Changeset 3356445

hizzle-downloads/tags/1.2.2/hizzle-downloads.php

-                      r3287466
+                      r3356445
  * Plugin URI: https://hizzle.co/download-manager/
  * Description: A lightweight download manager plugin.
  * Version: 1.2.1
+ * Version: 1.2.2
  * Author: Hizzle
  * Author URI: https://hizzle.co
 …
 if ( ! defined( 'HIZZLE_DOWNLOADS_VERSION' ) ) {
     define( 'HIZZLE_DOWNLOADS_VERSION', '1.2.1' );
+    define( 'HIZZLE_DOWNLOADS_VERSION', '1.2.2' );
+}

hizzle-downloads/tags/1.2.2/readme.txt

-                      r3287466
+                      r3356445
 === Simple Download Manager - Hizzle Downloads ===
 Contributors: picocodes, mutendebrian
 Tags: files, downloads, digital downloads
+Tags: files, downloads, digital downloads, download manager, restrict downloads
 Requires at least: 4.9
 Tested up to: 6.7
 Requires PHP: 5.6
 Version: 1.2.1
 Stable tag: 1.2.1
+Version: 1.2.2
+Stable tag: 1.2.2
 License: GPLv3
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
 Donate link: https://noptin.com/products/?utm_source=wp-repo&utm_medium=donate&utm_campaign=readme
+Allow your website visitors to download files from your site. Optionally restrict downloads by user role, ip address, etc
+Easily add, restrict, and track digital downloads in WordPress — protect files with passwords, user roles, IPs, or subscriber access.
 == Description ==
+This plugin allows you to:-
+**A simple WordPress download manager for secure file sharing, access control, and download tracking — perfect for digital products.**
+★★★★★<br>
+- Add unlimited downloadable files.
+- Optionally protect each downloadable file with a password.
+- Restrict downloads to specific user roles.
+- Restrict downloads to specific ip addresses.
+- Restrict downloads to specific users.
+- Restrict downloads to newsletter subscribers.
+- Track file downloads.
+Do you need a simple yet powerful way to manage file downloads on your WordPress site? This plugin makes it easy to upload, organize, and control access to downloadable files of any type. Whether you are sharing free resources, selling digital products, or delivering private documents, this plugin gives you full control over who can download your files and when.
+With unlimited downloads, flexible restrictions, and detailed tracking, you can confidently provide files to your audience while keeping them secure.
+= Key Features =
+- **Add unlimited downloadable files** – Add and manage as many downloadable files as you need, with no limits.
+- **Password Protection** – Protect individual files with custom passwords so only authorized users can access them.
+- **Restrict downloads to specific user roles** – Control file access based on WordPress user roles, ensuring that only administrators, editors, subscribers, or custom roles can download.
+- **Restrict downloads to specific IP addresses** – Restrict downloads to specific IP addresses to prevent abuse or unauthorized sharing.
+- **Restrict downloads to specific users** – Assign downloads to specific registered users for secure, private file delivery.
+- **Restrict downloads to newsletter subscribers** – Restrict downloads to Noptin newsletter subscriber, making it an excellent tool for lead generation.
+- **Track file downloads** – Track every file download with detailed statistics, helping you understand how your files are being accessed.
+- **Simple Management** – A user-friendly interface makes uploading and managing files straightforward, even for beginners.
+= Why Use This Plugin? =
+Managing downloads manually in WordPress can be difficult. Links can be shared publicly, access can’t easily be restricted, and tracking is limited. This plugin solves those problems by giving you advanced tools to:
+- Protect digital products such as **software, themes, and plugins**.
+- Share private **PDF documents, contracts, or reports** securely with clients.
+- Provide exclusive resources like **eBooks, whitepapers, and templates** to email subscribers.
+- Control access to files for **membership sites and online courses**.
+- Monitor and analyze download activity to make better business decisions.
+= Benefits for Your Website =
+By installing this plugin, you’ll be able to:
+- Grow your email list by offering subscriber-only downloads.
+- Monetize your website by controlling access to premium resources.
+- Increase security by preventing unauthorized downloads and link sharing.
+- Gain insights into how your downloads are performing.
+Whether you’re a blogger, developer, marketer, educator, or business owner, this plugin gives you all the tools you need to manage file downloads effectively in WordPress.
+Take control of your downloads today and provide a seamless, secure experience for your users.
 == Installation ==
 …
 = Can I see how many times each file has been downloaded? =
 Yes, Noptin allows you to view how many times each file has been downloaded, as well as which users have downloaded the file. This information is available in the Noptin dashboard, where you can see a list of all your downloadable files and their download stats. You can also see which users have downloaded the files, and view their information and activity in your mailing list. This can be useful for tracking the popularity of your files and understanding which users are interested in them.
+Yes, Hizzle Downloads allows you to view how many times each file has been downloaded, as well as which users have downloaded the file. This information is available in the Hizzle Downloads dashboard, where you can see a list of all your downloadable files and their download stats. You can also see which users have downloaded the files, and view their information and activity in your mailing list. This can be useful for tracking the popularity of your files and understanding which users are interested in them.
 = Can I restrict downloads by user role or newsletter subscription status? =
 Yes, Noptin allows you to restrict downloads by user role or newsletter subscription status. This means that you can choose which users are able to download your files, based on their user role on your website or their status as a newsletter subscriber. For example, you can make a file available only to users who are registered as members on your website, or only to users who have subscribed to your newsletter. This can be useful for creating exclusive content or offers for your users, and for encouraging people to sign up for your newsletter. You can set these restrictions for each of your downloadable files in the Noptin settings.
+Yes, Hizzle Downloads allows you to restrict downloads by user role or newsletter subscription status. This means that you can choose which users are able to download your files, based on their user role on your website or their status as a newsletter subscriber. For example, you can make a file available only to users who are registered as members on your website, or only to users who have subscribed to your newsletter. This can be useful for creating exclusive content or offers for your users, and for encouraging people to sign up for your newsletter. You can set these restrictions for each of your downloadable files in the Hizzle Downloads settings.
 = How do I display downloadable files? =
 …
 = How can I get in touch? =
 Use the [contact form on our website](https://hizzle.co/contact-us/).
+Use the [contact form on our website](https://hizzlewp.com/contact/).
 = How can I contribute? =
 …
 == Changelog ==
+= 1.2.2 =
+- Update composer packages.
 = 1.2.1 =
 …
 = 1.0.3 =
 - Restrict downloads to newsletter subscribers.
+- Restrict downloads to Noptin newsletter subscribers.
 - Add support for password protected downloads.
 - Automatically update download files when there is a GitHub release.

