Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:woothemes/woocommerce

This commit is contained in:
Barry Kooij 2014-10-24 20:37:06 +02:00
parent 4eb50a198b c3023d4c8c
commit 4b510dc7d6
2 changed files with 234 additions and 202 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

434
includes/class-wc-download-handler.php
View File

@ -22,143 +22,175 @@ class WC_Download_Handler {
*/
public static function init() {
add_action( 'init', array( __CLASS__, 'download_product' ) );
add_action( 'woocommerce_download_file_redirect', array( __CLASS__, 'download_file_redirect' ), 10, 2 );
add_action( 'woocommerce_download_file_xsendfile', array( __CLASS__, 'download_file_xsendfile' ), 10, 2 );
add_action( 'woocommerce_download_file_force', array( __CLASS__, 'download_file_force' ), 10, 2 );
}
/**
* Check if we need to download a file and check validity
*/
public static function download_product() {
if ( isset( $_GET['download_file'] ) && isset( $_GET['order'] ) && isset( $_GET['email'] ) ) {
if ( ! isset( $_GET['download_file'] ) || ! isset( $_GET['order'] ) || ! isset( $_GET['email'] ) ) {
return;
}
global $wpdb;
$product_id = absint( $_GET['download_file'] );
$_product = wc_get_product( $product_id );
$order_key = wc_clean( $_GET['order'] );
$email = sanitize_email( str_replace( ' ', '+', $_GET['email'] ) );
$download_id = wc_clean( isset( $_GET['key'] ) ? preg_replace( '/\s+/', ' ', $_GET['key'] ) : '' );
$product_id = (int) $_GET['download_file'];
$order_key = $_GET['order'];
$email = sanitize_email( str_replace( ' ', '+', $_GET['email'] ) );
$download_id = isset( $_GET['key'] ) ? preg_replace( '/\s+/', ' ', $_GET['key'] ) : '';
$_product = wc_get_product( $product_id );
if ( ! is_email( $email ) ) {
wp_die( __( 'Invalid email address.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 403 ) );
}
if ( ! is_email( $email) ) {
wp_die( __( 'Invalid email address.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 403 ) );
}
$download_data = self::get_download_data( array(
'product_id' => $product_id,
'order_key' => $order_key,
'email' => $email,
'download_id' => $download_id
) );
$query = "
SELECT order_id,downloads_remaining,user_id,download_count,access_expires,download_id
FROM " . $wpdb->prefix . "woocommerce_downloadable_product_permissions
WHERE user_email = %s
AND order_key = %s
AND product_id = %s";
if ( ! $download_data ) {
wp_die( __( 'Invalid download.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
$args = array(
$email,
$order_key,
$product_id
);
self::check_current_user_can_download( $download_data );
self::count_download( $download_data );
do_action( 'woocommerce_download_product', $email, $order_key, $product_id, $download_data->user_id, $download_data->download_id, $download_data->order_id );
self::download( $_product->get_file_download_path( $download_id ), $product_id );
}
if ( $download_id ) {
// backwards compatibility for existing download URLs
$query .= " AND download_id = %s";
$args[] = $download_id;
}
/**
* Get a download from the database.
