Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Plugin Mod / Fork, Update and what happened #40
Hey there, I know many of you noticed that something strange happened to this plugin. There was over a long period no update and at the beginning of the year a new version was released and shared only over the website by a potential new owner. The old version which is available over this repo is still v3.3 and the version provided over the new "official" website (at least the domain changed) http://www.mapsplugin.com is v3.5. I did a rough diff over the files and there were a lot of changes between these two versions. But most of them look ok. However the changes were never updated here in the git repo (even after 8 months). That's mysterious. There is a popular fix for PHP 7 which also was not integrated even since it is known for at least a year #28
Moreover @jaccsnl noticed strange lines in the code, possibly found during a Sucuri.net scan - see also #39. So I tried to find the problematic lines described by @jaccsnl by myself because he did not provide further infos. As already discussed in #39 the related code that I found seems to be a bit strange and very questionable. Moreover I noticed a bug in 'plugin_googlemap3.css.php' and a deprecated Google Maps JS Api query parameter "signed_in=0|1", which is still sent during requests. So I decided to fix these issues, remove the mysterious lines of code described in #39 and create a new version. For further information please review #39 I will not describe everything I discovered again.
So the new version is
So finally the updated version v3.5.2 of the plugin with the above described fixes is here. I know that this is far from the best way to provide an update but currently I do not know a better or faster way to offer a distribution of the updated version of the plugin. I strongly recommend everyone who still uses this plugin to download this version and install it. However please consider the problematic situation around this plugin, I'm not responsible for anything...it's just a fix to circumvent the possibility to inject code over this potential "backdoor" as long as the owner does not communicate what these lines actually do and for what they are used. I personally doubt that these lines make any sense other than pushing some stuff on the webserver of a person using this plugin. Why load a credit from the server and not hard code it? It's stupid because if a person understands PHP code it doesn't makes it more difficult to remove the credit. That's the only comprehensible thing I can think about and this doesn't makes any sense either.
Everything is just an assumption by me, but as long as there is no official communciation or statement by the owner (other than the updates without any changelogs) on the "official" site, it's better to take care.
Feel free to verify my archive and the code I uploaded. But there are no differences except the fixes described above. Moreover I hope that someone joins the discussion. I'm looking forward for some community input. The base for v3.5.2 was the version v3.5 taken from http://www.mapsplugin.com/update/. For the moment this version should work. In the near future I will create a fork of this repo because the current situation is far from acceptable. I don't have deep knowledge of the Maps API so I hope on participation :D.
@ypr52 TBH I can't really say what's the actual issue, never noticed it on one of my test sites. Open please a new issue maybe someone else has a solution. It would be better recognizable by other people within an separate issue. If there is a solution I will integrate it and create a new release.