Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3431708

Timestamp:

01/03/2026 03:19:46 PM (7 weeks ago)

Author:

ultradevs

Message:

Update to version 1.12.6 from GitHub

Location:

easy-dropbox-integration

Files:

: 2 added
: 12 edited
: 1 copied

tags/1.12.6 (copied) (copied from easy-dropbox-integration/trunk)
tags/1.12.6/app/Thumbnail.php (modified) (2 diffs)
tags/1.12.6/easy-dropbox-integration.php (modified) (2 diffs)
tags/1.12.6/includes/Activate.php (modified) (1 diff)
tags/1.12.6/includes/Helper.php (modified) (1 diff)
tags/1.12.6/includes/Updates.php (modified) (1 diff)
tags/1.12.6/readme.txt (modified) (2 diffs)
tags/1.12.6/updates/class-update-1.12.6.php (added)
trunk/app/Thumbnail.php (modified) (2 diffs)
trunk/easy-dropbox-integration.php (modified) (2 diffs)
trunk/includes/Activate.php (modified) (1 diff)
trunk/includes/Helper.php (modified) (1 diff)
trunk/includes/Updates.php (modified) (1 diff)
trunk/readme.txt (modified) (2 diffs)
trunk/updates/class-update-1.12.6.php (added)

Legend:

: Unmodified
: Added
: Removed

easy-dropbox-integration/tags/1.12.6/app/Thumbnail.php

-                      r3424111
+                      r3431708
         $this->thumbnails_location_url = EDBI_CACHE_DIR_URL . 'thumbnails/' . $account_id . '/';
+        // Secure thumbnail location if no security.
+        Helper::secure_directory_with_index( $this->thumbnails_location );
+        // Add .htaccess protection to the thumbnail directory.
+        Helper::secure_cache_directory( $this->thumbnails_location );
         $this->size = $size;
 …
             $thumbnail = $thumbnail->getContents();
+            if ( ! file_exists( $this->thumbnails_location ) ) {
+                wp_mkdir_p( $this->thumbnails_location );
+            }
+            // Secure the account-specific thumbnail directory with index.php.
+            Helper::secure_directory_with_index( $this->thumbnails_location );
+            // put a index.php inside location if not exists.
+            if ( ! file_exists( $this->thumbnails_location . 'index.php' ) ) {
+                $wp_filesystem->put_contents( $this->thumbnails_location . 'index.php', '<?php exit; ?>', FS_CHMOD_FILE );
+            }
+            // file_put_contents( $file, $thumbnail );
+            // Save the thumbnail file.
             if ( ! $wp_filesystem->put_contents( $file, $thumbnail, FS_CHMOD_FILE ) ) {
                 return false;

easy-dropbox-integration/tags/1.12.6/easy-dropbox-integration.php

-                      r3431689
+                      r3431708
  * Plugin URI:        https://ultradevs.com/easy-dropbox-integration/
  * Description:       Easy DropBox Integration - Browse, Upload, Manage Your Dropbox Files from Your Website Easily.
  * Version: 1.12.5
+ * Version: 1.12.6
  * Author:            ultraDevs
  * Author URI:        https://ultradevs.com
 …
 // Constant.
 define( 'EDBI_VERSION', '1.12.5' );
+define( 'EDBI_VERSION', '1.12.6' );
 define( 'EDBI_NAME', 'Easy Dropbox Integration' );
 define( 'EDBI_DIR_PATH', plugin_dir_path( __FILE__ ) );

easy-dropbox-integration/tags/1.12.6/includes/Activate.php

-                      r3431687
+                      r3431708
         foreach ( $directories as $directory ) {
             if ( ! file_exists( $directory ) ) {
                 wp_mkdir_p( $directory );
+            }
+            // Secure directory with index.php file.
+            Helper::secure_directory_with_index( $directory );
+        }
+            // Create an index.php file in the directory using WP_Filesystem.
+            global $wp_filesystem;
+            if ( empty( $wp_filesystem ) ) {
+                require_once ABSPATH . '/wp-admin/includes/file.php';
+                WP_Filesystem();
+            }
+            $index_content = "<?php\n// Silence is golden\n";
+            $wp_filesystem->put_contents(
+                $directory . 'index.php',
+                $index_content,
+                FS_CHMOD_FILE
+            );
+        }
+        // Add .htaccess protection to the main cache directory.
+        Helper::secure_cache_directory( EDBI_CACHE_DIR );
+    }

