WordPress.org

Plugin Directory

Changeset 615031


Ignore:
Timestamp:
10/20/12 21:02:35 (18 months ago)
Author:
DrewAPicture
Message:

Remove faulty strlen check on filename in force-download.php. Fixes WSOD issues.

Location:
download-shortcode/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • download-shortcode/trunk/download-shortcode.php

    r611821 r615031  
    66 * Author: Drew Jaynes (DrewAPicture) 
    77 * Author URI: http://www.werdswords.com 
    8  * Version: 0.2.1 
     8 * Version: 0.2.2 
    99 */ 
    1010 
  • download-shortcode/trunk/force-download.php

    r611813 r615031  
    1414 
    1515// Check for empty value or shenanigans 
    16 if ( $filename == "" ||  
    17     strpos( $filename, '.php' ) ||  
    18     strlen( $filename <= 3 ) ||  
    19     ! file_exists( $filename ) ) 
     16if ( $filename == "" 
     17    || strpos( $filename, '.php' )  
     18    || ! file_exists( $filename ) ) 
    2019  exit; 
    2120 
  • download-shortcode/trunk/readme.txt

    r611821 r615031  
    55Requires at least: 3.0 
    66Tested up to: 3.4.2 
    7 Stable tag: 0.2.1 
     7Stable tag: 0.2.2 
    88License: GPLv2 
    99 
     
    6262= 0.2 = Fix security vulnerability which exposed php core files to direct download, docblocking and other tweaks.  
    6363 
     64= 0.2.2 = Remove faulty strlen check on filenames in force-download.php. Fixes WSOD issues. 
     65 
    6466== Upgrade Notice == 
    6567 
Note: See TracChangeset for help on using the changeset viewer.