Permalink
Browse files

Removed secure uRL's, various other minor bug fixes.

  • Loading branch information...
Michael Sisk Michael Sisk
Michael Sisk authored and Michael Sisk committed May 21, 2011
1 parent 9b7b9dc commit 51a49cafc650b7851fda68a8d0ef55f89ffbad0f
Showing with 48 additions and 10 deletions.
  1. +5 −5 readme.txt
  2. +12 −1 webcomic-includes/admin.php
  3. +31 −4 webcomic.php
View
@@ -3,8 +3,8 @@ Contributors: mgsisk
Donate link: http://webcomicms.net/
Tags: webcomic, comic, multiple comics, storylines, chapters, library, management, themes, posts, publish, custom post type, custom taxonomy, template tags, widgets
Requires at least: 3.0
-Tested up to: 3.1
-Stable tag: 3.0.5
+Tested up to: 3.1.2
+Stable tag: 3.0.6
Comic publishing power for WordPress.
@@ -14,7 +14,7 @@ Please see the [official Webcomic site](http://webcomicms.net/) for the users ma
= ✮ Inkblot & Archimedes Users ✮ =
-You must update your theme functions.php file and the mgs_core.php file found in the theme `/includes` directory after updating to Webcomic 3.0.5. You can download the latest versions of both Inkblot and Archimedes at [http://webcomicms.net/themes/](http://webcomicms.net/themes/).
+*If you are upgrading from Webcomic 3.0.4* you must update your theme functions.php file and the mgs_core.php file found in the theme `/includes` directory after updating to Webcomic 3.0.5. You can download the latest versions of both Inkblot and Archimedes at [http://webcomicms.net/themes/](http://webcomicms.net/themes/).
= Upgrading from Webcomic 1 or 2? =
@@ -48,5 +48,5 @@ Webcomic's *Integrate* feature allows it to be used with any WordPress theme rig
== Upgrade Notice ==
-= 3.0.5 =
-Introduces the **Character Converter** tool. Various minor bug fixes.
+= 3.0.6 =
+- Query strings for secure directory obfuscation are no longer used. Webcomic now attempts to create index files to hide directory contents instead.
@@ -1439,6 +1439,14 @@ function hook_created_webcomic_collection( $term_id, $tt_id ) {
if ( !@mkdir( $tabs, 0755, true ) )
$this->errors[ 'no_directory' ] = sprintf( __( 'The collection directory could not be created. You will need to create the following directory (if it does not already exist) before you can manage webcomics for this collection: %s', 'webcomic' ), $tabs );
+ if ( $this->option( 'secure_toggle' ) ) {
+ if ( ( $index1 = fopen( $this->directory( 'abs', $term->slug ) . '/index.php', 'w' ) ) and ( $index2 = fopen( $tabs . '/index.php', 'w' ) ) ) {
+ fclose( $index1 );
+ fclose( $index2 );
+ } else
+ $this->errors[ 'no_directory' ] = sprintf( __( 'Index files could not be created. You will need to create index files in %s and %s to prevent users from directly browsing your webcomic files.', 'webcomic' ), $this->directory( 'abs', $term->slug ), $tabs );
+ }
+
$term_meta[ 'collection' ][ $term_id ] = array(
'files' => array(),
'slug' => $term->slug,
@@ -2638,6 +2646,9 @@ function admin_files() {
$count[ 'all' ] = $count[ 'future' ] = $count[ 'publish' ] = $count[ 'private' ] = $count[ 'pending' ] = $count[ 'draft' ] = $count[ 'trash' ] = $count[ 'orphaned' ] = $count[ 'matched' ] = 0;
+ if ( false !== ( $index_key = array_search( $abs . 'index.php', $files ) ) )
+ unset( $files[ $index_key ] );
+
foreach ( $term_meta as $taxonomy )
foreach ( $taxonomy as $term )
if ( !empty( $term[ 'files' ] ) )
@@ -3659,7 +3670,7 @@ function admin_settings() {
</tr>
<tr>
<th scope="row"><label for="secure_toggle"><?php _e( 'Security', 'webcomic' ); ?></label></th>