easy-dropbox-integration/tags/1.12.6/includes/Helper.php

-                      r3424111
+                      r3431708
     /**
+     * Secure Directory with Index File
+     *
+     * Creates an index.php file in a directory to prevent directory browsing.
+     *
+     * @param string $directory The directory path to secure.
+     * @return bool True if successful, false otherwise.
+     */
+    public static function secure_directory_with_index( $directory ) {
+        // Initialize WP_Filesystem if not already initialized.
+        global $wp_filesystem;
+        if ( empty( $wp_filesystem ) ) {
+            require_once ABSPATH . '/wp-admin/includes/file.php';
+            WP_Filesystem();
+        }
+        // Ensure directory exists.
+        if ( ! wp_mkdir_p( $directory ) ) {
+            return false;
+        }
+        $index_file = trailingslashit( $directory ) . 'index.php';
+        // Only create if it doesn't exist.
+        if ( ! $wp_filesystem->exists( $index_file ) ) {
+            $index_content = "<?php\n// Silence is golden.\n";
+            return $wp_filesystem->put_contents( $index_file, $index_content, FS_CHMOD_FILE );
+        }
+        return true;
+    }
+    /**
+     * Secure Cache Directory with .htaccess
+     *
+     * Creates a .htaccess file in the cache directory to deny direct access.
+     *
+     * @param string $cache_dir The cache directory path.
+     * @return bool True if successful, false otherwise.
+     */
+    public static function secure_cache_directory( $cache_dir ) {
+        // Initialize WP_Filesystem if not already initialized.
+        global $wp_filesystem;
+        if ( empty( $wp_filesystem ) ) {
+            require_once ABSPATH . '/wp-admin/includes/file.php';
+            WP_Filesystem();
+        }
+        // Ensure directory exists.
+        if ( ! wp_mkdir_p( $cache_dir ) ) {
+            return false;
+        }
+        $htaccess_file = trailingslashit( $cache_dir ) . '.htaccess';
+        // Only create if it doesn't exist.
+        if ( ! $wp_filesystem->exists( $htaccess_file ) ) {
+            $htaccess_content = "Deny from all\n";
+            return $wp_filesystem->put_contents( $htaccess_file, $htaccess_content, FS_CHMOD_FILE );
+        }
+        return true;
+    }
+    /**
      * Check Users Role
+     *

easy-dropbox-integration/tags/1.12.6/includes/Updates.php

r3424111	r3431708
34	34	'1.7.0',
35	35	'1.12.0',
	36	'1.12.6',
36	37	];
37	38

easy-dropbox-integration/tags/1.12.6/readme.txt

-                      r3431689
+                      r3431708
 Requires at least: 5.3.2
 Tested up to:      6.9
 Stable tag:       1.12.5
+Stable tag:       1.12.6
 Requires PHP:      7.4.0
 License: GPLv2 or later
 …
 == Changelog ==
+= 1.12.6 - 3 January, 2026 =
+- **Improvement:** Thumbnail folder security.
 = 1.12.5 - 3 January, 2026 =

easy-dropbox-integration/trunk/app/Thumbnail.php

-                      r3424111
+                      r3431708
         $this->thumbnails_location_url = EDBI_CACHE_DIR_URL . 'thumbnails/' . $account_id . '/';
+        // Secure thumbnail location if no security.
+        Helper::secure_directory_with_index( $this->thumbnails_location );
+        // Add .htaccess protection to the thumbnail directory.
+        Helper::secure_cache_directory( $this->thumbnails_location );
         $this->size = $size;
 …
             $thumbnail = $thumbnail->getContents();
+            if ( ! file_exists( $this->thumbnails_location ) ) {
+                wp_mkdir_p( $this->thumbnails_location );
+            }
+            // Secure the account-specific thumbnail directory with index.php.
+            Helper::secure_directory_with_index( $this->thumbnails_location );
+            // put a index.php inside location if not exists.
+            if ( ! file_exists( $this->thumbnails_location . 'index.php' ) ) {
+                $wp_filesystem->put_contents( $this->thumbnails_location . 'index.php', '<?php exit; ?>', FS_CHMOD_FILE );
+            }
+            // file_put_contents( $file, $thumbnail );
+            // Save the thumbnail file.
             if ( ! $wp_filesystem->put_contents( $file, $thumbnail, FS_CHMOD_FILE ) ) {
                 return false;