*
* @param array $args Contains email, order key, product id and download id
* @return object
*/
public static function get_download_data( $args = array() ) {
global $wpdb;
$download_result = $wpdb->get_row( $wpdb->prepare( $query, $args ) );
$query = "SELECT * FROM " . $wpdb->prefix . "woocommerce_downloadable_product_permissions ";
$query .= "WHERE user_email = %s ";
$query .= "AND order_key = %s ";
$query .= "AND product_id = %s ";
if ( ! $download_result ) {
wp_die( __( 'Invalid download.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
if ( $args['download_id'] ) {
$query .= "AND download_id = %s ";
}
$download_id = $download_result->download_id;
$order_id = $download_result->order_id;
$downloads_remaining = $download_result->downloads_remaining;
$download_count = $download_result->download_count;
$user_id = $download_result->user_id;
$access_expires = $download_result->access_expires;
return $wpdb->get_row( $wpdb->prepare( $query, array( $args['email'], $args['order_key'], $args['product_id'], $args['download_id'] ) ) );
}
if ( $user_id && get_option( 'woocommerce_downloads_require_login' ) == 'yes' ) {
if ( ! is_user_logged_in() ) {
if ( wc_get_page_id( 'myaccount' ) ) {
wp_safe_redirect( add_query_arg( 'wc_error', urlencode( __( 'You must be logged in to download files.', 'woocommerce' ) ), get_permalink( wc_get_page_id( 'myaccount' ) ) ) );
exit;
} else {
wp_die( __( 'You must be logged in to download files.', 'woocommerce' ) . ' <a href="' . esc_url( wp_login_url( get_permalink( wc_get_page_id( 'myaccount' ) ) ) ) . '" class="wc-forward">' . __( 'Login', 'woocommerce' ) . '</a>', __( 'Log in to Download Files', 'woocommerce' ), '', array( 'response' => 403 ) );
}
} elseif ( ! current_user_can( 'download_file', $download_result ) ) {
wp_die( __( 'This is not your download link.', 'woocommerce' ), '', array( 'response' => 403 ) );
/**
* Perform checks to see if the current user can download the file
* @param object $download_data
*/
public static function check_current_user_can_download( $download_data ) {
if ( $download_data->user_id && get_option( 'woocommerce_downloads_require_login' ) === 'yes' ) {
if ( ! is_user_logged_in() ) {
if ( wc_get_page_id( 'myaccount' ) ) {
wp_safe_redirect( add_query_arg( 'wc_error', urlencode( __( 'You must be logged in to download files.', 'woocommerce' ) ), get_permalink( wc_get_page_id( 'myaccount' ) ) ) );
exit;
} else {
wp_die( __( 'You must be logged in to download files.', 'woocommerce' ) . ' <a href="' . esc_url( wp_login_url( get_permalink( wc_get_page_id( 'myaccount' ) ) ) ) . '" class="wc-forward">' . __( 'Login', 'woocommerce' ) . '</a>', __( 'Log in to Download Files', 'woocommerce' ), '', array( 'response' => 403 ) );
}
} elseif ( ! current_user_can( 'download_file', $download_data ) ) {
wp_die( __( 'This is not your download link.', 'woocommerce' ), '', array( 'response' => 403 ) );
}
}
if ( ! get_post( $product_id ) ) {
wp_die( __( 'Product no longer exists.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
if ( ! get_post( $download_data->product_id ) ) {
wp_die( __( 'Product no longer exists.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
if ( $order_id ) {
$order = wc_get_order( $order_id );
if ( $download_data->order_id && ( $order = wc_get_order( $download_data->order_id ) ) && ! $order->is_download_permitted() ) {
wp_die( __( 'Invalid order.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
if ( ! $order->is_download_permitted() ) {
wp_die( __( 'Invalid order.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
}
if ( $download_data->downloads_remaining == '0' ) {
wp_die( __( 'Sorry, you have reached your download limit for this file', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 403 ) );
}
if ( $downloads_remaining == '0' ) {
wp_die( __( 'Sorry, you have reached your download limit for this file', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 403 ) );
}
if ( $access_expires > 0 && strtotime( $access_expires) < current_time( 'timestamp' ) ) {
wp_die( __( 'Sorry, this download has expired', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 403 ) );
}
if ( $downloads_remaining > 0 ) {
$wpdb->update( $wpdb->prefix . "woocommerce_downloadable_product_permissions", array(
'downloads_remaining' => $downloads_remaining - 1,
), array(
'user_email' => $email,
'order_key' => $order_key,
'product_id' => $product_id,
'download_id' => $download_id
), array( '%d' ), array( '%s', '%s', '%d', '%s' ) );
}
// Count the download
$wpdb->update( $wpdb->prefix . "woocommerce_downloadable_product_permissions", array(
'download_count' => $download_count + 1,
), array(
'user_email' => $email,
'order_key' => $order_key,
'product_id' => $product_id,
'download_id' => $download_id
), array( '%d' ), array( '%s', '%s', '%d', '%s' ) );
// Trigger action
do_action( 'woocommerce_download_product', $email, $order_key, $product_id, $user_id, $download_id, $order_id );
// Get the download URL and try to replace the url with a path
$file_path = $_product->get_file_download_path( $download_id );
// Download it!
