Changeset 3460447

Timestamp:

02/13/2026 01:54:03 AM (5 days ago)

Author:

GamerZ

Message:

Deploying wp-downloadmanager from GitHub

Location:

wp-downloadmanager/trunk

Files:

• download-manager.php (modified) (3 diffs)
• download-options.php (modified) (1 diff)
• readme.txt (modified) (2 diffs)
• wp-downloadmanager.php (modified) (3 diffs)

wp-downloadmanager/trunk/download-manager.php

@@ -140 +140 @@
                                 $file_upload_to = $file_upload_to . '/';
                             }
-                            if(move_uploaded_file($_FILES['file_upload']['tmp_name'], $file_path.$file_upload_to.basename($_FILES['file_upload']['name']))) {
-                                $file = $file_upload_to.basename($_FILES['file_upload']['name']);
-                                $file = download_rename_file($file_path, $file);
-                                $file_size = filesize($file_path.$file);
+                            $validate = wp_check_filetype_and_ext( $_FILES['file_upload']['tmp_name'], basename( $_FILES['file_upload']['name'] ) );
+                            if ( $validate['type'] === false ) {
+                                    $text = '<p style="color: red;">' . __('File type is invalid', 'wp-downloadmanager') . '</p>';
+                                    break;
+                            }
+                            if( move_uploaded_file( $_FILES['file_upload']['tmp_name'], $file_path.$file_upload_to . basename( $_FILES['file_upload']['name'] ) ) ) {
+                                $file = $file_upload_to . basename( $_FILES['file_upload']['name'] );
+                                $file = download_rename_file( $file_path, $file );
+                                $file_size = filesize( $file_path . $file );
                             } else {
-                                $text = '<p style="color: red;">'.__('Error In Uploading File', 'wp-downloadmanager').'</p>';
+                                $text = '<p style="color: red;">' . __('Error In Uploading File', 'wp-downloadmanager') . '</p>';
                                 break;
                             }
                         } else {
-                            $text = '<p style="color: red;">'.__('Error In Uploading File', 'wp-downloadmanager').'</p>';
+                            $text = '<p style="color: red;">' . __('Error In Uploading File', 'wp-downloadmanager') . '</p>';
                             break;
                         }
@@ -209 +214 @@
             check_admin_referer('wp-downloadmanager_delete-file');
             $file_id  = ! empty( $_POST['file_id'] ) ? intval( $_POST['file_id'] ) : 0;
-            $file = ! empty( $_POST['file'] ) ? sanitize_text_field( $_POST['file'] ) : '';
-            $file_name = ! empty( $_POST['file_name'] ) ? sanitize_text_field( $_POST['file_name'] ) : '';
+            $file = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->downloads WHERE file_id = %d", $file_id ) );
             $unlinkfile = ! empty( $_POST['unlinkfile'] ) ? intval( $_POST['unlinkfile'] ) : 0;
-            if($unlinkfile == 1) {
-                if(!unlink($file_path.$file)) {
-                    $text = '<p style="color: red;">'.sprintf(__('Error In Deleting File \'%s (%s)\' From Server', 'wp-downloadmanager'), $file_name, $file).'</p>';
+            if ( $unlinkfile === 1 ) {
+                if ( ! unlink( $file_path . $file->file ) ) {
+                    $text = '<p style="color: red;">' . sprintf( __( 'Error In Deleting File \'%s (%s)\' From Server', 'wp-downloadmanager' ), $file->file_name, $file->file ) . '</p>';
                 } else {
-                    $text = '<p style="color: green;">'.sprintf(__('File \'%s (%s)\' Deleted From Server Successfully', 'wp-downloadmanager'), $file_name, $file).'</p>';
+                    $text = '<p style="color: green;">' . sprintf( __( 'File \'%s (%s)\' Deleted From Server Successfully', 'wp-downloadmanager' ), $file->file_name, $file->file ) . '</p>';
                 }
             }
-            $deletefile = $wpdb->query("DELETE FROM $wpdb->downloads WHERE file_id = $file_id");
-            if(!$deletefile) {
-                $text .= '<p style="color: red;">'.sprintf(__('Error In Deleting File \'%s (%s)\'', 'wp-downloadmanager'), $file_name, $file).'</p>';
+            $deletefile = $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->downloads WHERE file_id = %d", $file->file_id ) );
+            if ( ! $deletefile ) {
+                $text .= '<p style="color: red;">' . sprintf( __('Error In Deleting File \'%s (%s)\'', 'wp-downloadmanager'), $file->file_name, $file->file) . '</p>';
             } else {
-                $text .= '<p style="color: green;">'.sprintf(__('File \'%s (%s)\' Deleted Successfully', 'wp-downloadmanager'), $file_name, $file).'</p>';
+                $text .= '<p style="color: green;">' . sprintf( __('File \'%s (%s)\' Deleted Successfully', 'wp-downloadmanager'), $file->file_name, $file->file) . '</p>';
             }
             break;
@@ -377 +381 @@
         <!-- Delete A File -->
         <form method="post" action="<?php echo admin_url('admin.php?page='.plugin_basename(__FILE__)); ?>">
-            <input type="hidden" name="file_id" value="<?php echo intval($file->file_id); ?>" />
-            <input type="hidden" name="file" value="<?php echo esc_attr( removeslashes( $file->file ) ); ?>" />
-            <input type="hidden" name="file_name" value="<?php echo esc_attr( removeslashes( $file->file_name ) ); ?>" />
+            <input type="hidden" name="file_id" value="<?php echo esc_attr( intval( $file->file_id ) ); ?>" />
             <?php wp_nonce_field('wp-downloadmanager_delete-file'); ?>
             <div class="wrap">

