WP Super Cache - Version 1.7.2

Version Description

Release Info

Developer	donncha
Plugin	WP Super Cache
Version	1.7.2
Comparing to
See all releases

Code changes from version 1.7.1 to 1.7.2

Files changed (3) hide show

readme.txt +7 -3
wp-cache-phase2.php +8 -0
wp-cache.php +47 -16

readme.txt CHANGED Viewed

	@@ -1,8 +1,8 @@
1	# WP Super Cache #
2	* Contributors: donncha, automattic
3	* Tags: performance, caching, wp-cache, wp-super-cache, cache
4	- * Tested up to: 5.~~3.2~~
5	- * Stable tag: 1.7.1
6	* Requires at least: 3.1
7	* Requires PHP: 5.2.4
8	* License: GPLv2 or later
	@@ -269,6 +269,10 @@ Your theme is probably responsive which means it resizes the page to suit whatev
269
270	## Changelog ##
271




272	### 1.7.1 ###
273	* Minor fixes to docs. #709 #645
274	* Fixed typo on cache contents page. #719
	@@ -753,4 +757,4 @@ Your theme is probably responsive which means it resizes the page to suit whatev
753
754
755	## Upgrade Notice ##
756	- ~~Bugfix~~ release.


1	# WP Super Cache #
2	* Contributors: donncha, automattic
3	* Tags: performance, caching, wp-cache, wp-super-cache, cache
4	+ * Tested up to: 5.7
5	+ * Stable tag: 1.7.2
6	* Requires at least: 3.1
7	* Requires PHP: 5.2.4
8	* License: GPLv2 or later

269
270	## Changelog ##
271
272	+ ### 1.7.2 ###
273	+ * Fixed authenticated RCE in the settings page. Props @m0ze
274	+ * Small bug fixes.
275	+
276	### 1.7.1 ###
277	* Minor fixes to docs. #709 #645
278	* Fixed typo on cache contents page. #719

757
758
759	## Upgrade Notice ##
760	+ Security and bugfix release. You are encouraged to upgrade as soon as possible.

wp-cache-phase2.php CHANGED Viewed

	@@ -1141,6 +1141,14 @@ function wpsc_delete_url_cache( $url ) {
1141	// from legolas558 d0t users dot sf dot net at http://www.php.net/is_writable
1142	function is_writeable_ACLSafe( $path ) {
1143








1144	// PHP's is_writable does not work with Win32 NTFS
1145
1146	if ( $path[ strlen( $path ) - 1 ] == '/' ) { // recursively return a temporary file path


1141	// from legolas558 d0t users dot sf dot net at http://www.php.net/is_writable
1142	function is_writeable_ACLSafe( $path ) {
1143
1144	+ if (
1145	+ ( defined( 'PHP_OS_FAMILY' ) && 'Windows' !== constant( 'PHP_OS_FAMILY' ) ) \|\|
1146	+ stristr( PHP_OS, 'DAR' ) \|\|
1147	+ ! stristr( PHP_OS, 'WIN' )
1148	+ ) {
1149	+ return is_writeable( $path );
1150	+ }
1151	+
1152	// PHP's is_writable does not work with Win32 NTFS
1153
1154	if ( $path[ strlen( $path ) - 1 ] == '/' ) { // recursively return a temporary file path

wp-cache.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: WP Super Cache
4	Plugin URI: https://wordpress.org/plugins/wp-super-cache/
5	Description: Very fast caching plugin for WordPress.
6	- Version: 1.7.1
7	Author: Automattic
8	Author URI: https://automattic.com/
9	License: GPL2+
	@@ -586,10 +586,11 @@ function wp_cache_manager_updates() {
586	if( isset( $_POST[ 'action' ] ) && $_POST[ 'action' ] == 'scupdates' ) {
587	if( isset( $_POST[ 'wp_cache_location' ] ) && $_POST[ 'wp_cache_location' ] != '' ) {
588	$dir = realpath( trailingslashit( dirname( $_POST[ 'wp_cache_location' ] ) ) );
589	- if ( $dir == false )
590	$dir = WP_CONTENT_DIR . '/cache/';
591	- else
592	$dir = trailingslashit( $dir ) . trailingslashit(wpsc_deep_replace( array( '..', '\\' ), basename( $_POST[ 'wp_cache_location' ] ) ) );

