Changeset 3459943
- Timestamp:
- 02/12/2026 12:42:44 PM (4 weeks ago)
- Location:
- media-library-plus/trunk
- Files:
-
- 5 edited
-
includes/media-library.php (modified) (1 diff)
-
js/mlfp-media.js (modified) (1 diff)
-
media-library-plus.php (modified) (13 diffs)
-
mlp-reset.php (modified) (1 diff)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
media-library-plus/trunk/includes/media-library.php
r3177028 r3459943 1118 1118 type: "POST", 1119 1119 async: true, 1120 data: { action: "mlfp_load_image", src: src, nonce: mgmlp_ajax. nonce },1120 data: { action: "mlfp_load_image", src: src, nonce: mgmlp_ajax.lin_nonce }, 1121 1121 url: mgmlp_ajax.ajaxurl, 1122 1122 success: function (data) { -
media-library-plus/trunk/js/mlfp-media.js
r3143036 r3459943 70 70 type: "POST", 71 71 async: true, 72 data: { action: "mlfp_load_image", src: src, nonce: mlfpmedia. nonce },72 data: { action: "mlfp_load_image", src: src, nonce: mlfpmedia.lin_nonce }, 73 73 url: mlfpmedia.ajaxurl, 74 74 success: function (data) { -
media-library-plus/trunk/media-library-plus.php
r3410874 r3459943 4 4 Plugin URI: https://maxgalleria.com 5 5 Description: Gives you the ability to adds folders and move files in the WordPress Media Library. 6 Version: 8.3. 66 Version: 8.3.7 7 7 Author: Max Foundry 8 8 Author URI: https://maxfoundry.com … … 76 76 public function set_global_constants() { 77 77 define('MAXGALLERIA_MEDIA_LIBRARY_VERSION_KEY', 'maxgalleria_media_library_version'); 78 define('MAXGALLERIA_MEDIA_LIBRARY_VERSION_NUM', '8.3. 6');78 define('MAXGALLERIA_MEDIA_LIBRARY_VERSION_NUM', '8.3.7'); 79 79 define('MAXGALLERIA_MEDIA_LIBRARY_IGNORE_NOTICE', 'maxgalleria_media_library_ignore_notice'); 80 80 define('MAXGALLERIA_MEDIA_LIBRARY_PLUGIN_NAME', trim(dirname(plugin_basename(__FILE__)), '/')); … … 85 85 if(!defined('MAXGALLERIA_MEDIA_LIBRARY_NONCE')) 86 86 define("MAXGALLERIA_MEDIA_LIBRARY_NONCE", "mgmlp_nonce"); 87 88 if(!defined('MLFP_LOAD_IMAGE_NONCE')) 89 define("MLFP_LOAD_IMAGE_NONCE", "mlfp_load_image_nonce"); 90 87 91 if(!defined('MAXGALLERIA_MEDIA_LIBRARY_POST_TYPE')) 88 92 define("MAXGALLERIA_MEDIA_LIBRARY_POST_TYPE", "mgmlp_media_folder"); … … 202 206 add_action('wp_ajax_create_new_folder', array($this, 'create_new_folder')); 203 207 204 add_action('wp_ajax_nopriv_delete_maxgalleria_media', array($this, 'delete_maxgalleria_media'));205 208 add_action('wp_ajax_delete_maxgalleria_media', array($this, 'delete_maxgalleria_media')); 206 209 207 210 add_action('wp_ajax_nopriv_upload_attachment', array($this, 'upload_attachment')); 208 211 add_action('wp_ajax_upload_attachment', array($this, 'upload_attachment')); … … 218 221 add_action('wp_ajax_add_to_max_gallery', array($this, 'add_to_max_gallery')); 219 222 220 add_action('wp_ajax_nopriv_maxgalleria_rename_image', array($this, 'maxgalleria_rename_image'));221 223 add_action('wp_ajax_maxgalleria_rename_image', array($this, 'maxgalleria_rename_image')); 222 224 … … 412 414 jQuery(clone).attr('src', ''); 413 415 jQuery(clone).removeAttr('srcset'); 414 // replace with new element in order to load dthe image416 // replace with new element in order to load the image 415 417 jQuery(element).replaceWith(clone); 416 418 … … 418 420 type: "POST", 419 421 async: false, 420 data: { action: "mlfp_load_image", src: src, nonce: '<?php echo wp_create_nonce(M AXGALLERIA_MEDIA_LIBRARY_NONCE) ?