hizzle-downloads/tags/1.2.2/vendor/composer/installed.json

-                      r3287466
+                      r3356445
+        {
             "name": "hizzle/store",
             "version": "0.2.7",
             "version_normalized": "0.2.7.0",
+            "version": "0.2.11",
+            "version_normalized": "0.2.11.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/hizzle-co/datastore.git",
                 "reference": "6620679060f7b64e0a417758a328173e8b5ec729"
+                "reference": "a6e17c589443de791e9bf9eb9c2536c7401f09c2"
             },
             "dist": {
                 "type": "zip",
                 "url": "https://api.github.com/repos/hizzle-co/datastore/zipball/6620679060f7b64e0a417758a328173e8b5ec729",
                 "reference": "6620679060f7b64e0a417758a328173e8b5ec729",
+                "url": "https://api.github.com/repos/hizzle-co/datastore/zipball/a6e17c589443de791e9bf9eb9c2536c7401f09c2",
+                "reference": "a6e17c589443de791e9bf9eb9c2536c7401f09c2",
                 "shasum": ""
             },
 …
                 "php": ">=5.3.0"
             },
             "time": "2025-05-03T10:20:52+00:00",
+            "time": "2025-08-20T05:32:06+00:00",
             "type": "library",
             "installation-source": "dist",
 …
             "support": {
                 "issues": "https://github.com/hizzle-co/datastore/issues",
                 "source": "https://github.com/hizzle-co/datastore/tree/0.2.7"
+                "source": "https://github.com/hizzle-co/datastore/tree/0.2.11"
             },
             "install-path": "../hizzle/store"

hizzle-downloads/tags/1.2.2/vendor/composer/installed.php

-                      r3287466
+                      r3356445
         'pretty_version' => 'dev-main',
         'version' => 'dev-main',
         'reference' => 'eacb4c22f68cba9ad5d53a20b1db45c4f10bad5a',
+        'reference' => '54e05e6de537c0de0a2c4e916ec2394d169ccd55',
         'type' => 'library',
         'install_path' => __DIR__ . '/../../',
 …
             'pretty_version' => 'dev-main',
             'version' => 'dev-main',
             'reference' => 'eacb4c22f68cba9ad5d53a20b1db45c4f10bad5a',
+            'reference' => '54e05e6de537c0de0a2c4e916ec2394d169ccd55',
             'type' => 'library',
             'install_path' => __DIR__ . '/../../',
 …
         ),
         'hizzle/store' => array(
             'pretty_version' => '0.2.7',
             'version' => '0.2.7.0',
             'reference' => '6620679060f7b64e0a417758a328173e8b5ec729',
+            'pretty_version' => '0.2.11',
+            'version' => '0.2.11.0',
+            'reference' => 'a6e17c589443de791e9bf9eb9c2536c7401f09c2',
             'type' => 'library',
             'install_path' => __DIR__ . '/../hizzle/store',

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/example-plugin.php

r3287466	r3356445
4	4	Plugin URI: https://hizzle.co/
5	5	Description: Hizzle Data Stores
6		Version: 0.2.7
	6	Version: 0.2.11
7	7	Author: picocodes
8	8	Author URI: https://github.com/picocodes/

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/Collection.php

-                      r3287466
+                      r3356445
                 $schema .= "PRIMARY KEY  ($cols),\n"; // Maintain 2 spaces between key and opening bracket.
             } elseif ( 'unique' === $index ) {
                 foreach ( $cols as $prop => $index ) {
                     $schema .= "UNIQUE KEY $prop ($index),\n";
 …
     /**
+     * Returns a prop's cache key.
+     *
+     * @param string $prop The prop to get the cache key for.
+     * @return string The cache key.
+     */
+    private function get_prop_cache_key( $prop ) {
+        $current_version = 'v2'; // Update this version when the cache key structure changes.
+        return $this->hook_prefix( $current_version . '_ids_by_' . $prop, true );
+    }
+    /**
      * Retrieves an ID by a given prop.
+     *
 …
         // Try the cache.
+        $value = trim( $value );
+        $id    = wp_cache_get( $value, $this->hook_prefix( 'ids_by_' . $prop, true ) );
+        $value     = trim( $value );
+        $cache_key = $this->get_prop_cache_key( $prop );
+        $id        = wp_cache_get( $value, $cache_key );
         // Maybe retrieve from the db.
 …
             // Update the cache.
             wp_cache_set( $value, $id, $this->hook_prefix( 'ids_by_' . $prop, true ) );
+            wp_cache_set( $value, $id, $cache_key, empty( $id ) ? MINUTE_IN_SECONDS : HOUR_IN_SECONDS );
+        }
 …
             // Date fields.
             if ( $value instanceof Date_Time ) {
                 if ( ! empty( $this->props[ $key ] ) && 'date' === strtolower( $this->props[ $key ]->type ) ) {
                     $value = $value->utc( 'Y-m-d' );
 …
         $record->apply_changes();
         // Clear the cache.
         $this->clear_cache( $record->get_data() );
+        // Clear any stale cache entries.
+        $this->clear_cache( $record );
         // Fires after creating a record.
 …
                 apply_filters( $this->hook_prefix( 'insert_formats', true ), $formats, $record )
             );
+            if ( empty( $result ) && ! empty( $wpdb->last_error ) ) {
+                noptin_error_log( 'Error creating record: ' . $wpdb->last_error );
+            }
             return $result ? $wpdb->insert_id : 0;
 …
             if ( $prop->is_meta_key_multiple ) {
                 $new       = (array) $new;
                 $to_delete = array_diff( $current, $new );
 …
                 $this->save_defaults( $record );
                 $raw_data = $record->get_data();
             } elseif ( empty( $raw_data ) ) {
                 $this->not_found();
 …
             // Cache the record data.
             $this->update_cache( $data );
+        }
 …
         // Fires before updating a record.
         do_action( $this->hook_prefix( 'before_update', true ), $record );
+        // Clear cache early to prevent race conditions and stale data
+        // Do this before any database operations
+        $this->clear_cache( $record );
         $raw_changes = array_keys( $record->get_changes() );
 …
         $record->apply_changes();
-        // Clear the cache.
-        $this->clear_cache( $record->get_data() );
         if ( $has_changes ) {
 …
         // Invalidate cache.
         $this->clear_cache( $record->get_data() );
+        $this->clear_cache( $record );
         // If this is a CPT, delete the post.
 …
         // Ensure we have an array.
         if ( ! is_array( $record ) ) {
+        if ( ! is_array( $record ) || empty( $record['id'] ) ) {
             return;
+        }
+        // Cache lookup values for faster queries
         foreach ( $this->get_cache_keys() as $key ) {
             if ( isset( $record[ $key ] ) && ! empty( $record[ $key ] ) ) {
                 wp_cache_set( $record[ $key ], $record['id'], $this->hook_prefix( 'ids_by_' . $key, true ), WEEK_IN_SECONDS );
+                wp_cache_set( $record[ $key ], $record['id'], $this->get_prop_cache_key( $key ), HOUR_IN_SECONDS );
+            }
+        }
         // Cache the entire record.
         wp_cache_set( $record['id'], $record, $this->get_full_name(), DAY_IN_SECONDS );
+        wp_cache_set( $record['id'], $record, $this->get_full_name(), HOUR_IN_SECONDS );
+    }
 …
      * Clean caches.
+     *
      * @param object $record The raw db record.
+     * @param Record $record The raw db record.
      */
     public function clear_cache( $record ) {
-        $record = (object) $record;
         foreach ( $this->get_cache_keys() as $key ) {
+            if ( ! is_null( $record->$key ) && '' !== $record->$key ) {
+                wp_cache_delete( $record->$key, $this->hook_prefix( 'ids_by_' . $key, true ) );
+            }
+        }
+        wp_cache_delete( $record->id, $this->get_full_name() );
+            $value = $record->get( $key );
+            if ( is_string( $value ) && '' !== $value ) {
+                wp_cache_delete( $value, $this->get_prop_cache_key( $key ) );
+            }
+        }
+        // Bail early if the record doesn't exist.
+        if ( ! $record->exists() ) {
+            return;
+        }
+        // Clear the main record cache.
+        wp_cache_delete( $record->get_id(), $this->get_full_name() );
+        // Clear any potential old cache entries by attempting to fetch and clear them
+        // This handles cases where cache keys have changed due to updates
+        $this->clear_stale_cache_entries( $record->get_id() );
+    }
+    /**
+     * Clears potentially stale cache entries for a record.
+     *
+     * @param int $record_id The record ID.
+     */
+    private function clear_stale_cache_entries( $record_id ) {
+        global $wpdb;
+        // For updates, we need to clear cache for old values that might have changed
+        if ( ! empty( $record_id ) ) {
+            // Get the current database values to clear any old cached entries
+            $table_name   = $this->get_db_table_name();
+            $current_data = $wpdb->get_row(
+                $wpdb->prepare( "SELECT * FROM $table_name WHERE id = %d", $record_id ), // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
+                ARRAY_A
+            );
+            if ( $current_data ) {
+                foreach ( $this->get_cache_keys() as $key ) {
+                    $value = $current_data[ $key ] ?? null;
+                    if ( is_string( $value ) && '' !== $value ) {
+                        // Clear cache for database values (in case they differ from the record object)
+                        wp_cache_delete( $value, $this->get_prop_cache_key( $key ) );
+                    }
+                }
+            }
+        }
+    }
 …
      * @param string $default The default label.
      */
     public function get_label( $key, $default ) {
         return isset( $this->labels[ $key ] ) ? $this->labels[ $key ] : $default;
+    public function get_label( $key, $default_value ) {
+        return $this->labels[ $key ] ?? $default_value;
+    }
+}