easy-dropbox-integration/trunk/easy-dropbox-integration.php

-                      r3431689
+                      r3431708
  * Plugin URI:        https://ultradevs.com/easy-dropbox-integration/
  * Description:       Easy DropBox Integration - Browse, Upload, Manage Your Dropbox Files from Your Website Easily.
  * Version: 1.12.5
+ * Version: 1.12.6
  * Author:            ultraDevs
  * Author URI:        https://ultradevs.com
 …
 // Constant.
 define( 'EDBI_VERSION', '1.12.5' );
+define( 'EDBI_VERSION', '1.12.6' );
 define( 'EDBI_NAME', 'Easy Dropbox Integration' );
 define( 'EDBI_DIR_PATH', plugin_dir_path( __FILE__ ) );

easy-dropbox-integration/trunk/includes/Activate.php

-                      r3431687
+                      r3431708
         foreach ( $directories as $directory ) {
             if ( ! file_exists( $directory ) ) {
                 wp_mkdir_p( $directory );
+            }
+            // Secure directory with index.php file.
+            Helper::secure_directory_with_index( $directory );
+        }
+            // Create an index.php file in the directory using WP_Filesystem.
+            global $wp_filesystem;
+            if ( empty( $wp_filesystem ) ) {
+                require_once ABSPATH . '/wp-admin/includes/file.php';
+                WP_Filesystem();
+            }
+            $index_content = "<?php\n// Silence is golden\n";
+            $wp_filesystem->put_contents(
+                $directory . 'index.php',
+                $index_content,
+                FS_CHMOD_FILE
+            );
+        }
+        // Add .htaccess protection to the main cache directory.
+        Helper::secure_cache_directory( EDBI_CACHE_DIR );
+    }

easy-dropbox-integration/trunk/includes/Helper.php

-                      r3424111
+                      r3431708
     /**
+     * Secure Directory with Index File
+     *
+     * Creates an index.php file in a directory to prevent directory browsing.
+     *
+     * @param string $directory The directory path to secure.
+     * @return bool True if successful, false otherwise.
+     */
+    public static function secure_directory_with_index( $directory ) {
+        // Initialize WP_Filesystem if not already initialized.
+        global $wp_filesystem;
+        if ( empty( $wp_filesystem ) ) {
+            require_once ABSPATH . '/wp-admin/includes/file.php';
+            WP_Filesystem();
+        }
+        // Ensure directory exists.
+        if ( ! wp_mkdir_p( $directory ) ) {
+            return false;
+        }
+        $index_file = trailingslashit( $directory ) . 'index.php';
+        // Only create if it doesn't exist.
+        if ( ! $wp_filesystem->exists( $index_file ) ) {
+            $index_content = "<?php\n// Silence is golden.\n";
+            return $wp_filesystem->put_contents( $index_file, $index_content, FS_CHMOD_FILE );
+        }
+        return true;
+    }
+    /**
+     * Secure Cache Directory with .htaccess
+     *
+     * Creates a .htaccess file in the cache directory to deny direct access.
+     *
+     * @param string $cache_dir The cache directory path.
+     * @return bool True if successful, false otherwise.
+     */
+    public static function secure_cache_directory( $cache_dir ) {
+        // Initialize WP_Filesystem if not already initialized.
+        global $wp_filesystem;
+        if ( empty( $wp_filesystem ) ) {
+            require_once ABSPATH . '/wp-admin/includes/file.php';
+            WP_Filesystem();
+        }
+        // Ensure directory exists.
+        if ( ! wp_mkdir_p( $cache_dir ) ) {
+            return false;
+        }
+        $htaccess_file = trailingslashit( $cache_dir ) . '.htaccess';
+        // Only create if it doesn't exist.
+        if ( ! $wp_filesystem->exists( $htaccess_file ) ) {
+            $htaccess_content = "Deny from all\n";
+            return $wp_filesystem->put_contents( $htaccess_file, $htaccess_content, FS_CHMOD_FILE );
+        }
+        return true;
+    }
+    /**
      * Check Users Role
+     *

easy-dropbox-integration/trunk/includes/Updates.php

r3424111	r3431708
34	34	'1.7.0',
35	35	'1.12.0',
	36	'1.12.6',
36	37	];
37	38

easy-dropbox-integration/trunk/readme.txt

-                      r3431689
+                      r3431708
 Requires at least: 5.3.2
 Tested up to:      6.9
 Stable tag:       1.12.5
+Stable tag:       1.12.6
 Requires PHP:      7.4.0
 License: GPLv2 or later
 …
 == Changelog ==
+= 1.12.6 - 3 January, 2026 =
+- **Improvement:** Thumbnail folder security.
 = 1.12.5 - 3 January, 2026 =

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory