4	/*
5	Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
6	Description: Simple interface to upload files from a page.
7	+ Version: 4.4.0
8	Author: Nickolas Bossinas
9	Author URI: http://www.iptanus.com
10	*/

56	add_action('admin_init', 'wordpress_file_upload_admin_init');
57	add_action('admin_menu', 'wordpress_file_upload_add_admin_pages');
58	register_activation_hook(__FILE__,'wordpress_file_upload_install');
59	+ register_deactivation_hook(__FILE__,'wordpress_file_upload_uninstall');
60	add_action('plugins_loaded', 'wordpress_file_upload_update_db_check');
61	//ajax actions
62	add_action('wp_ajax_wfu_ajax_action', 'wfu_ajax_action_callback');

82	add_action('wp_ajax_wfu_ajax_action_update_envar', 'wfu_ajax_action_update_envar');
83	add_action('wp_ajax_wfu_ajax_action_transfer_command', 'wfu_ajax_action_transfer_command');
84	wfu_include_lib();
85	+ //store the User State handler in a global variable for easy access by the
86	+ //plugin's routines
87	+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
88	+ $wfu_user_state_handler = $plugin_options['userstatehandler'];
89	+ //add abspath in session for use by downloader; exclude internal ajax requests
90	+ if ( !isset($_POST["action"]) \|\| ( $_POST["action"] != "wfu_ajax_action_wfu_call_async" && $_POST["action"] != "wfu_ajax_action_load_hook_code" ) )
91	+ WFU_USVAR_store_session('wfu_ABSPATH', wfu_abspath());
92	//widget
93	add_action( 'widgets_init', 'register_wfu_widget' );
94	//Media editor custom properties