Sync with GITHUB:

* Don't delete so many files on blogs with static homepages. #175
* Discourage use of file locking because semaphores cause problems and it's not needed. #174
* Reorganise the settings page in small ways #173
* Fixed XSS in settings page. Props @jaypatel #172



git-svn-id: http://plugins.svn.wordpress.org/wp-super-cache/trunk@1587563 b8457f37-d9ea-0310-8a92-e5e31aec5664

ossdl-cdn.php

@@ -132,6 +132,8 @@ function scossdl_off_options() {
 		update_option('ossdl_off_include_dirs', $_POST['ossdl_off_include_dirs'] == '' ? 'wp-content,wp-includes' : $_POST['ossdl_off_include_dirs']);
 		update_option('ossdl_off_exclude', $_POST['ossdl_off_exclude']);
 		update_option('ossdl_cname', $_POST['ossdl_cname']);
+		if ( !isset( $_POST[ 'ossdl_https' ] ) )
+			$_POST[ 'ossdl_https' ] = 0;
 		update_option('ossdl_https', (int)$_POST['ossdl_https']);
 		if ( isset( $_POST[ 'ossdlcdn' ] ) ) {
 			$ossdlcdn = 1;
@@ -163,7 +165,7 @@ function scossdl_off_options() {
 			<tr valign="top">
 				<th scope="row"><label for="ossdl_off_cdn_url"><?php _e( 'Off-site URL', 'wp-super-cache' ); ?></label></th>
 				<td>
-					<input type="text" name="ossdl_off_cdn_url" value="<?php echo(get_option('ossdl_off_cdn_url')); ?>" size="64" class="regular-text code" /><br />
+					<input type="text" name="ossdl_off_cdn_url" value="<?php echo esc_url( get_option( 'ossdl_off_cdn_url' ) ); ?>" size="64" class="regular-text code" /><br />
 					<span class="description"><?php printf( __( 'The new URL to be used in place of %1$s for rewriting. No trailing <code>/</code> please.<br />Example: <code>%2$s</code>.', 'wp-super-cache' ), get_option( 'siteurl' ), $example_cdn_uri ); ?></span>
 				</td>
 			</tr>

readme.txt

@@ -58,15 +58,15 @@ The cache directory, usually wp-content/cache/ is only for temporary files. Do n
 
 == Upgrade Notice ==
 
-= 1.4.8 =
-Removed malware URL in a code comment.
+= 1.4.9 =
 
 == Changelog ==
 
 = 1.4.9 =
-* Fixed bug when by not running sem_remove after sem_release. See https://github.com/Automattic/wp-super-cache/issues/85
+* Fixed bug when not running sem_remove after sem_release. See https://github.com/Automattic/wp-super-cache/issues/85
 * Fixed a PHP error impacting PHP 7.1.
 * Fixed a bug where we cached PUT and DELETE requests. We're treating them like POST requests now.
+* Delete supercache cache files, even when supercache is disabled, because mod_rewrite rules might still be active.
 
 = 1.4.8 =
 * Removed malware URL in a code comment. (harmless to operation of plugin but gets flagged by A/V software)

wp-cache-phase2.php

@@ -158,7 +158,7 @@ function wp_cache_is_rejected($uri) {
 function wp_cache_mutex_init() {
 	global $mutex, $wp_cache_mutex_disabled, $use_flock, $blog_cache_dir, $mutex_filename, $sem_id;
 
-	if( isset( $wp_cache_mutex_disabled) && $wp_cache_mutex_disabled )
+	if ( defined( 'WPSC_DISABLE_LOCKING' ) || ( isset( $wp_cache_mutex_disabled ) && $wp_cache_mutex_disabled ) )
 		return true;
 
 	if( !is_bool( $use_flock ) ) {
@@ -175,14 +175,14 @@ function wp_cache_mutex_init() {
 		$mutex = @fopen( $blog_cache_dir . $mutex_filename, 'w' );
 	} else {
 		wp_cache_debug( "Created mutex lock on semaphore: {$sem_id}", 5 );
-		$mutex = @sem_get( $sem_id, 1, 0644 | IPC_CREAT, 1 );
+		$mutex = @sem_get( $sem_id, 1, 0666, 1 );
 	}
 }
 
 function wp_cache_writers_entry() {
 	global $mutex, $wp_cache_mutex_disabled, $use_flock;
 
