Changeset 433681
- Timestamp:
- 09/05/2011 07:39:38 PM (15 years ago)
- Location:
- dukapress/trunk
- Files:
-
- 5 edited
-
dukapress.php (modified) (2 diffs)
-
lib/timthumb.php (modified) (22 diffs)
-
php/dp-cart.php (modified) (1 diff)
-
php/dp-payment.php (modified) (1 diff)
-
readme.txt (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
dukapress/trunk/dukapress.php
r421103 r433681 3 3 Plugin Name: DukaPress Shopping Cart 4 4 Description: DukaPress Shopping Cart 5 Version: 2.3. 35 Version: 2.3.4 6 6 Author: NetMadeEz and Nickel Pro 7 7 Author URI: http://dukapress.org/ … … 9 9 */ 10 10 11 $dp_version = 2.3 3;11 $dp_version = 2.34; 12 12 13 13 require_once('php/dp-products.php'); -
dukapress/trunk/lib/timthumb.php
r421093 r433681 21 21 22 22 */ 23 define ('VERSION', '2. 5'); // Version of this script23 define ('VERSION', '2.8'); // Version of this script 24 24 //Load a config file if it exists. Otherwise, use the values below. 25 25 if( file_exists('timthumb-config.php')) require_once('timthumb-config.php'); … … 44 44 if(! defined('BROWSER_CACHE_DISABLE') ) define ('BROWSER_CACHE_DISABLE', false); // Use for testing if you want to disable all browser caching 45 45 46 //Image size 46 //Image size and defaults 47 47 if(! defined('MAX_WIDTH') ) define ('MAX_WIDTH', 1500); // Maximum image width 48 48 if(! defined('MAX_HEIGHT') ) define ('MAX_HEIGHT', 1500); // Maximum image height 49 if(! defined('NOT_FOUND_IMAGE') ) define ('NOT_FOUND_IMAGE', ''); //Image to serve if any 404 occurs 50 if(! defined('ERROR_IMAGE') ) define ('ERROR_IMAGE', ''); //Image to serve if an error occurs instead of showing error message 49 51 50 52 //Image compression is enabled if either of these point to valid paths 53 54 //These are now disabled by default because the file sizes of PNGs (and GIFs) are much smaller than we used to generate. 55 //They only work for PNGs. GIFs and JPEGs are not affected. 56 if(! defined('OPTIPNG_ENABLED') ) define ('OPTIPNG_ENABLED', false); 51 57 if(! defined('OPTIPNG_PATH') ) define ('OPTIPNG_PATH', '/usr/bin/optipng'); //This will run first because it gives better compression than pngcrush. 58 if(! defined('PNGCRUSH_ENABLED') ) define ('PNGCRUSH_ENABLED', false); 52 59 if(! defined('PNGCRUSH_PATH') ) define ('PNGCRUSH_PATH', '/usr/bin/pngcrush'); //This will only run if OPTIPNG_PATH is not set or is not valid 53 60 … … 96 103 if(! defined('WEBSHOT_COLOR_DEPTH') ) define ('WEBSHOT_COLOR_DEPTH', '24'); //I haven't tested anything besides 24 97 104 if(! defined('WEBSHOT_IMAGE_FORMAT') ) define ('WEBSHOT_IMAGE_FORMAT', 'png'); //png is about 2.5 times the size of jpg but is a LOT better quality 98 if(! defined('WEBSHOT_TIMEOUT') ) define ('WEBSHOT_TIMEOUT', ' 300'); //Seconds to wait for a webshot105 if(! defined('WEBSHOT_TIMEOUT') ) define ('WEBSHOT_TIMEOUT', '20'); //Seconds to wait for a webshot 99 106 if(! defined('WEBSHOT_USER_AGENT') ) define ('WEBSHOT_USER_AGENT', "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18"); //I hate to do this, but a non-browser robot user agent might not show what humans see. So we pretend to be Firefox 100 107 if(! defined('WEBSHOT_JAVASCRIPT_ON') ) define ('WEBSHOT_JAVASCRIPT_ON', true); //Setting to false might give you a slight speedup and block ads. But it could cause other issues. … … 126 133 class timthumb { 127 134 protected $src = ""; 135 protected $is404 = false; 128 136 protected $docRoot = ""; 129 137 protected $lastURLError = false; … … 164 172 global $ALLOWED_SITES; 165 173 $this->startTime = microtime(true); 174 date_default_timezone_set('UTC'); 166 175 $this->debug(1, "Starting new request from " . $this->getIP() . " to " . $_SERVER['REQUEST_URI']); 167 176 $this->calcDocRoot(); … … 178 187 } 179 188 $this->cacheDirectory = FILE_CACHE_DIRECTORY; 180 touch($this->cacheDirectory . '/index.php');181 189 touch($this->cacheDirectory . '/index.html'); 182 190 } else { … … 194 202 } 195 203 if(BLOCK_EXTERNAL_LEECHERS && array_key_exists('HTTP_REFERER', $_SERVER) && (! preg_match('/^https?:\/\/(?:www\.)