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/Query.php

-                      r3245426
+                      r3356445
         // Prepare aggregate fields.
+        foreach ( $aggregate_fields as $field => $function ) {
+        foreach ( $aggregate_fields as $field => $aggregate ) {
+            if ( ! is_array( $aggregate ) ) {
+                $aggregate = wp_parse_list( $aggregate );
+            }
             // Handle CASE expressions
             if ( is_array( $function ) && isset( $function['case'] ) ) {
                 $case_field = $this->prefix_field( esc_sql( sanitize_key( $function['case']['field'] ) ) );
+            if ( is_array( $aggregate ) && isset( $aggregate['case'] ) ) {
+                $case_field = $this->prefix_field( esc_sql( sanitize_key( $aggregate['case']['field'] ) ) );
                 if ( empty( $case_field ) ) {
                     throw new Store_Exception( 'query_invalid_field', 'Invalid case field.' );
 …
                 $case_sql = "CASE $case_field";
                 foreach ( $function['case']['when'] as $when => $then ) {
                     $when     = esc_sql( $when );
                     $then_sql = $this->prepare_case_then( $then );
+                foreach ( $aggregate['case']['when'] as $when => $then ) {
+                    $when      = esc_sql( $when );
+                    $then_sql  = $this->prepare_case_then( $then );
                     $case_sql .= " WHEN '$when' THEN $then_sql";
+                }
                 if ( isset( $function['case']['else'] ) ) {
                     $else_sql = $this->prepare_case_then( $function['case']['else'] );
+                if ( isset( $aggregate['case']['else'] ) ) {
+                    $else_sql  = $this->prepare_case_then( $aggregate['case']['else'] );
                     $case_sql .= " ELSE $else_sql";
+                }
                 $case_sql .= " END";
+                $case_sql .= ' END';
                 // Handle optional aggregate function wrapper
                 if ( isset( $function['function'] ) ) {
                     $agg_function = strtoupper( $function['function'] );
+                if ( isset( $aggregate['function'] ) ) {
+                    $agg_function = strtoupper( $aggregate['function'] );
                     if ( ! in_array( $agg_function, array( 'AVG', 'COUNT', 'MAX', 'MIN', 'SUM' ), true ) ) {
                         throw new Store_Exception( 'query_invalid_function', 'Invalid aggregate function.' );
 …
                 // Handle optional math operations
                 if ( isset( $function['math'] ) ) {
                     $math_op = $this->prepare_math_expression( $function['math'] );
+                if ( isset( $aggregate['math'] ) ) {
+                    $math_op  = $this->prepare_math_expression( $aggregate['math'] );
                     $case_sql = "($case_sql $math_op)";
+                }
 …
+            }
+            foreach ( wp_parse_list( $function ) as $function ) {
+            foreach ( array_filter( $aggregate ) as $function ) {
+                if ( is_array( $function ) ) {
+                    if ( ! isset( $function['function'] ) ) {
+                        throw new Store_Exception( 'query_invalid_function', 'Invalid aggregate function configuration.' );
+                    }
+                    $as          = isset( $function['as'] ) ? esc_sql( sanitize_key( $function['as'] ) ) : strtolower( $function['function'] ) . '_' . $field;
+                    $query_field = isset( $function['expression'] ) ? $this->prepare_math_expression( $function['expression'], $field ) : $table_field;
+                    $function    = $function['function'];
+                } else {
+                    $as          = strtolower( $function ) . '_' . $field;
+                    $query_field = $table_field;
+                }
                 // Ensure the function is supported.
 …
+                }
+                $function             = strtolower( $function );
+                $this->query_fields[] = "$function_upper($table_field) AS {$function}_{$field}";
+                $this->query_fields[] = "$function_upper($query_field) AS $as";
+            }
+        }
 …
+        }
+        // Split the expression into parts.
+        $parts = preg_split( '/([+\-*\/])/', $expression, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY );
+        // Process each part.
+        // Handle parentheses by processing inner expressions first
+        while ( preg_match( '/\(([^()]+)\)/', $expression, $matches ) ) {
+            $inner_result = $this->process_simple_expression( $matches[1] );
+            $expression   = str_replace( $matches[0], $inner_result, $expression );
+        }
+        // Process the remaining expression
+        return $this->process_simple_expression( $expression );
+    }
+    /**
+     * Processes a simple math expression without parentheses
+     *
+     * @param string $expression The simple math expression
+     * @return string
+     */
+    protected function process_simple_expression( $expression ) {
+        // Enhanced regex to handle operators, negative numbers, decimals, and functions
+        $pattern = '/([+\-*\/])|(\w+\s*\()|(\))|(-?\d*\.?\d+)|([a-zA-Z_][a-zA-Z0-9_]*)/';
+        preg_match_all( $pattern, $expression, $matches, PREG_OFFSET_CAPTURE );
         $processed_parts = array();
+        foreach ( $parts as $part ) {
+            $part = trim( $part );
+            // If it's an operator, add it directly
+            if ( in_array( $part, array( '+', '-', '*', '/' ), true ) ) {
+                $processed_parts[] = $part;
+        $i               = 0;
+        $total           = count( $matches[0] );