>' },422 data: { action: "mlfp_load_image", src: src, nonce: '<?php echo wp_create_nonce(MLFP_LOAD_IMAGE_NONCE) ?>' }, 421 423 url: '<?php echo admin_url('admin-ajax.php') ?>', 422 424 success: function (data) { … … 441 443 public function mlfp_load_image () { 442 444 443 if ( !wp_verify_nonce( $_POST['nonce'], M AXGALLERIA_MEDIA_LIBRARY_NONCE)) {445 if ( !wp_verify_nonce( $_POST['nonce'], MLFP_LOAD_IMAGE_NONCE)) { 444 446 exit(esc_html__('Missing nonce! Please refresh this page.','maxgalleria-media-library')); 445 447 } … … 733 735 'bda_user_role' => $this->bda_user_role, 734 736 'link_copied' => esc_html__('download link has been copied to the clipboard', 'maxgalleria-media-library'), 737 'lin_nonce'=> wp_create_nonce(MLFP_LOAD_IMAGE_NONCE), 735 738 'nonce'=> wp_create_nonce(MAXGALLERIA_MEDIA_LIBRARY_NONCE)) 736 739 ); … … 776 779 'ajaxurl' => admin_url( 'admin-ajax.php' ), 777 780 'nonce'=> wp_create_nonce(MAXGALLERIA_MEDIA_LIBRARY_NONCE), 781 'lin_nonce'=> wp_create_nonce(MLFP_LOAD_IMAGE_NONCE), 778 782 'upload_message' => esc_html__('Select the folder where you wish to view or upload files.', 'maxgalleria-media-library'), 779 783 'uploads_folder_id' => $upload_id, … … 2872 2876 2873 2877 public function delete_maxgalleria_media() { 2878 2879 global $wpdb, $is_IIS; 2880 2881 $folder_deleted = true; 2882 $message = ''; 2883 2884 /** 2885 * Combined auth gate: 2886 * - Must be logged in 2887 * - Must have upload_files capability 2888 */ 2889 if ( ! is_user_logged_in() || ! current_user_can( 'upload_files' ) ) { 2890 // Keep original wording for capability failure, but also covers not-logged-in 2891 $data = array( 2892 'message' => esc_html__( 'You do not have the capability to upload files.', 'maxgalleria-media-library' ), 2893 'refresh' => false, 2894 ); 2895 echo wp_json_encode( $data ); 2896 wp_die(); 2897 } 2898 2899 // Nonce check 2900 $nonce = isset( $_POST['nonce'] ) ? sanitize_text_field( wp_unslash( $_POST['nonce'] ) ) : ''; 2901 if ( ! wp_verify_nonce( $nonce, MAXGALLERIA_MEDIA_LIBRARY_NONCE ) ) { 2902 $data = array( 2903 'message' => esc_html__( 'Missing or invalid nonce! Please refresh this page.', 'maxgalleria-media-library' ), 2904 'refresh' => false, 2905 ); 2906 echo wp_json_encode( $data ); 2907 wp_die(); 2908 } 2909 2910 // Parse IDs as absint list 2911 $delete_ids = array(); 2912 if ( isset( $_POST['serial_delete_ids'] ) ) { 2913 $raw = wp_unslash( $_POST['serial_delete_ids'] ); 2914 $raw = str_replace( '"', '', $raw ); 2915 $parts = array_filter( array_map( 'trim', explode( ',', $raw ) ) ); 2916 $delete_ids = array_values( array_filter( array_map( 'absint', $parts ) ) ); 2917 } 2918 2919 // Parent folder 2920 $parent_folder = isset( $_POST['parent_id'] ) ? absint( wp_unslash( $_POST['parent_id'] ) ) : 0; 2921 if ( ! $parent_folder ) { 2922 $parent_folder = (int) $this->uploads_folder_ID; 2923 } 2924 2925 $table = $wpdb->prefix . MAXGALLERIA_MEDIA_LIBRARY_FOLDER_TABLE; 2926 $current_user_id = get_current_user_id(); 2927 $is_admin_like = current_user_can( 'manage_options' ); // "admin-like" gate 2928 2929 foreach ( $delete_ids as $delete_id ) { 2930 2931 // prevent uploads folder from being deleted 2932 if ( (int) $delete_id === (int) $this->uploads_folder_ID ) { 2933 $message = esc_html__( 'The uploads folder cannot be deleted.', 'maxgalleria-media-library' ); 2934 $data = array( 