?' . $this->myHost . '(?:$|\/)/i', $_SERVER['HTTP_REFERER']))){ 204 // base64 encoded red image that says 'no hotlinkers' 205 // nothing to worry about! :) 196 206 $imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAAwAAAJpjI+py+0Po5y0OgAMjjv01YUZ\nOGplhWXfNa6JCLnWkXplrcBmW+spbwvaVr/cDyg7IoFC2KbYVC2NQ5MQ4ZNao9Ynzjl9ScNYpneb\nDULB3RP6JuPuaGfuuV4fumf8PuvqFyhYtjdoeFgAADs="); 197 207 header('Content-Type: image/gif'); … … 241 251 $this->localImage = $this->getLocalImagePath($this->src); 242 252 if(! $this->localImage){ 253 $this->debug(1, "Could not find the local image: {$this->localImage}"); 243 254 $this->error("Could not find the internal image you specified."); 255 $this->set404(); 244 256 return false; 245 257 } … … 277 289 $this->debug(3, "webshot is NOT set so we're going to try to fetch a regular image."); 278 290 $this->serveExternalImage(); 291 279 292 } 280 293 } else { … … 286 299 protected function handleErrors(){ 287 300 if($this->haveErrors()){ 301 if(NOT_FOUND_IMAGE && $this->is404()){ 302 if($this->serveImg(NOT_FOUND_IMAGE)){ 303 exit(0); 304 } else { 305 $this->error("Additionally, the 404 image that is configured could not be found or there was an error serving it."); 306 } 307 } 308 if(ERROR_IMAGE){ 309 if($this->serveImg(ERROR_IMAGE)){ 310 exit(0); 311 } else { 312 $this->error("Additionally, the error image that is configured could not be found or there was an error serving it."); 313 } 314 } 315 288 316 $this->serveErrors(); 289 317 exit(0); … … 343 371 } else { 344 372 $this->debug(3, "Empty cachefile is still fresh so returning message saying we had an error fetching this image from remote host."); 373 $this->set404(); 345 374 $this->error("An error occured fetching image."); 346 375 return false; … … 673 702 } 674 703 //Straight from Wordpress core code. Reduces filesize by up to 70% for PNG's 675 if ( IMAGETYPE_PNG == $origType && function_exists('imageistruecolor') && !imageistruecolor( $image )){704 if ( (IMAGETYPE_PNG == $origType || IMAGETYPE_GIF == $origType) && function_exists('imageistruecolor') && !imageistruecolor( $image ) && imagecolortransparent( $image ) > 0 ){ 676 705 imagetruecolortopalette( $canvas, false, imagecolorstotal( $image ) ); 677 706 } … … 687 716 } else if(preg_match('/^image\/gif$/i', $mimeType)){ 688 717 $imgType = 'gif'; 689 image png($canvas, $tempfile, floor($quality * 0.09));718 imagegif($canvas, $tempfile); 690 719 } else { 691 720 return $this->sanityFail("Could not match mime type after verifying it previously."); 692 721 } 693 722 694 if( OPTIPNG_PATH && @is_file(OPTIPNG_PATH)){723 if($imgType == 'png' && OPTIPNG_ENABLED && OPTIPNG_PATH && @is_file(OPTIPNG_PATH)){ 695 724 $exec = OPTIPNG_PATH; 696 725 $this->debug(3, "optipng'ing $tempfile"); … … 707 736 $this->debug(1, "optipng did not change image size."); 708 737 } 709 } else if( PNGCRUSH_PATH && @is_file(PNGCRUSH_PATH)){738 } else if($imgType == 'png' && PNGCRUSH_ENABLED && PNGCRUSH_PATH && @is_file(PNGCRUSH_PATH)){ 710 739 $exec = PNGCRUSH_PATH; 711 740 $tempfile2 = tempnam($this->cacheDirectory, 'timthumb_tmpimg_'); … … 758 787 $this->debug(3, "Done image replace with security header. Cleaning up and running cleanCache()"); 759 788 imagedestroy($canvas); 789 imagedestroy($image); 760 790 return true; 761 791 } … … 776 806 } 777 807 } 778 if($docRoot ){ $docRoot = preg_replace('/\/$/', '', $docRoot); }808 if($docRoot && $_SERVER['DOCUMENT_ROOT'] != '/'){ $docRoot = preg_replace('/\/$/', '', $docRoot); } 779 809 $this->debug(3, "Doc root is: " . $docRoot); 780 810 $this->docRoot = $docRoot; … … 877 907 $this->debug(3, "Received output: $out"); 878 908 if(! is_file($tempfile)){ 909 $this->set404(); 879 910 return $this->error("The command to create a thumbnail failed."); 880 911 } … … 962 993 } 963 994 protected function sendImageHeaders($mimeType, $dataSize){ 