self::download( $file_path, $product_id );
if ( $download_data->access_expires > 0 && strtotime( $download_data->access_expires) < current_time( 'timestamp' ) ) {
wp_die( __( 'Sorry, this download has expired', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 403 ) );
}
}
/**
* Log the download + increase counts
* @param object $download_data
*/
public static function count_download( $download_data ) {
global $wpdb;
if ( $download_data->downloads_remaining > 0 ) {
$wpdb->update(
$wpdb->prefix . "woocommerce_downloadable_product_permissions",
array(
'downloads_remaining' => $download_data->downloads_remaining - 1,
),
array(
'permission_id' => absint( $download_data->permission_id ),
),
array( '%d' ),
array( '%d' )
);
}
$wpdb->update(
$wpdb->prefix . "woocommerce_downloadable_product_permissions",
array(
'download_count' => $download_count + 1,
),
array(
'permission_id' => absint( $download_data->permission_id ),
),
array( '%d' ),
array( '%d' )
);
}
/**
* Download a file - hook into init function.
* @param integer $product_id
* @param string $file_path URL to file
* @param integer $product_id of the product being downloaded
*/
public static function download( $file_path, $product_id ) {
global $is_IE;
$file_download_method = apply_filters( 'woocommerce_file_download_method', get_option( 'woocommerce_file_download_method' ), $product_id );
if ( ! $file_path ) {
wp_die( __( 'No file defined', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
// Redirect to the file...
if ( $file_download_method == "redirect" ) {
header( 'Location: ' . $file_path );
exit;
$filename = basename( $file_path );
if ( strstr( $filename, '?' ) ) {
$filename = current( explode( '?', $filename ) );
}
// ...or serve it
$filename = apply_filters( 'woocommerce_file_download_filename', $filename, $product_id );
$file_download_method = apply_filters( 'woocommerce_file_download_method', get_option( 'woocommerce_file_download_method', 'force' ), $product_id );
// Trigger download via one of the methods
do_action( 'woocommerce_download_file_' . $file_download_method, $file_path, $filename );
}
/**
* Redirect to a file to start the download
* @param string $file_path
* @param string $filename
*/
public static function download_file_redirect( $file_path, $filename = '' ) {
header( 'Location: ' . $file_path );
exit;
}
/**
* Parse file path and see if its remote or local
* @param string $file_path
* @return array
*/
public static function parse_file_path( $file_path ) {
$remote_file = true;
$parsed_file_path = parse_url( $file_path );
@ -168,18 +200,18 @@ class WC_Download_Handler {
if ( ( ! isset( $parsed_file_path['scheme'] ) || ! in_array( $parsed_file_path['scheme'], array( 'http', 'https', 'ftp' ) ) ) && isset( $parsed_file_path['path'] ) && file_exists( $parsed_file_path['path'] ) ) {
/** This is an absolute path */
/// This is an absolute path
$remote_file = false;
} elseif( strpos( $file_path, $wp_uploads_url ) !== false ) {
/** This is a local file given by URL so we need to figure out the path */
// This is a local file given by URL so we need to figure out the path
$remote_file = false;
$file_path = str_replace( $wp_uploads_url, $wp_uploads_dir, $file_path );
} elseif( is_multisite() && ( strpos( $file_path, network_site_url( '/', 'http' ) ) !== false || strpos( $file_path, network_site_url( '/', 'https' ) ) !== false ) ) {
/** This is a local file outside of wp-content so figure out the path */
// This is a local file outside of wp-content so figure out the path
$remote_file = false;
// Try to replace network url
$file_path = str_replace( network_site_url( '/', 'https' ), ABSPATH, $file_path );
@ -189,29 +221,85 @@ class WC_Download_Handler {