'message' => $message, 'refresh' => false ); 2935 echo wp_json_encode( $data ); 2936 wp_die(); 2937 } 2938 2939 // Load the post object once (also protects against missing IDs) 2940 $post = get_post( $delete_id ); 2941 if ( ! $post ) { 2942 continue; 2943 } 2944 2945 // 2) For each ID: current_user_can('delete_post', $id) must pass 2946 if ( ! current_user_can( 'delete_post', $delete_id ) ) { 2947 continue; // or return an error if you prefer strict behavior 2948 } 2949 2950 // 4) For folder post type: admin-only 2951 if ( $post->post_type === MAXGALLERIA_MEDIA_LIBRARY_POST_TYPE && ! $is_admin_like ) { 2952 continue; 2953 } 2954 2955 // 3) For attachments: enforce owner-only unless admin-like 2956 if ( $post->post_type === 'attachment' && ! $is_admin_like ) { 2957 if ( (int) $post->post_author !== (int) $current_user_id ) { 2958 continue; 2959 } 2960 } 2961 2962 $sql = $wpdb->prepare( 2963 "SELECT p.post_title, p.post_type, pm.meta_value AS attached_file 2964 FROM {$wpdb->posts} p 2965 LEFT JOIN {$wpdb->postmeta} pm 2966 ON (pm.post_id = p.ID AND pm.meta_key = %s) 2967 WHERE p.ID = %d", 2968 '_wp_attached_file', 2969 $delete_id 2970 ); 2971 2972 $row = $wpdb->get_row( $sql ); 2973 if ( ! $row ) { 2974 continue; 2975 } 2976 2977 $baseurl = rtrim( $this->upload_dir['baseurl'], '/' ) . '/'; 2978 $image_location = $baseurl . ltrim( (string) $row->attached_file, '/' ); 2979 $folder_path = $this->get_absolute_path( $image_location ); 2980 $del_post = array( 'post_id' => $delete_id ); 2981 2982 if ( $row->post_type === MAXGALLERIA_MEDIA_LIBRARY_POST_TYPE ) { // folder 2983 2984 $sql_count = $wpdb->prepare( "SELECT COUNT(*) FROM {$table} WHERE folder_id = %d", $delete_id ); 2985 $row_count = (int) $wpdb->get_var( $sql_count ); 2986 2987 if ( $row_count > 0 ) { 2988 $message = esc_html__( 'The folder, ', 'maxgalleria-media-library' ) . $row->post_title . 2989 esc_html__( ', is not empty. Please delete or move files from the folder', 'maxgalleria-media-library' ) . PHP_EOL; 2990 2991 $data = array( 'message' => esc_html( $message ), 'refresh' => false ); 2992 echo wp_json_encode( $data ); 2993 wp_die(); 2994 } 2995 2996 if ( file_exists( $folder_path ) && is_dir( $folder_path ) ) { 2997 @chmod( $folder_path, 0777 ); 2998 $this->remove_hidden_files( $folder_path ); 2999 3000 if ( $this->is_dir_empty( $folder_path ) ) { 3001 if ( ! rmdir( $folder_path ) ) { 3002 $message = esc_html__( 'The folder could not be deleted.', 'maxgalleria-media-library' ); 3003 } 3004 } else { 3005 $message = esc_html__( 'The folder is not empty and could not be deleted.', 'maxgalleria-media-library' ); 3006 $folder_deleted = false; 3007 } 3008 } 3009 3010 if ( $folder_deleted ) { 3011 wp_delete_post( $delete_id, true ); 3012 $wpdb->delete( $table, $del_post ); 3013 $message = esc_html__( 'The folder was deleted.', 'maxgalleria-media-library' ); 3014 } 3015 3016 $folders = $this->get_folder_data( $parent_folder ); 3017 $data = array( 3018 'message' => esc_html( $message ), 3019 'folders' => $folders, 3020 'refresh' => $folder_deleted, 3021 ); 3022 echo wp_json_encode( $data ); 3023 wp_die(); 3024 3025 } else { // attachment (or other non-folder post types) 3026 3027 // Ensure we only call wp_delete_attachment on attachments 3028 if ( $post->post_type !