+        while ( $i < $total ) {
+            $match = $matches[0][ $i ][0];
+            $match = trim( $match );
+            ++$i;
+            if ( empty( $match ) ) {
                 continue;
+            }
             // Numbers.
             if ( is_numeric( $part ) ) {
                 $processed_parts[] = esc_sql( (float) $part );
+            // Operators
+            if ( preg_match( '/^[+\-*\/]$/', $match ) ) {
+                $processed_parts[] = $match;
                 continue;
+            }
+            // If it's a field reference, prefix it
+            $prefixed_field = $this->prefix_field( esc_sql( sanitize_key( $part ) ) );
+            if ( empty( $prefixed_field ) ) {
+                throw new Store_Exception( 'query_invalid_field', 'Invalid field in math expression.' );
+            }
+            if ( ! empty( $prefixed_field ) ) {
+            // SQL Functions (e.g., ABS, ROUND, etc.)
+            if ( preg_match( '/^(\w+)\s*\($/', $match ) ) {
+                $function = trim( str_replace( '(', '', $match ) );
+                // Validate allowed functions
+                $allowed_functions = array( 'ABS', 'ROUND', 'CEIL', 'FLOOR', 'SQRT', 'POW' );
+                if ( ! in_array( strtoupper( $function ), $allowed_functions, true ) ) {
+                    throw new Store_Exception( 'query_invalid_function', 'Invalid function in math expression.' );
+                }
+                $processed_parts[] = strtoupper( $function ) . '(';
+                continue;
+            }
+            // Closing parenthesis
+            if ( ')' === $match ) {
+                $processed_parts[] = ')';
+                continue;
+            }
+            // Numbers (including negative and decimals)
+            if ( is_numeric( $match ) ) {
+                $processed_parts[] = esc_sql( (float) $match );
+                continue;
+            }
+            // Field references
+            if ( preg_match( '/^[a-zA-Z_][a-zA-Z0-9_]*$/', $match ) ) {
+                $prefixed_field = $this->prefix_field( esc_sql( sanitize_key( $match ) ) );
+                if ( empty( $prefixed_field ) ) {
+                    throw new Store_Exception( 'query_invalid_field', 'Invalid field in math expression: ' . $match );
+                }
                 $processed_parts[] = $prefixed_field;
                 continue;
+            }
+            // If we get here, it's an unrecognized token
+            throw new Store_Exception( 'query_invalid_expression', 'Invalid token in math expression: ' . $match );
+        }

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/REST_Controller.php

-                      r3287466
+                      r3356445
+        }
+        $collection_params = $this->get_collection_params();
         // METHODS to CREATE new records, READ the entire collection, or DELETE the entire collection.
         register_rest_route(
 …
                     'callback'            => array( $this, 'get_items' ),
                     'permission_callback' => array( $this, 'get_items_permissions_check' ),
                     'args'                => $this->get_collection_params(),
+                    'args'                => $collection_params,
                 ),
 …
                     'permission_callback' => array( $this, 'create_item_permissions_check' ),
                     'args'                => array_merge(
+                        $this->get_collection_params(),
+                        array_diff_key(
+                            $collection_params,
+                            array(
+                                'paged'    => true,
+                                'per_page' => true,
+                                'offset'   => true,
+                                'order'    => true,
+                                'orderby'  => true,
+                            )
+                        ),
                         array(
                             'bulk_update' => array(
 …
                     'permission_callback' => array( $this, 'get_items_permissions_check' ),
                     'args'                => array_merge(
                         $this->get_collection_params(),
+                        $collection_params,
                         array(
                             'aggregate'    => array(

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/Record.php

-                      r3287466
+                      r3356445
         try {
             $this->get_collection()->delete( $this, $force_delete );
             return true;
         } catch ( Store_Exception $e ) {
             return new \WP_Error( $e->getErrorCode(), $e->getMessage(), $e->getErrorData() );
 …
             // If this is an enum or boolean, record the change.
             if ( $object->is_boolean() || $object->is_tokens || ! empty( $object->enum ) ) {
                 if ( ! $this->exists() || $value !== $this->data[ $prop ] ) {
                     $this->enum_transition[ $prop ] = array(
 …
         if ( ! is_array( $string_or_array ) ) {
             if ( $strict ) {
                 $string_or_array = preg_split( '/,+/', $string_or_array, -1, PREG_SPLIT_NO_EMPTY );

hizzle-downloads/trunk/hizzle-downloads.php

-                      r3287466
+                      r3356445
  * Plugin URI: https://hizzle.co/download-manager/
  * Description: A lightweight download manager plugin.
  * Version: 1.2.1
+ * Version: 1.2.2
  * Author: Hizzle
  * Author URI: https://hizzle.co
 …
 if ( ! defined( 'HIZZLE_DOWNLOADS_VERSION' ) ) {
     define( 'HIZZLE_DOWNLOADS_VERSION', '1.2.1' );
+    define( 'HIZZLE_DOWNLOADS_VERSION', '1.2.2' );
+}