} elseif( strpos( $file_path, site_url( '/', 'http' ) ) !== false || strpos( $file_path, site_url( '/', 'https' ) ) !== false ) {
/** This is a local file outside of wp-content so figure out the path */
// This is a local file outside of wp-content so figure out the path
$remote_file = false;
$file_path = str_replace( site_url( '/', 'https' ), ABSPATH, $file_path );
$file_path = str_replace( site_url( '/', 'http' ), ABSPATH, $file_path );
} elseif ( file_exists( ABSPATH . $file_path ) ) {
/** Path needs an abspath to work */
// Path needs an abspath to work
$remote_file = false;
$file_path = ABSPATH . $file_path;
}
if ( ! $remote_file ) {
// Remove Query String
if ( strstr( $file_path, '?' ) ) {
$file_path = current( explode( '?', $file_path ) );
}
return array(
'remote_file' => $remote_file,
'file_path' => $file_path
);
}
// Run realpath
$file_path = realpath( $file_path );
/**
* Download a file using X-Sendfile, X-Lighttpd-Sendfile, or X-Accel-Redirect if available
* @param string $file_path
* @param string $filename
*/
public static function download_file_xsendfile( $file_path, $filename ) {
extract( self::parse_file_path( $file_path ) );
// Path fix - kudos to Jason Judge
if ( getcwd() ) {
$xsendfile_path = trim( preg_replace( '`^' . str_replace( '\\', '/', getcwd() ) . '`' , '', $file_path ), '/' );
}
// Get extension and type
if ( function_exists( 'apache_get_modules' ) && in_array( 'mod_xsendfile', apache_get_modules() ) ) {
self::download_headers( $file_path, $filename );
header( "Content-Disposition: attachment; filename=\"" . $filename . "\";" );
header( "X-Sendfile: $xsendfile_path" );
exit;
} elseif ( stristr( getenv( 'SERVER_SOFTWARE' ), 'lighttpd' ) ) {
self::download_headers( $file_path, $filename );
header( "Content-Disposition: attachment; filename=\"" . $filename . "\";" );
header( "X-Lighttpd-Sendfile: $xsendfile_path" );
exit;
} elseif ( stristr( getenv( 'SERVER_SOFTWARE' ), 'nginx' ) || stristr( getenv( 'SERVER_SOFTWARE' ), 'cherokee' ) ) {
self::download_headers( $file_path, $filename );
header( "Content-Disposition: attachment; filename=\"" . $filename . "\";" );
header( "X-Accel-Redirect: /$xsendfile_path" );
exit;
}
// Fallback
self::download_file_force( $file_path, $filename );
}
/**
* Force download - this is the default method
* @param string $file_path
* @param string $filename
*/
public static function download_file_force( $file_path, $filename ) {
extract( self::parse_file_path( $file_path ) );
self::download_headers( $file_path, $filename );
if ( ! self::readfile_chunked( $file_path ) ) {
if ( $remote_file ) {
self::download_file_redirect( $file_path );
} else {
wp_die( __( 'File not found', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
}
exit;
}
/**
* Get content type of a download
* @param string $file_path
* @return string
*/
public static function get_download_content_type( $file_path ) {
$file_extension = strtolower( substr( strrchr( $file_path, "." ), 1 ) );
$ctype = "application/force-download";
@ -223,7 +311,15 @@ class WC_Download_Handler {
}
}
// Start setting headers
return $ctype;
}
/**
* Set headers for the download
* @param string $file_path
* @param string $filename
*/
public static function download_headers( $file_path, $filename ) {
if ( ! ini_get('safe_mode') ) {
@set_time_limit(0);
}
@ -243,21 +339,18 @@ class WC_Download_Handler {
* Prevents errors, for example: transfer closed with 3 bytes remaining to read
*/
if ( ob_get_length() ) {
if ( ob_get_level() ) {
$levels = ob_get_level();
for ( $i = 0; $i < $levels; $i++ ) {
ob_end_clean(); // Zip corruption fix
}
} else {
ob_end_clean(); // Clear the output buffer
}
}
if ( $is_IE && is_ssl() ) {
if ( is_ssl() && ! empty( $GLOBALS['is_IE'] ) ) {
// IE bug prevents download via SSL when Cache Control and Pragma no-cache headers set.