- <td><label><input type="checkbox" name="secure_toggle" value="1" id="secure_toggle"<?php if ( $this->option( 'secure_toggle' ) ) echo ' checked'; ?>> <?php _e( 'Secure filenames and obscure the location of files', 'webcomic' ); ?></label></td>
+ <td><label><input type="checkbox" name="secure_toggle" value="1" id="secure_toggle"<?php if ( $this->option( 'secure_toggle' ) ) echo ' checked'; ?>> <?php _e( 'Secure filenames and hide collection directory contents', 'webcomic' ); ?></label></td>
</tr>
<tr>
<th scope="row"><label for="age_toggle"><?php _e( 'Verification', 'webcomic' ); ?></label></th>
View
@@ -4,7 +4,7 @@
Plugin Name: Webcomic
Plugin URI: http://webcomicms.net/
Description: Comic publishing power for WordPress. Create, manage, and share your webcomics like never before.
-Version: 3.0.5
+Version: 3.0.6
Author: Michael Sisk
Author URI: http://maikeruon.com/
@@ -42,7 +42,7 @@
class webcomic extends mgs_core {
/** Override mgs_core variables */
protected $name = 'webcomic';
- protected $version = '3.0.5';
+ protected $version = '3.0.6';
protected $file = __FILE__;
protected $type = 'plugin';
@@ -128,6 +128,23 @@ function upgrade() {
if ( !is_array( $this->option( 'term_meta' ) ) )
$this->option( 'term_meta', array( 'collection' => array(), 'storyline' => array(), 'character' => array() ) );
+ //3.0.6 - Add index files to directories.
+ if ( $this->option( 'secure_toggle' ) ) {
+ $collections = get_terms( 'webcomic_collection', 'get=all' );
+
+ foreach ( $collections as $collection ) {
+ if ( !file_exists( $this->directory( 'abs', $collection->slug ) . '/index.php' ) ) {
+ $index = @fopen( $this->directory( 'abs', $collection->slug ) . '/index.php', 'w' );
+ @fclose( $index );
+ }
+
+ if ( !file_exists( $this->directory( 'abs', $collection->slug ) . '/thumbs/index.php' ) ) {
+ $index = @fopen( $this->directory( 'abs', $collection->slug ) . '/thumbs/index.php', 'w' );
+ @fclose( $index );
+ }
+ }
+ }
+
$this->update[ 'upgraded' ] = sprintf( __( 'Thanks again for choosing Webcomic! Your <a href="%s">support</a> is much appreciated.', 'webcomic' ), 'https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=R6SH66UF6F9DG' );
}
@@ -3031,6 +3048,17 @@ function hook_template_redirect() {
}
}
+ /**
+ * Adds a "generator" <meta> tag to the site header
+ * for easy identification of Webcomic users.
+ *
+ * @package webcomic
+ * @since 3
+ */
+ function hook_wp_head() {
+ printf( '<meta name="generator" content="Webcomic %s">', $this->version );
+ }
+
////
@@ -3869,8 +3897,7 @@ function retrieve( $id, $type, $src, $match = false ) {
continue;
$output[ $s ][ $k ] = array_merge( getimagesize( ( ( 'full' == $s ) ? $abs : $tabs ) . $files[ $s ][ $k ] ), pathinfo( ( ( 'full' == $s ) ? $abs : $tabs ) . $files[ $s ][ $k ] ) );
- $output[ $s ][ $k ][ 'url' ] = ( ( 'full' == $s ) ? $url : $turl ) . $files[ $s ][ $k ];
- $output[ $s ][ $k ][ 'surl' ] = get_bloginfo( 'url' ) . '/?webcomic_object=' . $type . '/' . $id . '/' . $s . '/' . $k;
+ $output[ $s ][ $k ][ 'url' ] = $output[ $s ][ $k ][ 'surl' ] = ( ( 'full' == $s ) ? $url : $turl ) . $files[ $s ][ $k ];
$obj = ( 'application/x-shockwave-flash' == $output[ $s ][ $k ][ 'mime' ] ) ? str_replace( '%des', $des, str_replace( '%alt', $alt, str_replace( '%size', $s, str_replace( '%width', $output[ $s ][ $k ][ 0 ], str_replace( '%height', $output[ $s ][ $k ][ 1 ], str_replace( '%uid', hash( 'md5', $output[ $s ][ $k ][ 'url' ] ), $flash ) ) ) ) ) ) : str_replace( '%des', $des, str_replace( '%alt', $alt, str_replace( '%size', $s, str_replace( '%heightwidth', $output[ $s ][ $k ][ 3 ], str_replace( '%uid', hash( 'md5', $output[ $s ][ $k ][ 'url' ] ), $image ) ) ) ));

0 comments on commit 51a49ca

Please sign in to comment.