hizzle-downloads/trunk/readme.txt

-                      r3287466
+                      r3356445
 === Simple Download Manager - Hizzle Downloads ===
 Contributors: picocodes, mutendebrian
 Tags: files, downloads, digital downloads
+Tags: files, downloads, digital downloads, download manager, restrict downloads
 Requires at least: 4.9
 Tested up to: 6.7
 Requires PHP: 5.6
 Version: 1.2.1
 Stable tag: 1.2.1
+Version: 1.2.2
+Stable tag: 1.2.2
 License: GPLv3
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
 Donate link: https://noptin.com/products/?utm_source=wp-repo&utm_medium=donate&utm_campaign=readme
+Allow your website visitors to download files from your site. Optionally restrict downloads by user role, ip address, etc
+Easily add, restrict, and track digital downloads in WordPress — protect files with passwords, user roles, IPs, or subscriber access.
 == Description ==
+This plugin allows you to:-
+**A simple WordPress download manager for secure file sharing, access control, and download tracking — perfect for digital products.**
+★★★★★<br>
+- Add unlimited downloadable files.
+- Optionally protect each downloadable file with a password.
+- Restrict downloads to specific user roles.
+- Restrict downloads to specific ip addresses.
+- Restrict downloads to specific users.
+- Restrict downloads to newsletter subscribers.
+- Track file downloads.
+Do you need a simple yet powerful way to manage file downloads on your WordPress site? This plugin makes it easy to upload, organize, and control access to downloadable files of any type. Whether you are sharing free resources, selling digital products, or delivering private documents, this plugin gives you full control over who can download your files and when.
+With unlimited downloads, flexible restrictions, and detailed tracking, you can confidently provide files to your audience while keeping them secure.
+= Key Features =
+- **Add unlimited downloadable files** – Add and manage as many downloadable files as you need, with no limits.
+- **Password Protection** – Protect individual files with custom passwords so only authorized users can access them.
+- **Restrict downloads to specific user roles** – Control file access based on WordPress user roles, ensuring that only administrators, editors, subscribers, or custom roles can download.
+- **Restrict downloads to specific IP addresses** – Restrict downloads to specific IP addresses to prevent abuse or unauthorized sharing.
+- **Restrict downloads to specific users** – Assign downloads to specific registered users for secure, private file delivery.
+- **Restrict downloads to newsletter subscribers** – Restrict downloads to Noptin newsletter subscriber, making it an excellent tool for lead generation.
+- **Track file downloads** – Track every file download with detailed statistics, helping you understand how your files are being accessed.
+- **Simple Management** – A user-friendly interface makes uploading and managing files straightforward, even for beginners.
+= Why Use This Plugin? =
+Managing downloads manually in WordPress can be difficult. Links can be shared publicly, access can’t easily be restricted, and tracking is limited. This plugin solves those problems by giving you advanced tools to:
+- Protect digital products such as **software, themes, and plugins**.
+- Share private **PDF documents, contracts, or reports** securely with clients.
+- Provide exclusive resources like **eBooks, whitepapers, and templates** to email subscribers.
+- Control access to files for **membership sites and online courses**.
+- Monitor and analyze download activity to make better business decisions.
+= Benefits for Your Website =
+By installing this plugin, you’ll be able to:
+- Grow your email list by offering subscriber-only downloads.
+- Monetize your website by controlling access to premium resources.
+- Increase security by preventing unauthorized downloads and link sharing.
+- Gain insights into how your downloads are performing.
+Whether you’re a blogger, developer, marketer, educator, or business owner, this plugin gives you all the tools you need to manage file downloads effectively in WordPress.
+Take control of your downloads today and provide a seamless, secure experience for your users.
 == Installation ==
 …
 = Can I see how many times each file has been downloaded? =
 Yes, Noptin allows you to view how many times each file has been downloaded, as well as which users have downloaded the file. This information is available in the Noptin dashboard, where you can see a list of all your downloadable files and their download stats. You can also see which users have downloaded the files, and view their information and activity in your mailing list. This can be useful for tracking the popularity of your files and understanding which users are interested in them.
+Yes, Hizzle Downloads allows you to view how many times each file has been downloaded, as well as which users have downloaded the file. This information is available in the Hizzle Downloads dashboard, where you can see a list of all your downloadable files and their download stats. You can also see which users have downloaded the files, and view their information and activity in your mailing list. This can be useful for tracking the popularity of your files and understanding which users are interested in them.
 = Can I restrict downloads by user role or newsletter subscription status? =
 Yes, Noptin allows you to restrict downloads by user role or newsletter subscription status. This means that you can choose which users are able to download your files, based on their user role on your website or their status as a newsletter subscriber. For example, you can make a file available only to users who are registered as members on your website, or only to users who have subscribed to your newsletter. This can be useful for creating exclusive content or offers for your users, and for encouraging people to sign up for your newsletter. You can set these restrictions for each of your downloadable files in the Noptin settings.
+Yes, Hizzle Downloads allows you to restrict downloads by user role or newsletter subscription status. This means that you can choose which users are able to download your files, based on their user role on your website or their status as a newsletter subscriber. For example, you can make a file available only to users who are registered as members on your website, or only to users who have subscribed to your newsletter. This can be useful for creating exclusive content or offers for your users, and for encouraging people to sign up for your newsletter. You can set these restrictions for each of your downloadable files in the Hizzle Downloads settings.
 = How do I display downloadable files? =
 …
 = How can I get in touch? =
 Use the [contact form on our website](https://hizzle.co/contact-us/).
+Use the [contact form on our website](https://hizzlewp.com/contact/).
 = How can I contribute? =
 …
 == Changelog ==
+= 1.2.2 =
+- Update composer packages.
 = 1.2.1 =
 …
 = 1.0.3 =
 - Restrict downloads to newsletter subscribers.
+- Restrict downloads to Noptin newsletter subscribers.
 - Add support for password protected downloads.
 - Automatically update download files when there is a GitHub release.