-	if( isset( $wp_cache_mutex_disabled ) && $wp_cache_mutex_disabled )
+	if ( defined( 'WPSC_DISABLE_LOCKING' ) || ( isset( $wp_cache_mutex_disabled ) && $wp_cache_mutex_disabled ) )
 		return true;
 
 	if( !$mutex ) {
@@ -195,7 +195,7 @@ function wp_cache_writers_entry() {
 		flock($mutex,  LOCK_EX);
 	} else {
 		wp_cache_debug( "grabbing lock using sem_acquire()", 5 );
-		sem_acquire($mutex);
+		@sem_acquire($mutex);
 	}
 
 	return true;
@@ -204,7 +204,7 @@ function wp_cache_writers_entry() {
 function wp_cache_writers_exit() {
 	global $mutex, $wp_cache_mutex_disabled, $use_flock;
 
-	if( isset( $wp_cache_mutex_disabled ) && $wp_cache_mutex_disabled )
+	if ( defined( 'WPSC_DISABLE_LOCKING' ) || ( isset( $wp_cache_mutex_disabled ) && $wp_cache_mutex_disabled ) )
 		return true;
 
 	if( !$mutex ) {
@@ -217,8 +217,9 @@ function wp_cache_writers_exit() {
 		flock( $mutex,  LOCK_UN );
 	} else {
 		wp_cache_debug( "releasing lock using sem_release() and sem_remove()", 5 );
-		sem_release( $mutex );
-		sem_remove( $mutex );
+		@sem_release( $mutex );
+		if ( defined( "WPSC_REMOVE_SEMAPHORE" ) )
+			@sem_remove( $mutex );
 	}
 }
 
@@ -1132,21 +1133,19 @@ function wp_cache_post_id_gc( $siteurl, $post_id, $all = 'all' ) {
 	$permalink = trailingslashit( str_replace( get_option( 'home' ), '', get_permalink( $post_id ) ) );
 	$dir = get_current_url_supercache_dir( $post_id );
 	wp_cache_debug( "wp_cache_post_id_gc post_id: $post_id " . get_permalink( $post_id ) . " clearing cache in $dir.", 4 );
-	if ( $all == 'all' ) {
+	if ( $all ) {
 		prune_super_cache( $dir, true, true );
 		do_action( 'gc_cache', 'prune', $permalink );
 		@rmdir( $dir );
+		wp_cache_debug( "wp_cache_post_id_gc clearing cache in {$supercache_home}page/." );
+		$supercache_home = get_supercache_dir();
+		prune_super_cache( $supercache_home . 'page/', true );
+		do_action( 'gc_cache', 'prune', 'page/' );
 	} else {
 		wp_cache_debug( "wp_cache_post_id_gc clearing cached index files in $dir.", 4 );
 		prune_super_cache( $dir, true, true ); 
 		do_action( 'gc_cache', 'prune', $permalink );
 	}
-	wp_cache_debug( "wp_cache_post_id_gc clearing cache in {$dir}/page/.", 4 );
-	prune_super_cache( $dir . '/page/', true );
-	$supercache_home = get_supercache_dir();
-	wp_cache_debug( "wp_cache_post_id_gc clearing cache in {$supercache_home}/page/.", 4 );
-	prune_super_cache( $supercache_home . '/page/', true );
-	do_action( 'gc_cache', 'prune', '/page/' );
 }
 
 function wp_cache_post_change( $post_id ) {
@@ -1181,6 +1180,11 @@ function wp_cache_post_change( $post_id ) {
 		$all = true;
 	}
 