593	$new_cache_path = $dir;
594	} else {
595	$new_cache_path = WP_CONTENT_DIR . '/cache/';
	@@ -598,7 +599,7 @@ function wp_cache_manager_updates() {
598	if ( file_exists( $new_cache_path ) == false )
599	rename( $cache_path, $new_cache_path );
600	$cache_path = $new_cache_path;
601	- wp_cache_replace_line('^ *\$cache_path', "\$cache_path = '" . $cache_path . "';", $wp_cache_config_file);
602	}
603
604	if( isset( $_POST[ 'wp_super_cache_late_init' ] ) ) {
	@@ -2567,8 +2568,12 @@ function wp_cache_create_advanced_cache() {
2567	global $wpsc_advanced_cache_filename, $wpsc_advanced_cache_dist_filename;
2568	if ( file_exists( ABSPATH . 'wp-config.php') ) {
2569	$global_config_file = ABSPATH . 'wp-config.php';




2570	} else {
2571	- ~~$global_config_file = dirname~~(~~ABSPATH)~~ . '/wp-config.php';
2572	}
2573
2574	$line = 'define( \'WPCACHEHOME\', \'' . dirname( __FILE__ ) . '/\' );';
	@@ -2607,7 +2612,7 @@ function wp_cache_create_advanced_cache() {
2607	! strpos( $file, "WP SUPER CACHE 0.8.9.1" ) &&
2608	! strpos( $file, "WP SUPER CACHE 1.2" )
2609	) {
2610	- ~~wp_die(~~ '<div class="notice notice-error"><h4>' . __( 'Warning!', 'wp-super-cache' ) . "</h4><p>" . sprintf( __( 'The file %s already exists. Please manually delete it before using this plugin. If you continue to see this message after deleting it please contact your hosting support.', 'wp-super-cache' ), $wpsc_advanced_cache_filename ) . "</p></div>" );
2611	}
2612	}
2613
	@@ -2626,24 +2631,47 @@ function wpsc_check_advanced_cache() {
2626	global $wpsc_advanced_cache_filename;
2627
2628	$ret = true;

2629	if ( file_exists( $wpsc_advanced_cache_filename ) ) {
2630	$file = file_get_contents( $wpsc_advanced_cache_filename );
2631	- if( strpos( $file, "WP SUPER CACHE 0.8.9.1" ) \|\| strpos( $file, "WP SUPER CACHE 1.2" ) ) {
2632	return true;
2633	} else {

2634	$ret = wp_cache_create_advanced_cache();
2635	}
2636	} else {
2637	$ret = wp_cache_create_advanced_cache();
2638	}
2639
2640	- if( false == $ret ) {
2641	- ~~echo~~ ~~'<div class="notice notice-error"><h4>' . __~~( ~~'Warning',~~ ~~'wp-super-cache'~~ ) ~~. "! <em>" . sprintf( __( '%s/advanced-cache.php</em> does not exist or cannot be updated.', 'wp-super-cache' ), WP_CONTENT_DIR ) . "</h4>";~~
2642	- echo "<p><~~ol><li~~>" . __( 'If it ~~already~~ ~~exists,~~ ~~please~~ ~~delete~~ ~~the~~ ~~file~~ ~~first~~.', 'wp-super-cache' ) . "</li>";
2643	- echo ~~"<li>" . sprintf( __(~~ '~~Make %1$s writable using the chmod command through your ftp or server software. (~~<em>~~chmod 777 %1$s</em>) and refresh this page. This is only a temporary measure and you’ll have to make it read only afterwards again. (Change 777 to 755 in the previous command)~~', ~~'wp-super-cache' ), WP_CONTENT_DIR )~~ . ~~"</li>";~~
2644	- ~~echo "<li>" .~~ sprintf( ~~__( 'Refresh this page to update <em>%s/advanced-cache.php</em>', 'wp-super-cache' ), WP_CONTENT_DIR ) . "</li></ol>";~~
2645	- ~~echo sprintf(~~ __( 'If ~~that~~ ~~doesn’t~~ ~~work,~~ ~~make~~ ~~sure~~ the file ~~<em>%s/advanced-cache~~.~~php</em>~~ ~~doesn’t exist:~~', 'wp-super-cache' ), ~~WP_CONTENT_DIR ) . "<ol>";~~
2646	- ~~echo "</ol>";~~





