== 'attachment' ) { 3029 continue; 3030 } 3031 3032 $metadata = wp_get_attachment_metadata( $delete_id ); 3033 $image_path = $this->get_absolute_path( $image_location ); 3034 $path_to_thumbnails = pathinfo( $image_path, PATHINFO_DIRNAME ); 3035 3036 if ( wp_delete_attachment( $delete_id, true ) !== false ) { 3037 $wpdb->delete( $table, $del_post ); 3038 $message = esc_html__( 'The file(s) were deleted', 'maxgalleria-media-library' ) . PHP_EOL; 3039 3040 // ensure the attachment is deleted 3041 if ( file_exists( $image_path ) ) { 3042 unlink( $image_path ); 3043 } 3044 3045 if ( isset( $metadata['sizes'] ) && is_array( $metadata['sizes'] ) ) { 3046 foreach ( $metadata['sizes'] as $source_path ) { 3047 if ( empty( $source_path['file'] ) ) { 3048 continue; 3049 } 3050 3051 $thumbnail_file = $path_to_thumbnails . DIRECTORY_SEPARATOR . $source_path['file']; 3052 3053 if ( $is_IIS || strtoupper( substr( PHP_OS, 0, 3 ) ) === 'WIN' || strtoupper( substr( PHP_OS, 0, 13 ) ) === 'MICROSOFT-IIS' ) { 3054 $thumbnail_file = str_replace( '/', '\\', $thumbnail_file ); 3055 } 3056 3057 if ( file_exists( $thumbnail_file ) ) { 3058 unlink( $thumbnail_file ); 3059 } 3060 } 3061 } 3062 3063 } else { 3064 $message = esc_html__( 'The file(s) were not deleted', 'maxgalleria-media-library' ) . PHP_EOL; 3065 } 3066 } 3067 } 3068 3069 $files = $this->display_folder_contents( $parent_folder, true, '', false ); 3070 $refresh = true; 3071 3072 $data = array( 3073 'message' => esc_html( $message ), 3074 'files' => $files, 3075 'refresh' => $refresh, 3076 ); 3077 3078 echo wp_json_encode( $data ); 3079 wp_die(); 3080 } 3081 3082 public function delete_maxgalleria_media1() { 2874 3083 2875 3084 global $wpdb, $is_IIS; … … 3402 3611 type: 'POST', 3403 3612 async: true, 3404 data: { action: 'mlfp_load_image', src: src, nonce: mgmlp_ajax.nonce},3613 data: { action: 'mlfp_load_image', src: src, nonce: '<?php echo wp_create_nonce(MLFP_LOAD_IMAGE_NONCE) ?>' }, 3405 3614 url: mgmlp_ajax.ajaxurl, 3406 3615 success: function (data) { … … 3419 3628 <?php 3420 3629 } 3630 3631 public function maxgalleria_rename_image() { 3632 3633 global $wpdb, $blog_id, $is_IIS; 3634 3635 /** 3636 * Combined auth gate: 3637 * - Must be logged in 3638 * - Must have upload_files capability 3639 */ 3640 if ( ! is_user_logged_in() || ! current_user_can( 'upload_files' ) ) { 3641 // Keep original wording for capability failure, but also covers not-logged-in 3642 $data = array( 3643 'message' => esc_html__( 'You do not have the capability to upload files.', 'maxgalleria-media-library' ), 3644 'refresh' => false, 3645 ); 3646 echo wp_json_encode( $data ); 3647 wp_die(); 3648 } 3649 3650 // Nonce check 3651 $nonce = isset( $_POST['nonce'] ) ? sanitize_text_field( wp_unslash( $_POST['nonce'] ) ) : ''; 3652 if ( ! wp_verify_nonce( $nonce, MAXGALLERIA_MEDIA_LIBRARY_NONCE ) ) { 3653 echo esc_html__( 'missing nonce! Please refresh this page.', 'maxgalleria-media-library' ); 3654 die(); 3655 } 3656 3657 // Baseline capability check (keep existing behavior) 3658 if ( ! current_user_can( 'upload_files' ) ) { 3659 echo esc_html__( 'You do not have the capability to upload files.', 'maxgalleria-media-library' ); 3660 die(); 3661 } 3662 3663 // Input: file id 3664 $file_id = isset( $_POST['image_id'] ) ? absint( wp_unslash( $_POST['image_id'] ) ) : 0; 3665 if ( ! $file_id ) { 3666 echo esc_html__( 'Invalid image ID.', 'maxgalleria-media-library' ); 3667 