wp-downloadmanager bug fix 1.68.1

This article has been written before more than 24months, information might old.

So if you want a WordPress plugin for managing downloads and to be capable of working with external URLs you can choose this plugin(wp-downloadmanager). Unfortunately on the WordPress plugin directory, there aren’t so many plugins that have in their design external URLs, of course, external URLs aren’t what you would want most of the time but there are some cases where such URLs are preferred and this was my case too.

After installing this plugin I detected that it had a bug exactly when working with external URLs. I had notified the author and he said that he might fix this bug.
The bug consists in unusable external download links saved in the database, this happens when the remote download URL is a bit ugly, and it contains characters like &,? and others instead of just slashes and maybe a dot. The reason for this bug is the usage of WordPress function wp_kses_post(), that will encode & in & and thus breaking the URL. I relly see no reason of using wp_kses_post() as that function is not for Sanitization of URLs if we look in the WordPress documentation we will see that the function for URL Sanitization should be esc_url_raw( $url, (array) $protocols = null ) (since 2.8).

Update:
I deleted my fix from here as the author of the plugin has fixed the issue.
( https://github.com/lesterchan/wp-downloadmanager/commit/ddba63d0680b6399f9caeed9e866282a3f1c9a8b )
That is very nice of him.

Share the joy

Leave a Reply