2647	echo "</div>";
2648	return false;
2649	}
	@@ -3442,6 +3470,9 @@ function wpsc_get_htaccess_info() {
3442
3443	$gziprules = "<IfModule mod_mime.c>\n <FilesMatch \"\\.html\\.gz\$\">\n ForceType text/html\n FileETag None\n </FilesMatch>\n AddEncoding gzip .gz\n AddType text/html .gz\n</IfModule>\n";
3444	$gziprules .= "<IfModule mod_deflate.c>\n SetEnvIfNoCase Request_URI \.gz$ no-gzip\n</IfModule>\n";



3445	if ( defined( 'WPSC_VARY_HEADER' ) ) {
3446	if ( WPSC_VARY_HEADER != '' ) {
3447	$vary_header = WPSC_VARY_HEADER;
	@@ -3771,9 +3802,9 @@ function wp_cache_disable_plugin( $delete_config_file = true ) {
3771
3772	uninstall_supercache( WP_CONTENT_DIR . '/cache' );
3773	$file_not_deleted = false;

3774	if ( @file_exists( WP_CONTENT_DIR . "/advanced-cache.php" ) ) {
3775	- if ( ~~false == @unlink( WP_CONTENT_DIR . "/~~advanced-cache.php~~" ) )~~
3776	- $file_not_deleted[] = 'advanced-cache.php';
3777	}
3778	if ( $delete_config_file && @file_exists( WP_CONTENT_DIR . "/wp-cache-config.php" ) ) {
3779	if ( false == unlink( WP_CONTENT_DIR . "/wp-cache-config.php" ) )


3	Plugin Name: WP Super Cache
4	Plugin URI: https://wordpress.org/plugins/wp-super-cache/
5	Description: Very fast caching plugin for WordPress.
6	+ Version: 1.7.2
7	Author: Automattic
8	Author URI: https://automattic.com/
9	License: GPL2+

586	if( isset( $_POST[ 'action' ] ) && $_POST[ 'action' ] == 'scupdates' ) {
587	if( isset( $_POST[ 'wp_cache_location' ] ) && $_POST[ 'wp_cache_location' ] != '' ) {
588	$dir = realpath( trailingslashit( dirname( $_POST[ 'wp_cache_location' ] ) ) );
589	+ if ( $dir === realpath( '.' ) \|\| false === $dir ) {
590	$dir = WP_CONTENT_DIR . '/cache/';
591	+ } else {
592	$dir = trailingslashit( $dir ) . trailingslashit(wpsc_deep_replace( array( '..', '\\' ), basename( $_POST[ 'wp_cache_location' ] ) ) );
593	+ }
594	$new_cache_path = $dir;
595	} else {
596	$new_cache_path = WP_CONTENT_DIR . '/cache/';

599	if ( file_exists( $new_cache_path ) == false )
600	rename( $cache_path, $new_cache_path );
601	$cache_path = $new_cache_path;
602	+ wp_cache_replace_line('^ *\$cache_path', "\$cache_path = " . var_export( $cache_path, true ) . ";", $wp_cache_config_file);
603	}
604
605	if( isset( $_POST[ 'wp_super_cache_late_init' ] ) ) {

2568	global $wpsc_advanced_cache_filename, $wpsc_advanced_cache_dist_filename;
2569	if ( file_exists( ABSPATH . 'wp-config.php') ) {
2570	$global_config_file = ABSPATH . 'wp-config.php';
2571	+ } elseif ( file_exists( dirname( ABSPATH ) . '/wp-config.php' ) ) {
2572	+ $global_config_file = dirname( ABSPATH ) . '/wp-config.php';
2573	+ } elseif ( defined( 'DEBIAN_FILE' ) && file_exists( DEBIAN_FILE ) ) {
2574	+ $global_config_file = DEBIAN_FILE;
2575	} else {
2576	+ die('Cannot locate wp-config.php');
2577	}
2578
2579	$line = 'define( \'WPCACHEHOME\', \'' . dirname( __FILE__ ) . '/\' );';

2612	! strpos( $file, "WP SUPER CACHE 0.8.9.1" ) &&
2613	! strpos( $file, "WP SUPER CACHE 1.2" )
2614	) {
2615	+ return false;
2616	}
2617	}
2618