die(); 3668 } 3669 3670 // Input: new file name (base name, without extension; extension is kept from original) 3671 $new_file_name = isset( $_POST['new_file_name'] ) ? trim( sanitize_text_field( wp_unslash( $_POST['new_file_name'] ) ) ) : ''; 3672 if ( $new_file_name === '' ) { 3673 echo esc_html__( 'Invalid file name.', 'maxgalleria-media-library' ); 3674 die(); 3675 } 3676 3677 // Do not allow whitespace 3678 if ( preg_match( '/\s/', $new_file_name ) ) { 3679 echo esc_html__( 'The file name cannot contain spaces or tabs.', 'maxgalleria-media-library' ); 3680 die(); 3681 } 3682 3683 // Block path traversal / separators explicitly 3684 if ( strpos( $new_file_name, '/' ) !== false || strpos( $new_file_name, '\\' ) !== false || strpos( $new_file_name, '..' ) !== false ) { 3685 echo esc_html__( 'Invalid file name.', 'maxgalleria-media-library' ); 3686 die(); 3687 } 3688 3689 // Sanitize base name (no extension expected here) 3690 $new_file_name = sanitize_file_name( $new_file_name ); 3691 if ( $new_file_name === '' ) { 3692 echo esc_html__( 'Invalid file name.', 'maxgalleria-media-library' ); 3693 die(); 3694 } 3695 3696 /** 3697 * Object-level authorization (IDOR fix) 3698 * - Must be allowed to edit this attachment 3699 * - Owner-only unless admin-like 3700 */ 3701 $post = get_post( $file_id ); 3702 if ( ! $post || $post->post_type !== 'attachment' ) { 3703 echo esc_html__( 'The file does not exist on this site.', 'maxgalleria-media-library' ); 3704 die(); 3705 } 3706 3707 if ( ! current_user_can( 'edit_post', $file_id ) ) { 3708 echo esc_html__( 'You are not allowed to rename this file.', 'maxgalleria-media-library' ); 3709 die(); 3710 } 3711 3712 $is_admin_like = current_user_can( 'manage_options' ); 3713 if ( ! $is_admin_like && (int) $post->post_author !== (int) get_current_user_id() ) { 3714 echo esc_html__( 'You are not allowed to rename files you do not own.', 'maxgalleria-media-library' ); 3715 die(); 3716 } 3717 3718 // Fetch current attached file path 3719 $sql = $wpdb->prepare( 3720 "SELECT p.ID, pm.meta_value AS attached_file, p.post_title, p.post_name 3721 FROM {$wpdb->posts} p 3722 LEFT JOIN {$wpdb->postmeta} pm 3723 ON (pm.post_id = p.ID AND pm.meta_key = %s) 3724 WHERE p.ID = %d", 3725 '_wp_attached_file', 3726 $file_id 3727 ); 3728 3729 $row = $wpdb->get_row( $sql ); 3730 3731 if ( empty( $row ) ) { 3732 echo esc_html__( 'The file does not exist on this site.', 'maxgalleria-media-library' ); 3733 die(); 3734 } 3735 3736 // Build locations/paths 3737 $image_location = $this->build_location_url( $row->attached_file ); 3738 3739 // Preserve alt text 3740 $alt_text = get_post_meta( $file_id, '_wp_attachment_image_alt', true ); 3741 3742 // Keep original extension, but allow changing base name 3743 $original_ext = pathinfo( $image_location, PATHINFO_EXTENSION ); 3744 $full_new_file_name = $new_file_name . '.' . $original_ext; 3745 3746 $destination_path = $this->get_absolute_path( pathinfo( $image_location, PATHINFO_DIRNAME ) ); 3747 $new_file_name = wp_unique_filename( $destination_path, $full_new_file_name, null ); 3748 3749 $new_file_title = $this->remove_extension( $new_file_name ); 3750 3751 $old_file_path = $this->get_absolute_path( $image_location ); 3752 3753 $new_file_url = pathinfo( $image_location, PATHINFO_DIRNAME ) . DIRECTORY_SEPARATOR . $new_file_name; 3754 3755 if ( is_multisite() ) { 3756 $url_slug = 'site' . $blog_id . '/'; 3757 $new_file_url = str_replace( $url_slug, '', $new_file_url ); 3758 } 3759 3760 $new_file_path = $this->get_absolute_path( $new_file_url ); 3761 3762 if ( $this->is_windows() ) { 3763 $old_file_path = str_replace( '\\', '/', $old_file_path ); 3764 $new_file_path = str_replace( '\\', '/', $new_file_path ); 3765 } 3766 3767 $rename_image_location = $this->get_base_file( $image_location ); 3768 $rename_destination = $this->get_base_file( $new_file_url ); 3769 3770 $position = strrpos( $image_location, '.' ); 3771 $image_location_no_extension = ( $position !== false ) ? substr( $image_location, 0, $position ) : $image_location; 3772 3773 // Rename file on disk 3774 if ( rename( $old_file_path, $new_file_path ) ) { 3775 3776 /** 3777 * Keep explicit thumbnail deletion (as requested / real-world behavior) 3778 * Guard for missing metadata or missing sizes. 3779 */ 3780 $metadata = wp_get_attachment_metadata( $file_id ); 3781 $path_to_thumbnails = pathinfo( $old_file_path, PATHINFO_DIRNAME ); 3782 3783 if ( is_array( $metadata ) && isset( $metadata['sizes'] ) && is_array( $metadata['sizes'] ) ) { 3784 foreach ( $metadata['sizes'] as $source_path ) { 3785 if ( empty( $source_path['file'] ) ) { 3786 continue; 3787 } 3788 3789 $thumbnail_file = $path_to_thumbnails . DIRECTORY_SEPARATOR . $source_path['file']; 3790 3791 if ( $is_IIS || strtoupper( substr( PHP_OS, 0, 3 ) ) === 'WIN' || strtoupper( substr( PHP_OS, 0, 13 ) ) === 'MICROSOFT-IIS' ) { 3792 $thumbnail_file = str_replace( '/', '\\', $thumbnail_file ); 3793 } 3794 3795 if ( file_exists( $thumbnail_file ) ) { 3796 unlink( $thumbnail_file ); 3797 } 3798 } 3799 } 3800 3801 // Update attachment post record 3802 $data = array( 3803 'guid' => $new_file_url, 3804 'post_title' => $new_file_title, 3805 'post_name' => $new_file_name, 3806 ); 3807 $where = array( 'ID' => $file_id ); 3808 $wpdb->update( $wpdb->posts, $data, $where ); 3809 3810 /** 3811 * IMPORTANT FIX: do NOT wipe all postmeta for this attachment. 3812 * This preserves ACF / SEO / custom fields. 3813 */ 3814 3815 // get the uploads dir name 3816 $basedir = $this->upload_dir['baseurl']; 3817 $uploads_dir_name_pos = strrpos( $basedir, '/' ); 3818 $uploads_dir_name = ( $uploads_dir_name_pos !== false ) ? substr( $basedir, $uploads_dir_name_pos + 1 ) : ''; 3819 3820 // find the name and cut off the part with the uploads path 3821 $string_position = ( $uploads_dir_name !== '' ) ? strpos( $new_file_url, $uploads_dir_name ) : false; 3822 $uploads_dir_length = strlen( $uploads_dir_name ) + 1; 3823 3824 if ( $string_position !== false ) { 3825 $uploads_location = substr( $new_file_url, $string_position + $uploads_dir_length ); 3826 } else { 3827 // Fallback: best-effort relative path 3828 $uploads_location = ltrim( $new_file_url, '/' ); 3829 } 3830 3831 if ( $this->is_windows() ) { 3832 $uploads_location = str_replace( '\\', '/', $uploads_location ); 3833 } 3834 3835 $uploads_location = ltrim( $uploads_location, '/' ); 3836 3837 update_post_meta( $file_id, '_wp_attached_file', $uploads_location ); 3838 3839 if ( strlen( trim( $alt_text ) ) > 0 ) { 3840 update_post_meta( $file_id, '_wp_attachment_image_alt', $alt_text ); 3841 } 3842 3843 // Regenerate metadata for the renamed file 3844 $attach_data = wp_generate_attachment_metadata( $file_id, $new_file_path ); 3845 wp_update_attachment_metadata( $file_id, $attach_data ); 3846 3847 // SiteOrigin Panels updates (unchanged) 3848 if ( class_exists( 'SiteOrigin_Panels' ) ) { 3849 $this->update_serial_postmeta_records( $rename_image_location, $rename_destination ); 3850 } 3851 3852 // Beaver Builder updates (hardened query, rest unchanged) 3853 if ( class_exists( 'FLBuilderLoader' ) ) { 3854 3855 $like = '%' . $wpdb->esc_like( $rename_image_location ) . '%'; 3856 $bb_sql = $wpdb->prepare( 3857 "SELECT ID FROM {$wpdb->posts} WHERE post_content LIKE %s", 3858 $like 3859 ); 3860 3861 $records = $wpdb->get_results( $bb_sql ); 3862 3863 foreach ( $records as $record ) { 3864 $this->update_bb_postmeta( $record->ID, $rename_image_location, $rename_destination ); 3865 } 3866 3867 // clearing BB caches 3868 if ( class_exists( 'FLBuilderModel' ) && method_exists( 'FLBuilderModel', 'delete_asset_cache_for_all_posts' ) ) { 3869 FLBuilderModel::delete_asset_cache_for_all_posts(); 3870 } 3871 if ( class_exists( 'FLCustomizer' ) && method_exists( 'FLCustomizer', 'clear_all_css_cache' ) ) { 3872 FLCustomizer::clear_all_css_cache(); 3873 } 3874 } 3875 3876 // Update post content links across posts (hardened query) 3877 $replace_sql = $wpdb->prepare( 3878 "UPDATE {$wpdb->posts} 3879 SET post_content = REPLACE(post_content, %s, %s)", 3880 $rename_image_location, 3881 $rename_destination 3882 ); 3883 $result = $wpdb->query( $replace_sql ); 3884 3885 // for updating wp pagebuilder (unchanged) 3886 if ( defined( 'WPPB_LICENSE' ) ) { 3887 $this->update_wppb_data( $image_location_no_extension, $new_file_url ); 3888 } 3889 3890 // for updating themify images (unchanged) 3891 if ( function_exists( 'themify_builder_activate' ) ) { 3892 $this->update_themify_data( $image_location_no_extension, $new_file_url ); 3893 } 3894 3895 // for updating elementor background images (unchanged) 3896 if ( is_plugin_active( "elementor/elementor.php" ) ) { 3897 $this->update_elementor_data( $file_id, $image_location_no_extension, $new_file_url ); 3898 } 3899 3900 echo esc_html__( 'Updating attachment links, please wait...The file was renamed', 'maxgalleria-media-library' ); 3901 die(); 3902 } 3903 3904 // If rename failed 3905 echo esc_html__( 'The file could not be renamed.', 'maxgalleria-media-library' ); 3906 die(); 3907 } 3421 3908 3422 public function maxgalleria_rename_image () {3909 public function maxgalleria_rename_image1() { 3423 3910 3424 3911 global $wpdb, $blog_id, $is_IIS; -
media-library-plus/trunk/mlp-reset.php
r3410874 r3459943 6 6 Author: Max Foundry 7 7 Author URI: https://maxfoundry.com 8 Version: 8.3. 68 Version: 8.3.7 9 9 Copyright 2015-2021 Max Foundry, LLC (https://maxfoundry.com) 10 10 Text Domain: mlp-reset -
media-library-plus/trunk/readme.txt
r3410874 r3459943 3 3 Tags: media library folders, media library folders, organize media library 4 4 Requires at least: 4.0 5 Tested up to: 6.9 6 Stable tag: 8.3. 65 Tested up to: 6.9.1 6 Stable tag: 8.3.7 7 7 License: GPLv2 or later 8 8 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 233 233 234 234 == Changelog == 235 = 8.3.7 = 236 * Added security enhancements 237 235 238 = 8.3.6 = 236 239 * Tested with Wordpress 6.9 237 240 238 = 8.3.5 = 241 = 8.3.5 = 239 242 * Updated the upgrade to pro page 240 243
Note: See TracChangeset
for help on using the changeset viewer.