995 if(! preg_match('/^image\//i', $mimeType)){ 996 $mimeType = 'image/' . $mimeType; 997 } 998 if(strtolower($mimeType) == 'image/jpg'){ 999 $mimeType = 'image/jpeg'; 1000 } 964 1001 $gmdate_expires = gmdate ('D, d M Y H:i:s', strtotime ('now +10 days')) . ' GMT'; 965 1002 $gmdate_modified = gmdate ('D, d M Y H:i:s') . ' GMT'; … … 992 1029 protected function openImage($mimeType, $src){ 993 1030 switch ($mimeType) { 994 case 'image/jpg': 995 $image = imagecreatefromjpeg ($src); 996 break; 1031 case 'image/jpg': //This isn't a valid mime type so we should probably remove it 997 1032 case 'image/jpeg': 998 1033 $image = imagecreatefromjpeg ($src); … … 1090 1125 $curlResult = curl_exec($curl); 1091 1126 fclose(self::$curlFH); 1092 1127 $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE); 1128 if($httpStatus == 404){ 1129 $this->set404(); 1130 } 1093 1131 if($curlResult){ 1094 1132 curl_close($curl); … … 1102 1140 $img = @file_get_contents ($url); 1103 1141 if($img === false){ 1104 $this->lastURLError = error_get_last(); 1142 $err = error_get_last(); 1143 if(is_array($err) && $err['message']){ 1144 $this->lastURLError = $err['message']; 1145 } else { 1146 $this->lastURLError = $err; 1147 } 1148 if(preg_match('/404/', $this->lastURLError)){ 1149 $this->set404(); 1150 } 1151 1105 1152 return false; 1106 1153 } … … 1113 1160 1114 1161 } 1162 protected function serveImg($file){ 1163 $s = getimagesize($file); 1164 if(! ($s && $s['mime'])){ 1165 return false; 1166 } 1167 header ('Content-Type: ' . $s['mime']); 1168 header ('Content-Length: ' . filesize($file) ); 1169 header ('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); 1170 header ("Pragma: no-cache"); 1171 $bytes = @readfile($file); 1172 if($bytes > 0){ 1173 return true; 1174 } 1175 $content = @file_get_contents ($file); 1176 if ($content != FALSE){ 1177 echo $content; 1178 return true; 1179 } 1180 return false; 1181 1182 } 1183 protected function set404(){ 1184 $this->is404 = true; 1185 } 1186 protected function is404(){ 1187 return $this->is404; 1188 } 1115 1189 } 1116 ?> -
dukapress/trunk/php/dp-cart.php
r398928 r433681 126 126 */ 127 127 add_action('wp_ajax_dpsc_empty_your_cart', 'dpsc_empty_cart'); 128 add_action('wp_ajax_no _priv_dpsc_empty_your_cart', 'dpsc_empty_cart');128 add_action('wp_ajax_nopriv_dpsc_empty_your_cart', 'dpsc_empty_cart'); 129 129 130 130 function dpsc_empty_cart() { -
dukapress/trunk/php/dp-payment.php
r398899 r433681 275 275 <input type="hidden" name="cartId" value="101KT0098" /> 276 276 <input type="hidden" name="amount" value="' . $dpsc_total . '" /> 277 <input type="hidden" name="testMode" value="' . $ dp_shopping_cart_settings['worldpay_testmode']. '" />277 <input type="hidden" name="testMode" value="' . $testModeVal . '" /> 278 278 <input type="hidden" name="name" value="' . $name . '" /> 279 279 <input type="hidden" name="address" value="' . $baddress . ' ' . $bcity . ' ' . $bstate . '" /> -
dukapress/trunk/readme.txt
r421103 r433681 6 6 Requires at least: 3.0 7 7 Tested up to: 3.2.1 8 Stable tag: 2.3. 38 Stable tag: 2.3.4 9 9 10 10 DukaPress is an open source e-commerce solution built for Wordpress. … … 41 41 1. [DukaPress Styles](http://dukapress.com/products/styles/ "DukaPress Styles - make DukaPress look good without getting a new theme") 42 42 1. [Shipping Pro](http://dukapress.com/products/shipping-pro/ "Shipping Pro - location-based shipping") 43 1. [List View](http://dukapress.com/products/list-view/ "DukaPress List View - display your products in a handy list") 43 44 44 45 Premium Themes: … … 105 106 106 107 == Changelog == 108 109 = 2.3.4 = 110 Some small, but annoying, bugs have been fixed. Timthumb updated for continued security. 107 111 108 112 = 2.3.3 = … … 188 192 == Upgrade Notice == 189 193 194 = 2.3.4 = 195 Bugfix release. 196 190 197 = 2.3.3 = 191 198 Security update.
Note: See TracChangeset
for help on using the changeset viewer.