2631	global $wpsc_advanced_cache_filename;
2632
2633	$ret = true;
2634	+ $other_advanced_cache = false;
2635	if ( file_exists( $wpsc_advanced_cache_filename ) ) {
2636	$file = file_get_contents( $wpsc_advanced_cache_filename );
2637	+ if ( strpos( $file, "WP SUPER CACHE 0.8.9.1" ) \|\| strpos( $file, "WP SUPER CACHE 1.2" ) ) {
2638	return true;
2639	} else {
2640	+ $other_advanced_cache = true;
2641	$ret = wp_cache_create_advanced_cache();
2642	}
2643	} else {
2644	$ret = wp_cache_create_advanced_cache();
2645	}
2646
2647	+ if ( false == $ret ) {
2648	+ if ( $other_advanced_cache ) {
2649	+ echo '<div style="width: 50%" class="notice notice-error"><h2>' . __( 'Warning! You may not be allowed to use this plugin on your site.', 'wp-super-cache' ) . "</h2>";
2650	+ echo '<p>' .
2651	+ sprintf(
2652	+ __( 'The file %s was created by another plugin or by your system administrator. Please examine the file carefully by FTP or SSH and consult your hosting documentation. ', 'wp-super-cache' ),
2653	+ $wpsc_advanced_cache_filename
2654	+ ) .
2655	+ '</p>';
2656	+ echo '<p>' .
2657	+ __( 'If it was created by another caching plugin please uninstall that plugin first before activating WP Super Cache. If the file is not removed by that action you should delete the file manually.', 'wp-super-cache' ),
2658	+ '</p>';
2659	+ echo '<p><strong>' .
2660	+ __( 'If you need support for this problem contact your hosting provider.', 'wp-super-cache' ),
2661	+ '</strong></p>';
2662	+ } elseif ( ! is_writeable_ACLSafe( $wpsc_advanced_cache_filename ) ) {
2663	+ echo '<div class="notice notice-error"><h2>' . __( 'Warning', 'wp-super-cache' ) . "! <em>" . sprintf( __( '%s/advanced-cache.php</em> cannot be updated.', 'wp-super-cache' ), WP_CONTENT_DIR ) . "</h2>";
2664	+ echo '<ol>';
2665	+ echo "<li>" .
2666	+ sprintf(
2667	+ __( 'Make %1$s writable using the chmod command through your ftp or server software. (<em>chmod 777 %1$s</em>) and refresh this page. This is only a temporary measure and you’ll have to make it read only afterwards again. (Change 777 to 755 in the previous command)', 'wp-super-cache' ),
2668	+ WP_CONTENT_DIR
2669	+ ) .
2670	+ "</li>";
2671	+ echo "<li>" . sprintf( __( 'Refresh this page to update <em>%s/advanced-cache.php</em>', 'wp-super-cache' ), WP_CONTENT_DIR ) . "</li></ol>";
2672	+ echo sprintf( __( 'If that doesn’t work, make sure the file <em>%s/advanced-cache.php</em> doesn’t exist:', 'wp-super-cache' ), WP_CONTENT_DIR ) . "<ol>";
2673	+ echo "</ol>";
2674	+ }
2675	echo "</div>";
2676	return false;
2677	}

3470
3471	$gziprules = "<IfModule mod_mime.c>\n <FilesMatch \"\\.html\\.gz\$\">\n ForceType text/html\n FileETag None\n </FilesMatch>\n AddEncoding gzip .gz\n AddType text/html .gz\n</IfModule>\n";
3472	$gziprules .= "<IfModule mod_deflate.c>\n SetEnvIfNoCase Request_URI \.gz$ no-gzip\n</IfModule>\n";
3473	+
3474	+ $vary_header = $cache_control_header = '';
3475	+
3476	if ( defined( 'WPSC_VARY_HEADER' ) ) {
3477	if ( WPSC_VARY_HEADER != '' ) {
3478	$vary_header = WPSC_VARY_HEADER;

3802
3803	uninstall_supercache( WP_CONTENT_DIR . '/cache' );
3804	$file_not_deleted = false;
3805	+ wpsc_remove_advanced_cache();
3806	if ( @file_exists( WP_CONTENT_DIR . "/advanced-cache.php" ) ) {
3807	+ $file_not_deleted[] = 'advanced-cache.php';

3808	}
3809	if ( $delete_config_file && @file_exists( WP_CONTENT_DIR . "/wp-cache-config.php" ) ) {
3810	if ( false == unlink( WP_CONTENT_DIR . "/wp-cache-config.php" ) )