+	$all_backup = $all;
+	$all = apply_filters( 'wpsc_delete_related_pages_on_edit', $all ); // return 0 to disable deleting homepage and other pages.
+	if ( $all != $all_backup )
+		wp_cache_debug( 'wp_cache_post_change: $all changed by wpsc_delete_related_pages_on_edit filter: ' . intval( $all ) );
+
 	if ( $wp_cache_object_cache )
 		reset_oc_version();
 
@@ -1190,7 +1194,7 @@ function wp_cache_post_change( $post_id ) {
 	$dir = get_supercache_dir();
 	$siteurl = trailingslashit( strtolower( preg_replace( '/:.*$/', '', str_replace( 'https://', '', str_replace( 'http://', '', get_option( 'home' ) ) ) ) ) );
 	// make sure the front page has a rebuild file
-	wp_cache_post_id_gc( $siteurl, $post_id );
+	wp_cache_post_id_gc( $siteurl, $post_id, $all );
 	if ( $all == true ) {
 		wp_cache_debug( "Post change: supercache enabled: deleting cache files in " . $cache_path . 'supercache/' . $siteurl, 4 );
 		$files_to_check = get_all_supercache_filenames( $dir );
@@ -1205,7 +1209,6 @@ function wp_cache_post_change( $post_id ) {
 	if( $all == true && get_option( 'show_on_front' ) == 'page' ) {
 		wp_cache_debug( "Post change: deleting page_on_front and page_for_posts pages.", 4 );
 		wp_cache_debug( "Post change: page_on_front " . get_option( 'page_on_front' ), 4 );
-		wp_cache_post_id_gc( $siteurl, get_option( 'page_on_front' ), 'single' );
 		$permalink = trailingslashit( str_replace( get_option( 'home' ), '', get_permalink( get_option( 'page_for_posts' ) ) ) );
 		$files_to_check = get_all_supercache_filenames( $dir . $permalink );
 		foreach( $files_to_check as $cache_file ) {

wp-cache.php

@@ -428,8 +428,11 @@ function admin_bar_delete_page() {
 		if ( false == wp_cache_confirm_delete( $path ) || substr( $path, 0, strlen( get_supercache_dir() ) ) != get_supercache_dir() )
 			die( "Could not delete directory" );
 		$files = get_all_supercache_filenames( $path );
+		// remove supercache dir again to get safe URL path
+		$path = str_replace( get_supercache_dir(), '/', $path );
 		foreach( $files as $cache_file )
-			prune_super_cache( $path . $cache_file, true );
+			wpsc_delete_directory( $cache_file, true );
+			//prune_super_cache( $path . $cache_file, true );
 
 		wp_redirect( preg_replace( '/[ <>\'\"\r\n\t\(\)]/', '', $_GET[ 'path' ] ) );
 		die();
@@ -2691,7 +2694,7 @@ function wp_cache_delete_buttons() {
 	if ( ( defined( 'VHOST' ) || ( defined( 'WP_ALLOW_MULTISITE' ) && constant( 'WP_ALLOW_MULTISITE' ) == true ) ) && wpsupercache_site_admin() ) {
 		echo '<form name="wp_cache_content_delete" action="#listfiles" method="post">';
 		echo '<input type="hidden" name="wp_delete_all_cache" />';
-		echo '<div class="submit" style="float:left;margin-left:10px"><input id="deleteallpost" class="button-secondary" type="submit" ' . SUBMITDISABLED . 'value="' . __( 'Delete Cache On All Blogs', 'wp-super-cache' ) . '" />';
+		echo '<div class="submit" style="float:left;margin-left:10px"><input id="deleteallpost" class="button-secondary" type="submit" ' . SUBMITDISABLED . 'value="' . __( 'Delete Cache On All Blogs', 'wp-super-cache' ) . '" /></div>';
 		wp_nonce_field('wp-cache');
 		echo "</form>\n";
 	}