From 6bed7bff94ddf6eecb0d062c7fa3f044613f3a54 Mon Sep 17 00:00:00 2001
From: toddlahman <toddlahman@gmail.com>
Date: Tue, 26 Nov 2013 07:27:46 -0800
Subject: [PATCH] escape download handler URLs

---
 includes/class-wc-download-handler.php | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/includes/class-wc-download-handler.php b/includes/class-wc-download-handler.php
index 15574c28779..27091688cec 100644
--- a/includes/class-wc-download-handler.php
+++ b/includes/class-wc-download-handler.php
@@ -34,7 +34,7 @@ class WC_Download_Handler {
 			$_product             = get_product( $product_id );
 
 			if ( ! is_email( $email) )
-				wp_die( __( 'Invalid email address.', 'woocommerce' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+				wp_die( __( 'Invalid email address.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 
 			$query = "
 				SELECT order_id,downloads_remaining,user_id,download_count,access_expires,download_id
@@ -58,7 +58,7 @@ class WC_Download_Handler {
 			$download_result = $wpdb->get_row( $wpdb->prepare( $query, $args ) );
 
 			if ( ! $download_result )
-				wp_die( __( 'Invalid download.', 'woocommerce' ) . ' <a href="'.home_url().'">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+				wp_die( __( 'Invalid download.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 
 			$download_id 			= $download_result->download_id;
 			$order_id 				= $download_result->order_id;
@@ -70,7 +70,7 @@ class WC_Download_Handler {
 			if ( $user_id && get_option( 'woocommerce_downloads_require_login' ) == 'yes' ) {
 
 				if ( ! is_user_logged_in() )
-					wp_die( __( 'You must be logged in to download files.', 'woocommerce' ) . ' <a href="' . wp_login_url( get_permalink( wc_get_page_id( 'myaccount' ) ) ) . '">' . __( 'Login &rarr;', 'woocommerce' ) . '</a>', __( 'Log in to Download Files', 'woocommerce' ) );
+					wp_die( __( 'You must be logged in to download files.', 'woocommerce' ) . ' <a href="' . esc_url( wp_login_url( get_permalink( wc_get_page_id( 'myaccount' ) ) ) ) . '">' . __( 'Login &rarr;', 'woocommerce' ) . '</a>', __( 'Log in to Download Files', 'woocommerce' ) );
 
 				elseif ( !current_user_can( 'download_file', $download_result ) )
 					wp_die( __( 'This is not your download link.', 'woocommerce' ) );
@@ -78,20 +78,20 @@ class WC_Download_Handler {
 			}
 
 			if ( ! get_post( $product_id ) )
-				wp_die( __( 'Product no longer exists.', 'woocommerce' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+				wp_die( __( 'Product no longer exists.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 
 			if ( $order_id ) {
 				$order = new WC_Order( $order_id );
 
 				if ( ! $order->is_download_permitted() || $order->post_status != 'publish' )
-					wp_die( __( 'Invalid order.', 'woocommerce' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+					wp_die( __( 'Invalid order.', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 			}
 
 			if ( $downloads_remaining == '0' )
-				wp_die( __( 'Sorry, you have reached your download limit for this file', 'woocommerce' ) . ' <a href="'.home_url().'">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+				wp_die( __( 'Sorry, you have reached your download limit for this file', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 
 			if ( $access_expires > 0 && strtotime( $access_expires) < current_time( 'timestamp' ) )
-				wp_die( __( 'Sorry, this download has expired', 'woocommerce' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+				wp_die( __( 'Sorry, this download has expired', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 
 			if ( $downloads_remaining > 0 ) {
 				$wpdb->update( $wpdb->prefix . "woocommerce_downloadable_product_permissions", array(
@@ -134,7 +134,7 @@ class WC_Download_Handler {
 		$file_download_method = apply_filters( 'woocommerce_file_download_method', get_option( 'woocommerce_file_download_method' ), $product_id );
 
 		if ( ! $file_path )
-			wp_die( __( 'No file defined', 'woocommerce' ) . ' <a href="'.home_url().'">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+			wp_die( __( 'No file defined', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 
 		// Redirect to the file...
 		if ( $file_download_method == "redirect" ) {
@@ -160,7 +160,7 @@ class WC_Download_Handler {
 				$site_url = is_ssl() ? str_replace( 'https:', 'http:', site_url() ) : site_url();
 			}
 
-			$file_path   = str_replace( trailingslashit( $site_url ), ABSPATH, $file_path );
+			$file_path   = str_replace( trailingslashit( esc_url( $site_url ) ), ABSPATH, $file_path );
 
 		} else {
 
@@ -168,7 +168,7 @@ class WC_Download_Handler {
 			$upload_dir  = wp_upload_dir();
 
 			// Try to replace network url
-			$file_path   = str_replace( trailingslashit( $network_url ), ABSPATH, $file_path );
+			$file_path   = str_replace( trailingslashit( esc_url( $network_url ) ), ABSPATH, $file_path );
 
 			// Now try to replace upload URL
 			$file_path   = str_replace( $upload_dir['baseurl'], $upload_dir['basedir'], $file_path );
@@ -264,7 +264,7 @@ class WC_Download_Handler {
         if ( $remote_file )
         	$this->readfile_chunked( $file_path ) or header( 'Location: ' . $file_path );
         else
-        	$this->readfile_chunked( $file_path ) or wp_die( __( 'File not found', 'woocommerce' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
+        	$this->readfile_chunked( $file_path ) or wp_die( __( 'File not found', 'woocommerce' ) . ' <a href="' . esc_url( home_url() ) . '">' . __( 'Go to homepage &rarr;', 'woocommerce' ) . '</a>' );
 
         exit;
 	}
@@ -306,4 +306,4 @@ class WC_Download_Handler {
 	}
 }
 
-new WC_Download_Handler();
\ No newline at end of file
+new WC_Download_Handler();