hizzle-downloads/trunk/vendor/composer/installed.json

-                      r3287466
+                      r3356445
+        {
             "name": "hizzle/store",
             "version": "0.2.7",
             "version_normalized": "0.2.7.0",
+            "version": "0.2.11",
+            "version_normalized": "0.2.11.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/hizzle-co/datastore.git",
                 "reference": "6620679060f7b64e0a417758a328173e8b5ec729"
+                "reference": "a6e17c589443de791e9bf9eb9c2536c7401f09c2"
             },
             "dist": {
                 "type": "zip",
                 "url": "https://api.github.com/repos/hizzle-co/datastore/zipball/6620679060f7b64e0a417758a328173e8b5ec729",
                 "reference": "6620679060f7b64e0a417758a328173e8b5ec729",
+                "url": "https://api.github.com/repos/hizzle-co/datastore/zipball/a6e17c589443de791e9bf9eb9c2536c7401f09c2",
+                "reference": "a6e17c589443de791e9bf9eb9c2536c7401f09c2",
                 "shasum": ""
             },
 …
                 "php": ">=5.3.0"
             },
             "time": "2025-05-03T10:20:52+00:00",
+            "time": "2025-08-20T05:32:06+00:00",
             "type": "library",
             "installation-source": "dist",
 …
             "support": {
                 "issues": "https://github.com/hizzle-co/datastore/issues",
                 "source": "https://github.com/hizzle-co/datastore/tree/0.2.7"
+                "source": "https://github.com/hizzle-co/datastore/tree/0.2.11"
             },
             "install-path": "../hizzle/store"

hizzle-downloads/trunk/vendor/composer/installed.php

-                      r3287466
+                      r3356445
         'pretty_version' => 'dev-main',
         'version' => 'dev-main',
         'reference' => 'eacb4c22f68cba9ad5d53a20b1db45c4f10bad5a',
+        'reference' => '54e05e6de537c0de0a2c4e916ec2394d169ccd55',
         'type' => 'library',
         'install_path' => __DIR__ . '/../../',
 …
             'pretty_version' => 'dev-main',
             'version' => 'dev-main',
             'reference' => 'eacb4c22f68cba9ad5d53a20b1db45c4f10bad5a',
+            'reference' => '54e05e6de537c0de0a2c4e916ec2394d169ccd55',
             'type' => 'library',
             'install_path' => __DIR__ . '/../../',
 …
         ),
         'hizzle/store' => array(
             'pretty_version' => '0.2.7',
             'version' => '0.2.7.0',
             'reference' => '6620679060f7b64e0a417758a328173e8b5ec729',
+            'pretty_version' => '0.2.11',
+            'version' => '0.2.11.0',
+            'reference' => 'a6e17c589443de791e9bf9eb9c2536c7401f09c2',
             'type' => 'library',
             'install_path' => __DIR__ . '/../hizzle/store',

hizzle-downloads/trunk/vendor/hizzle/store/example-plugin.php

r3287466	r3356445
4	4	Plugin URI: https://hizzle.co/
5	5	Description: Hizzle Data Stores
6		Version: 0.2.7
	6	Version: 0.2.11
7	7	Author: picocodes
8	8	Author URI: https://github.com/picocodes/

hizzle-downloads/trunk/vendor/hizzle/store/src/Collection.php

-                      r3287466
+                      r3356445
                 $schema .= "PRIMARY KEY  ($cols),\n"; // Maintain 2 spaces between key and opening bracket.
             } elseif ( 'unique' === $index ) {
                 foreach ( $cols as $prop => $index ) {
                     $schema .= "UNIQUE KEY $prop ($index),\n";
 …
     /**
+     * Returns a prop's cache key.
+     *
+     * @param string $prop The prop to get the cache key for.
+     * @return string The cache key.
+     */
+    private function get_prop_cache_key( $prop ) {
+        $current_version = 'v2'; // Update this version when the cache key structure changes.
+        return $this->hook_prefix( $current_version . '_ids_by_' . $prop, true );
+    }
+    /**
      * Retrieves an ID by a given prop.
+     *
 …
         // Try the cache.
+        $value = trim( $value );
+        $id    = wp_cache_get( $value, $this->hook_prefix( 'ids_by_' . $prop, true ) );
+        $value     = trim( $value );
+        $cache_key = $this->get_prop_cache_key( $prop );
+        $id        = wp_cache_get( $value, $cache_key );
         // Maybe retrieve from the db.
 …
             // Update the cache.
             wp_cache_set( $value, $id, $this->hook_prefix( 'ids_by_' . $prop, true ) );
+            wp_cache_set( $value, $id, $cache_key, empty( $id ) ? MINUTE_IN_SECONDS : HOUR_IN_SECONDS );
+        }
 …
             // Date fields.
             if ( $value instanceof Date_Time ) {
                 if ( ! empty( $this->props[ $key ] ) && 'date' === strtolower( $this->props[ $key ]->type ) ) {
                     $value = $value->utc( 'Y-m-d' );
 …
         $record->apply_changes();
         // Clear the cache.
         $this->clear_cache( $record->get_data() );
+        // Clear any stale cache entries.
+        $this->clear_cache( $record );
         // Fires after creating a record.
 …
                 apply_filters( $this->hook_prefix( 'insert_formats', true ), $formats, $record )
             );
+            if ( empty( $result ) && ! empty( $wpdb->last_error ) ) {
+                noptin_error_log( 'Error creating record: ' . $wpdb->last_error );
+            }
             return $result ? $wpdb->insert_id : 0;
 …
             if ( $prop->is_meta_key_multiple ) {
                 $new       = (array) $new;
                 $to_delete = array_diff( $current, $new );
 …
                 $this->save_defaults( $record );
                 $raw_data = $record->get_data();
             } elseif ( empty( $raw_data ) ) {
                 $this->not_found();
 …
             // Cache the record data.
             $this->update_cache( $data );
+        }
 …
         // Fires before updating a record.
         do_action( $this->hook_prefix( 'before_update', true ), $record );
+        // Clear cache early to prevent race conditions and stale data
+        // Do this before any database operations
+        $this->clear_cache( $record );
         $raw_changes = array_keys( $record->get_changes() );
 …
         $record->apply_changes();
-        // Clear the cache.
-        $this->clear_cache( $record->get_data() );
         if ( $has_changes ) {
 …
         // Invalidate cache.
         $this->clear_cache( $record->get_data() );
+        $this->clear_cache( $record );
         // If this is a CPT, delete the post.
 …
         // Ensure we have an array.
         if ( ! is_array( $record ) ) {
+        if ( ! is_array( $record ) || empty( $record['id'] ) ) {
             return;
+        }
+        // Cache lookup values for faster queries
         foreach ( $this->get_cache_keys() as $key ) {
             if ( isset( $record[ $key ] ) && ! empty( $record[ $key ] ) ) {
                 wp_cache_set( $record[ $key ], $record['id'], $this->hook_prefix( 'ids_by_' . $key, true ), WEEK_IN_SECONDS );
+                wp_cache_set( $record[ $key ], $record['id'], $this->get_prop_cache_key( $key ), HOUR_IN_SECONDS );
+            }
+        }
         // Cache the entire record.
         wp_cache_set( $record['id'], $record, $this->get_full_name(), DAY_IN_SECONDS );
+        wp_cache_set( $record['id'], $record, $this->get_full_name(), HOUR_IN_SECONDS );
+    }
 …
      * Clean caches.
+     *
      * @param object $record The raw db record.
+     * @param Record $record The raw db record.
      */
     public function clear_cache( $record ) {
-        $record = (object) $record;
         foreach ( $this->get_cache_keys() as $key ) {
+            if ( ! is_null( $record->$key ) && '' !== $record->$key ) {
+                wp_cache_delete( $record->$key, $this->hook_prefix( 'ids_by_' . $key, true ) );
+            }
+        }
+        wp_cache_delete( $record->id, $this->get_full_name() );
+            $value = $record->get( $key );
+            if ( is_string( $value ) && '' !== $value ) {
+                wp_cache_delete( $value, $this->get_prop_cache_key( $key ) );
+            }
+        }
+        // Bail early if the record doesn't exist.
+        if ( ! $record->exists() ) {
+            return;
+        }
+        // Clear the main record cache.
+        wp_cache_delete( $record->get_id(), $this->get_full_name() );
+        // Clear any potential old cache entries by attempting to fetch and clear them
+        // This handles cases where cache keys have changed due to updates
+        $this->clear_stale_cache_entries( $record->get_id() );
+    }
+    /**
+     * Clears potentially stale cache entries for a record.
+     *
+     * @param int $record_id The record ID.
+     */
+    private function clear_stale_cache_entries( $record_id ) {
+        global $wpdb;
+        // For updates, we need to clear cache for old values that might have changed
+        if ( ! empty( $record_id ) ) {
+            // Get the current database values to clear any old cached entries
+            $table_name   = $this->get_db_table_name();
+            $current_data = $wpdb->get_row(
+                $wpdb->prepare( "SELECT * FROM $table_name WHERE id = %d", $record_id ), // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
+                ARRAY_A
+            );
+            if ( $current_data ) {
+                foreach ( $this->get_cache_keys() as $key ) {
+                    $value = $current_data[ $key ] ?? null;
+                    if ( is_string( $value ) && '' !== $value ) {
+                        // Clear cache for database values (in case they differ from the record object)
+                        wp_cache_delete( $value, $this->get_prop_cache_key( $key ) );
+                    }
+                }
+            }
+        }
+    }
 …
      * @param string $default The default label.
      */
     public function get_label( $key, $default ) {
         return isset( $this->labels[ $key ] ) ? $this->labels[ $key ] : $default;
+    public function get_label( $key, $default_value ) {
+        return $this->labels[ $key ] ?? $default_value;
+    }
+}