header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' );
header( 'Cache-Control: private' );
@ -265,16 +358,8 @@ class WC_Download_Handler {
nocache_headers();
}
$filename = basename( $file_path );
if ( strstr( $filename, '?' ) ) {
$filename = current( explode( '?', $filename ) );
}
$filename = apply_filters( 'woocommerce_file_download_filename', $filename, $product_id );
header( "X-Robots-Tag: noindex, nofollow", true );
header( "Content-Type: " . $ctype );
header( "Content-Type: " . self::get_download_content_type( $file_path ) );
header( "Content-Description: File Transfer" );
header( "Content-Disposition: attachment; filename=\"" . $filename . "\";" );
header( "Content-Transfer-Encoding: binary" );
@ -282,90 +367,37 @@ class WC_Download_Handler {
if ( $size = @filesize( $file_path ) ) {
header( "Content-Length: " . $size );
}
if ( $file_download_method == 'xsendfile' ) {
// Path fix - kudos to Jason Judge
if ( getcwd() ) {
$file_path = trim( preg_replace( '`^' . str_replace( '\\', '/', getcwd() ) . '`' , '', $file_path ), '/' );
}
header( "Content-Disposition: attachment; filename=\"" . $filename . "\";" );
if ( function_exists( 'apache_get_modules' ) && in_array( 'mod_xsendfile', apache_get_modules() ) ) {
header("X-Sendfile: $file_path");
exit;
} elseif ( stristr( getenv( 'SERVER_SOFTWARE' ), 'lighttpd' ) ) {
header( "X-Lighttpd-Sendfile: $file_path" );
exit;
} elseif ( stristr( getenv( 'SERVER_SOFTWARE' ), 'nginx' ) || stristr( getenv( 'SERVER_SOFTWARE' ), 'cherokee' ) ) {
header( "X-Accel-Redirect: /$file_path" );
exit;
}
}
if ( $remote_file ) {
self::readfile_chunked( $file_path ) || header( 'Location: ' . $file_path );
} else {
self::readfile_chunked( $file_path ) || wp_die( __( 'File not found', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '" class="wc-forward">' . __( 'Go to homepage', 'woocommerce' ) . '</a>', '', array( 'response' => 404 ) );
}
exit;
}
/**
* readfile_chunked
*
* Reads file in chunks so big downloads are possible without changing PHP.INI - http://codeigniter.com/wiki/Download_helper_for_large_files/
* @param string $file
* @param bool $retbytes return bytes of file
* @return bool|int
* @todo Meaning of the return value? Last return is status of fclose?
*
* @param string $file
* @return bool Success or fail
*/
public static function readfile_chunked( $file, $retbytes = true ) {
public static function readfile_chunked( $file ) {
$chunksize = 1 * ( 1024 * 1024 );
$buffer = '';
$cnt = 0;
if ( file_exists( $file ) ) {
$handle = fopen( $file, 'r' );
if ( $handle === FALSE ) {
return FALSE;
if ( file_exists( $file ) || ( version_compare( PHP_VERSION, '5.4.0', '<' ) && ini_get( 'safe_mode' ) ) ) {
if ( ( $handle = @fopen( $file, 'r' ) ) === false ) {
return false;
}
} elseif ( version_compare( PHP_VERSION, '5.4.0', '<' ) && ini_get( 'safe_mode' ) ) {
$handle = @fopen( $file, 'r' );
if ( $handle === FALSE ) {
return FALSE;
while ( ! feof( $handle ) ) {
$buffer = fread( $handle, $chunksize );
echo $buffer;
if ( ob_get_length() ) {
ob_flush();
flush();
}
}
} else {
return FALSE;
return fclose( $handle );
}
while ( ! feof( $handle ) ) {
$buffer = fread( $handle, $chunksize );
echo $buffer;
if ( ob_get_length() ) {
ob_flush();
flush();
}
if ( $retbytes ) {
$cnt += strlen( $buffer );
}
}
$status = fclose( $handle );
if ( $retbytes && $status ) {
return $cnt;
}
return $status;
return false;
}
}

2
includes/wc-deprecated-functions.php
View File

@ -57,7 +57,7 @@ function woocommerce_create_page( $slug, $option = '', $page_title = '', $page_c
*/
function woocommerce_readfile_chunked( $file, $retbytes = true ) {
_deprecated_function( 'woocommerce_readfile_chunked', '2.1', 'WC_Download_Handler::readfile_chunked()' );
return WC_Download_Handler::readfile_chunked( $file, $retbytes );
return WC_Download_Handler::readfile_chunked( $file );
}
/**