wp-downloadmanager/trunk/download-options.php

@@ -40 +40 @@
     
     // Validate
-    if ( substr( $download_path, 0, strlen( WP_CONTENT_DIR ) ) !== WP_CONTENT_DIR ) {
+    $real_download_path = realpath( $download_path );
+    $real_wp_content_dir = realpath( WP_CONTENT_DIR );
+
+    if ( false === $real_download_path || false === $real_wp_content_dir || strpos( $real_download_path . DIRECTORY_SEPARATOR, $real_wp_content_dir ) !== 0 || strpos( $download_path, '../' ) !== false ) {
         $download_path = WP_CONTENT_DIR;
     }

wp-downloadmanager/trunk/readme.txt

@@ -4 +4 @@
 Tags: file, files, download, downloads, manager, downloadmanager, downloadsmanager, filemanager, filesmanager  
 Requires at least: 4.0  
-Tested up to: 6.8  
-Stable tag: 1.69   
+Tested up to: 6.9  
+Stable tag: 1.69.1  
 License: GPLv2  
 
@@ -59 +59 @@
 
 ## Changelog
+
+### Version 1.69.1
+* FIXED: Use file_id to fetch file again before deleting files.
+* FIXED: Don't allow directory traversal for download_path
+
 ### Version 1.69
 * FIXED: Only allow certain files to be uploaded based on `wp_check_filetype_and_ext()`

wp-downloadmanager/trunk/wp-downloadmanager.php

@@ -4 +4 @@
 Plugin URI: https://lesterchan.net/portfolio/programming/php/
 Description: Adds a simple download manager to your WordPress blog.
-Version: 1.69
+Version: 1.69.1
 Author: Lester 'GaMerZ' Chan
 Author URI: https://lesterchan.net
@@ -31 +31 @@
 
 ### Version
-define( 'WP_DOWNLOADMANAGER_VERSION', '1.69' );
+define( 'WP_DOWNLOADMANAGER_VERSION', '1.69.1' );
 
 ### Create text domain for translations
@@ -1075 +1075 @@
             $template_download_embedded = str_replace("%FILE_CATEGORY_ID%", (int) $file->file_category, $template_download_embedded);
             $template_download_embedded = str_replace("%FILE_CATEGORY_NAME%", stripslashes($download_categories[(int) $file->file_category]), $template_download_embedded);
-            $template_download_embedded = str_replace("%FILE_DATE%",  mysql2date(get_option('date_format'), gmdate('Y-m-d H:i:s', $file->file_date)), $template_download_embedded);
-            $template_download_embedded = str_replace("%FILE_TIME%",  mysql2date(get_option('time_format'), gmdate('Y-m-d H:i:s', $file->file_date)), $template_download_embedded);
-            $template_download_embedded = str_replace("%FILE_UPDATED_DATE%",  mysql2date(get_option('date_format'), gmdate('Y-m-d H:i:s', $file->file_updated_date)), $template_download_embedded);
-            $template_download_embedded = str_replace("%FILE_UPDATED_TIME%",  mysql2date(get_option('time_format'), gmdate('Y-m-d H:i:s', $file->file_updated_date)), $template_download_embedded);
+            $template_download_embedded = str_replace("%FILE_DATE%",  mysql2date(get_option('date_format'), gmdate('Y-m-d H:i:s', (int) $file->file_date)), $template_download_embedded);
+            $template_download_embedded = str_replace("%FILE_TIME%",  mysql2date(get_option('time_format'), gmdate('Y-m-d H:i:s', (int) $file->file_date)), $template_download_embedded);
+            $template_download_embedded = str_replace("%FILE_UPDATED_DATE%",  mysql2date(get_option('date_format'), gmdate('Y-m-d H:i:s', (int) $file->file_updated_date)), $template_download_embedded);
+            $template_download_embedded = str_replace("%FILE_UPDATED_TIME%",  mysql2date(get_option('time_format'), gmdate('Y-m-d H:i:s', (int) $file->file_updated_date)), $template_download_embedded);
             $template_download_embedded = str_replace("%FILE_HITS%", number_format_i18n($file->file_hits), $template_download_embedded);
             $template_download_embedded = str_replace("%FILE_DOWNLOAD_URL%", download_file_url($file->file_id, $file->file), $template_download_embedded);