hizzle-downloads/trunk/vendor/hizzle/store/src/Query.php

-                      r3245426
+                      r3356445
         // Prepare aggregate fields.
+        foreach ( $aggregate_fields as $field => $function ) {
+        foreach ( $aggregate_fields as $field => $aggregate ) {
+            if ( ! is_array( $aggregate ) ) {
+                $aggregate = wp_parse_list( $aggregate );
+            }
             // Handle CASE expressions
             if ( is_array( $function ) && isset( $function['case'] ) ) {
                 $case_field = $this->prefix_field( esc_sql( sanitize_key( $function['case']['field'] ) ) );
+            if ( is_array( $aggregate ) && isset( $aggregate['case'] ) ) {
+                $case_field = $this->prefix_field( esc_sql( sanitize_key( $aggregate['case']['field'] ) ) );
                 if ( empty( $case_field ) ) {
                     throw new Store_Exception( 'query_invalid_field', 'Invalid case field.' );
 …
                 $case_sql = "CASE $case_field";
                 foreach ( $function['case']['when'] as $when => $then ) {
                     $when     = esc_sql( $when );
                     $then_sql = $this->prepare_case_then( $then );
+                foreach ( $aggregate['case']['when'] as $when => $then ) {
+                    $when      = esc_sql( $when );
+                    $then_sql  = $this->prepare_case_then( $then );
                     $case_sql .= " WHEN '$when' THEN $then_sql";
+                }
                 if ( isset( $function['case']['else'] ) ) {
                     $else_sql = $this->prepare_case_then( $function['case']['else'] );
+                if ( isset( $aggregate['case']['else'] ) ) {
+                    $else_sql  = $this->prepare_case_then( $aggregate['case']['else'] );
                     $case_sql .= " ELSE $else_sql";
+                }
                 $case_sql .= " END";
+                $case_sql .= ' END';
                 // Handle optional aggregate function wrapper
                 if ( isset( $function['function'] ) ) {
                     $agg_function = strtoupper( $function['function'] );
+                if ( isset( $aggregate['function'] ) ) {
+                    $agg_function = strtoupper( $aggregate['function'] );
                     if ( ! in_array( $agg_function, array( 'AVG', 'COUNT', 'MAX', 'MIN', 'SUM' ), true ) ) {
                         throw new Store_Exception( 'query_invalid_function', 'Invalid aggregate function.' );
 …
                 // Handle optional math operations
                 if ( isset( $function['math'] ) ) {
                     $math_op = $this->prepare_math_expression( $function['math'] );
+                if ( isset( $aggregate['math'] ) ) {
+                    $math_op  = $this->prepare_math_expression( $aggregate['math'] );
                     $case_sql = "($case_sql $math_op)";
+                }
 …
+            }
+            foreach ( wp_parse_list( $function ) as $function ) {
+            foreach ( array_filter( $aggregate ) as $function ) {
+                if ( is_array( $function ) ) {
+                    if ( ! isset( $function['function'] ) ) {
+                        throw new Store_Exception( 'query_invalid_function', 'Invalid aggregate function configuration.' );
+                    }
+                    $as          = isset( $function['as'] ) ? esc_sql( sanitize_key( $function['as'] ) ) : strtolower( $function['function'] ) . '_' . $field;
+                    $query_field = isset( $function['expression'] ) ? $this->prepare_math_expression( $function['expression'], $field ) : $table_field;
+                    $function    = $function['function'];
+                } else {
+                    $as          = strtolower( $function ) . '_' . $field;
+                    $query_field = $table_field;
+                }
                 // Ensure the function is supported.
 …
+                }
+                $function             = strtolower( $function );
+                $this->query_fields[] = "$function_upper($table_field) AS {$function}_{$field}";
+                $this->query_fields[] = "$function_upper($query_field) AS $as";
+            }
+        }
 …
+        }
+        // Split the expression into parts.
+        $parts = preg_split( '/([+\-*\/])/', $expression, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY );
+        // Process each part.
+        // Handle parentheses by processing inner expressions first
+        while ( preg_match( '/\(([^()]+)\)/', $expression, $matches ) ) {
+            $inner_result = $this->process_simple_expression( $matches[1] );
+            $expression   = str_replace( $matches[0], $inner_result, $expression );
+        }
+        // Process the remaining expression
+        return $this->process_simple_expression( $expression );
+    }
+    /**
+     * Processes a simple math expression without parentheses
+     *
+     * @param string $expression The simple math expression
+     * @return string
+     */
+    protected function process_simple_expression( $expression ) {
+        // Enhanced regex to handle operators, negative numbers, decimals, and functions
+        $pattern = '/([+\-*\/])|(\w+\s*\()|(\))|(-?\d*\.?\d+)|([a-zA-Z_][a-zA-Z0-9_]*)/';
+        preg_match_all( $pattern, $expression, $matches, PREG_OFFSET_CAPTURE );
         $processed_parts = array();
+        foreach ( $parts as $part ) {
+            $part = trim( $part );
+            // If it's an operator, add it directly
+            if ( in_array( $part, array( '+', '-', '*', '/' ), true ) ) {
+                $processed_parts[] = $part;
+        $i               = 0;
+        $total           = count( $matches[0] );
+        while ( $i < $total ) {
+            $match = $matches[0][ $i ][0];
+            $match = trim( $match );
+            ++$i;
+            if ( empty( $match ) ) {
                 continue;
+            }
             // Numbers.
             if ( is_numeric( $part ) ) {
                 $processed_parts[] = esc_sql( (float) $part );
+            // Operators
+            if ( preg_match( '/^[+\-*\/]$/', $match ) ) {
+                $processed_parts[] = $match;
                 continue;
+            }
+            // If it's a field reference, prefix it
+            $prefixed_field = $this->prefix_field( esc_sql( sanitize_key( $part ) ) );
+            if ( empty( $prefixed_field ) ) {
+                throw new Store_Exception( 'query_invalid_field', 'Invalid field in math expression.' );
+            }
+            if ( ! empty( $prefixed_field ) ) {
+            // SQL Functions (e.g., ABS, ROUND, etc.)
+            if ( preg_match( '/^(\w+)\s*\($/', $match ) ) {
+                $function = trim( str_replace( '(', '', $match ) );
+                // Validate allowed functions
+                $allowed_functions = array( 'ABS', 'ROUND', 'CEIL', 'FLOOR', 'SQRT', 'POW' );
+                if ( ! in_array( strtoupper( $function ), $allowed_functions, true ) ) {
+                    throw new Store_Exception( 'query_invalid_function', 'Invalid function in math expression.' );
+                }
+                $processed_parts[] = strtoupper( $function ) . '(';
+                continue;
+            }
+            // Closing parenthesis
+            if ( ')' === $match ) {
+                $processed_parts[] = ')';
+                continue;
+            }
+            // Numbers (including negative and decimals)
+            if ( is_numeric( $match ) ) {
+                $processed_parts[] = esc_sql( (float) $match );
+                continue;
+            }
+            // Field references
+            if ( preg_match( '/^[a-zA-Z_][a-zA-Z0-9_]*$/', $match ) ) {
+                $prefixed_field = $this->prefix_field( esc_sql( sanitize_key( $match ) ) );
+                if ( empty( $prefixed_field ) ) {
+                    throw new Store_Exception( 'query_invalid_field', 'Invalid field in math expression: ' . $match );
+                }
                 $processed_parts[] = $prefixed_field;
                 continue;
+            }
+            // If we get here, it's an unrecognized token
+            throw new Store_Exception( 'query_invalid_expression', 'Invalid token in math expression: ' . $match );
+        }

