WordPress.org
Get WordPress

Plugin Directory

Changeset 3268074


Ignore:
Timestamp:
04/07/2025 06:47:00 PM (12 months ago)
Author:
marcin.lawrowski
Message:

Version 3.3.3

Location:
wise-chat/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • wise-chat/trunk/readme.txt

    r3216633 r3268074  
    66Requires PHP: 5.2.0
    77Tested up to: 6.7.1
    8 Stable tag: 3.3.2
     8Stable tag: 3.3.3
    99License: LGPLv2
    1010License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    406406== Changelog ==
    407407
     408= 3.3.3 =
     409* Security: prevent listing directories with uploaded images or attachments
     410
    408411= 3.3.2 =
    409412* Fixed: breaking the site with Elementor installed

  • wise-chat/trunk/src/services/WiseChatAttachmentsService.php

    r3102462 r3268074  
    253253            );
    254254            wp_update_post($postUpdate);
     255
     256            $this->ensureProtectionMeasures($attachmentId);
    255257        }
    256258       
     
    349351        }
    350352    }
     353
     354    private function ensureProtectionMeasures(int $attachmentId) {
     355        $fullSizePath = get_attached_file($attachmentId);
     356        $directory = dirname($fullSizePath);
     357        if (!is_dir($directory) || !is_writable($directory)) {
     358            return;
     359        }
     360        $htaccessPath = rtrim($directory, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.'.htaccess';
     361        if (!file_exists($htaccessPath)) {
     362            file_put_contents($htaccessPath, 'Options All -Indexes');
     363        }
     364    }
    351365   
    352366}

  • wise-chat/trunk/src/services/WiseChatImagesService.php

    r3102462 r3268074  
    297297            );
    298298            wp_update_post($postUpdate);
     299
     300            $this->ensureProtectionMeasures($attachmentId);
    299301        }
    300302       
     
    391393        @trigger_error('WordPress Wise Chat plugin error (ImagesService): '.$message, E_USER_NOTICE);
    392394    }
     395
     396    private function ensureProtectionMeasures(int $attachmentId) {
     397        $fullSizePath = get_attached_file($attachmentId);
     398        $directory = dirname($fullSizePath);
     399        if (!is_dir($directory) || !is_writable($directory)) {
     400            return;
     401        }
     402        $htaccessPath = rtrim($directory, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.'.htaccess';
     403        if (!file_exists($htaccessPath)) {
     404            file_put_contents($htaccessPath, 'Options All -Indexes');
     405        }
     406    }
    393407   
    394408}

  • wise-chat/trunk/wise-chat-core.php

    r3216633 r3268074  
    22/*
    33    Plugin Name: Wise Chat
    4     Version: 3.3.2
     4    Version: 3.3.3
    55    Plugin URI: https://kainex.pl/projects/wp-plugins/wise-chat
    66    Description: Fully-featured chat plugin for WordPress. Supports multiple channels, private messages, multisite installation, bad words filtering, themes, appearance settings, avatars, filters, bans and more.
     
    1010*/
    1111
    12 define('WISE_CHAT_VERSION', '3.3.2');
     12define('WISE_CHAT_VERSION', '3.3.3');
    1313define('WISE_CHAT_ROOT', plugin_dir_path(__FILE__));
    1414define('WISE_CHAT_NAME', 'Wise Chat');
Note: See TracChangeset for help on using the changeset viewer.