From ca5fd1210308cf6d983a3e6c635f3849dc74c1f3 Mon Sep 17 00:00:00 2001
From: vedanshujain <vedanshu.jain.2012@gmail.com>
Date: Fri, 17 Jan 2020 19:34:16 +0530
Subject: [PATCH] Add setting to configure hash appends

---
 includes/admin/class-wc-admin-post-types.php        |  6 +++++-
 .../admin/settings/class-wc-settings-products.php   | 13 +++++++++++++
 tests/unit-tests/core/post-types-admin.php          |  2 +-
 3 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/includes/admin/class-wc-admin-post-types.php b/includes/admin/class-wc-admin-post-types.php
index 89dca248256..bc9323b616c 100644
--- a/includes/admin/class-wc-admin-post-types.php
+++ b/includes/admin/class-wc-admin-post-types.php
@@ -838,6 +838,10 @@ class WC_Admin_Post_Types {
 			return $full_filename;
 		}
 
+		if ( 'no' === get_option( 'woocommerce_downloads_add_hash_to_filename' ) ) {
+			return $full_filename;
+		}
+
 		return $this->unique_filename( $full_filename, $ext );
 	}
 
@@ -850,7 +854,7 @@ class WC_Admin_Post_Types {
 	 * @return string Modified filename.
 	 */
 	public function unique_filename( $full_filename, $ext ) {
-		$ideal_random_char_length = 32;
+		$ideal_random_char_length = 6;   // Not going with a larger length because then downloaded filename will not be pretty.
 		$max_filename_length      = 255; // Max file name length for most file systems.
 		$length_to_prepend        = min( $ideal_random_char_length, $max_filename_length - strlen( $full_filename ) - 1 );
 
diff --git a/includes/admin/settings/class-wc-settings-products.php b/includes/admin/settings/class-wc-settings-products.php
index 78a6a8331f9..16f04c6faa5 100644
--- a/includes/admin/settings/class-wc-settings-products.php
+++ b/includes/admin/settings/class-wc-settings-products.php
@@ -260,6 +260,19 @@ class WC_Settings_Products extends WC_Settings_Page {
 						'autoload'      => false,
 					),
 
+					array(
+						'title' => __( 'Filename', 'woocommerce' ),
+						'desc' => __( 'Append a unique string to filename for security', 'woocommerce' ),
+						'id' => 'woocommerce_downloads_add_hash_to_filename',
+						'type' => 'checkbox',
+						'default' => 'yes',
+						'desc_tip' => sprintf(
+							// translators: Link to WooCommerce Docs.
+							__( "Not required if you download directory is protected. <a href='%s'>See this guide</a> for more details. Files already uploaded will not be affected.", 'woocommerce' ),
+							'link to woocommerce docs' // TODO: Change this after updating docs.
+						),
+					),
+
 					array(
 						'type' => 'sectionend',
 						'id'   => 'digital_download_options',
diff --git a/tests/unit-tests/core/post-types-admin.php b/tests/unit-tests/core/post-types-admin.php
index 96ec62dd4f3..240bf0ca913 100644
--- a/tests/unit-tests/core/post-types-admin.php
+++ b/tests/unit-tests/core/post-types-admin.php
@@ -33,7 +33,7 @@ class WC_Test_Admin_Post_Types extends WC_Unit_Test_Case {
 		$ext = '.csv';
 
 		$unique_filename = $this->wc_cpt->unique_filename( $full_filename, $ext );
-		$this->assertEquals( strlen( $full_filename ) + 32 + 1, strlen( $unique_filename ) );
+		$this->assertEquals( strlen( $full_filename ) + 6 + 1, strlen( $unique_filename ) );
 		$this->assertEquals( $ext, substr( $unique_filename, -4 ) );
 	}