hizzle-downloads/trunk/vendor/hizzle/store/src/REST_Controller.php

-                      r3287466
+                      r3356445
+        }
+        $collection_params = $this->get_collection_params();
         // METHODS to CREATE new records, READ the entire collection, or DELETE the entire collection.
         register_rest_route(
 …
                     'callback'            => array( $this, 'get_items' ),
                     'permission_callback' => array( $this, 'get_items_permissions_check' ),
                     'args'                => $this->get_collection_params(),
+                    'args'                => $collection_params,
                 ),
 …
                     'permission_callback' => array( $this, 'create_item_permissions_check' ),
                     'args'                => array_merge(
+                        $this->get_collection_params(),
+                        array_diff_key(
+                            $collection_params,
+                            array(
+                                'paged'    => true,
+                                'per_page' => true,
+                                'offset'   => true,
+                                'order'    => true,
+                                'orderby'  => true,
+                            )
+                        ),
                         array(
                             'bulk_update' => array(
 …
                     'permission_callback' => array( $this, 'get_items_permissions_check' ),
                     'args'                => array_merge(
                         $this->get_collection_params(),
+                        $collection_params,
                         array(
                             'aggregate'    => array(

hizzle-downloads/trunk/vendor/hizzle/store/src/Record.php

-                      r3287466
+                      r3356445
         try {
             $this->get_collection()->delete( $this, $force_delete );
             return true;
         } catch ( Store_Exception $e ) {
             return new \WP_Error( $e->getErrorCode(), $e->getMessage(), $e->getErrorData() );
 …
             // If this is an enum or boolean, record the change.
             if ( $object->is_boolean() || $object->is_tokens || ! empty( $object->enum ) ) {
                 if ( ! $this->exists() || $value !== $this->data[ $prop ] ) {
                     $this->enum_transition[ $prop ] = array(
 …
         if ( ! is_array( $string_or_array ) ) {
             if ( $strict ) {
                 $string_or_array = preg_split( '/,+/', $string_or_array, -1, PREG_SPLIT_NO_EMPTY );

Plugin Directory

Context Navigation

Legend:

hizzle-downloads/tags/1.2.2/hizzle-downloads.php

hizzle-downloads/tags/1.2.2/readme.txt

hizzle-downloads/tags/1.2.2/vendor/composer/installed.json

hizzle-downloads/tags/1.2.2/vendor/composer/installed.php

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/example-plugin.php

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/Collection.php

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/Query.php

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/REST_Controller.php

hizzle-downloads/tags/1.2.2/vendor/hizzle/store/src/Record.php

hizzle-downloads/trunk/hizzle-downloads.php

hizzle-downloads/trunk/readme.txt

hizzle-downloads/trunk/vendor/composer/installed.json

hizzle-downloads/trunk/vendor/composer/installed.php

hizzle-downloads/trunk/vendor/hizzle/store/example-plugin.php

hizzle-downloads/trunk/vendor/hizzle/store/src/Collection.php

hizzle-downloads/trunk/vendor/hizzle/store/src/Query.php

hizzle-downloads/trunk/vendor/hizzle/store/src/REST_Controller.php

hizzle-downloads/trunk/vendor/hizzle/store/src/Record.php

Download in other formats: