Nayeem Riddhi

Hello Thomas Gerber,

Hope you are well. And sorry for the inconvenience. Please kindly share the related URLs. if possible, please, give your temporary wp-admin login details in a private reply to check the issue.

Thank you and regards

Really sorry for the inconveneince. I have again requested for update information. Please kindly check .

Thank you

Hello Michael Wynn,

Hope you are well. Can you please elaborate more? Are you using download manager for showing PDFs, or downloading PDFs? Or you are facing issues with media library PDF files. Please kindly check and let me know.

Thank you and kind regards

Hello Paul,

This is a common security challenge when balancing CSP strictness with plugin functionality. Here are several approaches to work around the Download Manager’s unsafe-inline requirement:

## Immediate Solutions

1. Use a Nonce for Inline Styles
Instead of unsafe-inline, try implementing nonces for the Download Manager’s inline styles:

Content-Security-Policy: style-src 'self' 'nonce-[your-random-nonce]'

You’ll need to add the nonce attribute to any inline <style> tags the plugin generates.

2. Hash-Based Approach
Calculate SHA256 hashes of the specific inline styles and whitelist them:

Content-Security-Policy: style-src 'self' 'sha256-[hash-of-inline-style]'

## Better Long-term Solutions

3. Extract Inline Styles
– Create a separate CSS file containing the Download Manager’s styles
– Remove the inline styles from the plugin
– Include the CSS file with style-src 'self'

## Testing Your Implementation

Use browser dev tools to identify exactly which inline styles are being blocked, then target those specific elements with nonces or hashes.

Please kindly check.

Thank you and regards

I have again forwarded it to our related team authority. Please kindly check and let me know if you have any more queries.

Thank you and kind regards

Sorry for the inconveneince. We are checking the issue. I have already forwarded it to our related team authority regarding the issue. Please kindly check and let me know if you have any more queries. N

Thank you and kind regards

It may have a conflict between your plugins or theme. Am i able to disable one by one other plugins for testing if there any conflicts. I can also switch theme to another for checking. Please kindly check and let me know.

Thank you and kind regards

I have checked that, you are using old versions of WPDM add-ons, can you please kindly update the add-ons to the latest version, I hope it may then work properly for you. Please kindly check.

Thank you and kind regards

Please kindly check and let me know if you have any queries more. Please kindly check.

Thank you and kind regards

Here are the ways to override these functions in your theme’s functions.php:

# Simple WPDM Function Override in functions.php

Here are the ways to override these functions in your theme’s functions.php:

## Method 1: Direct Function Override (Recommended)

// Add to your theme's functions.php

// Override wpdm_user_has_access function
if (!function_exists('wpdm_user_has_access')) {
    function wpdm_user_has_access($id, $type = 'package') {
        $current_user = wp_get_current_user();
        
        if (!$id) {
            return false;
        }
        
        // Get allowed roles
        if ($type == 'package') {
            $roles = wpdm_allowed_roles($id);
        } else {
            // For categories - you may need to adjust this
            $roles = get_term_meta($id, '__wpdm_access', true);
            $roles = maybe_unserialize($roles);
        }

        if (!is_array($roles)) {
            $roles = array();
        }
        
        $matched = is_user_logged_in() ? array_intersect($current_user->roles, $roles) : array();

        // Check access conditions
        if ($type === 'category' && count($roles) == 0) {
            return true;
        }
        if (in_array('guest', $roles)) {
            return true;
        }
        if (count($matched) > 0) {
            return true;
        }

        return false;
    }
}

// Override wpdm_allowed_roles function
if (!function_exists('wpdm_allowed_roles')) {
    function wpdm_allowed_roles($id) {
        $roles = get_post_meta($id, '__wpdm_access', true);
        $roles = maybe_unserialize($roles);

        $cats = get_the_terms($id, 'wpdmcategory');
        if (!is_array($roles)) {
            $roles = array();
        }
        
        if (is_array($cats)) {
            foreach ($cats as $cat) {
                $croles = get_term_meta($cat->term_id, '__wpdm_access', true);
                $croles = maybe_unserialize($croles);
                if (is_array($croles)) {
                    $roles = array_merge($roles, $croles);
                }
            }
        }

        $roles = array_unique($roles);
        $roles = apply_filters("wpdm_allowed_roles", $roles, $id);
        
        if (!is_array($roles)) {
            $roles = array();
        }

        return $roles;
    }
}

## Method 2: Create Custom Versions

// Custom versions with your own names
function my_wpdm_user_has_access($id, $type = 'package') {
    // Your custom logic here
    $current_user = wp_get_current_user();
    
    if (!$id) return false;
    
    $roles = my_wpdm_allowed_roles($id);
    if (!is_array($roles)) $roles = array();
    
    $matched = is_user_logged_in() ? array_intersect($current_user->roles, $roles) : array();
    
    if (in_array('guest', $roles) || count($matched) > 0) {
        return true;
    }
    
    return false;
}

function my_wpdm_allowed_roles($id) {
    $roles = get_post_meta($id, '__wpdm_access', true);
    $roles = maybe_unserialize($roles);
    
    if (!is_array($roles)) {
        $roles = array();
    }
    
    // Apply your custom logic here
    $roles = apply_filters("my_wpdm_allowed_roles", $roles, $id);
    
    return $roles;
}

## Method 3: Using Filters to Modify Behavior

// Modify the allowed roles using existing filter
function modify_wpdm_allowed_roles($roles, $package_id) {
    // Add custom logic
    // Example: Always allow administrators
    if (!in_array('administrator', $roles)) {
        $roles[] = 'administrator';
    }
    
    // Example: Remove guest access for specific packages
    if ($package_id == 123 && in_array('guest', $roles)) {
        $roles = array_diff($roles, array('guest'));
    }
    
    return $roles;
}
add_filter('wpdm_allowed_roles', 'modify_wpdm_allowed_roles', 10, 2);

// Create custom access check filter
function custom_wpdm_access_check($has_access, $package_id, $user_id = null) {
    if ($user_id === null) {
        $user_id = get_current_user_id();
    }
    
    // Your custom access logic
    // Example: VIP users always have access
    if (user_can($user_id, 'vip_access')) {
        return true;
    }
    
    return $has_access;
}
// Apply this filter in your custom function

## Method 4: Wrapper Functions (Safest)

// Safe wrapper functions that fallback to originals
function safe_wpdm_user_has_access($id, $type = 'package') {
    // Try original function first
    if (function_exists('wpdm_user_has_access') && class_exists('WPDM')) {
        return wpdm_user_has_access($id, $type);
    }
    
    // Fallback logic
    return my_wpdm_user_has_access($id, $type);
}

function safe_wpdm_allowed_roles($id) {
    // Try original function first
    if (function_exists('wpdm_allowed_roles') && class_exists('WPDM')) {
        return wpdm_allowed_roles($id);
    }
    
    // Fallback logic
    return my_wpdm_allowed_roles($id);
}

## Usage Examples

// In your theme templates or other functions
if (safe_wpdm_user_has_access(123)) {
    echo "User has access to package 123";
}

$allowed_roles = safe_wpdm_allowed_roles(123);
if (in_array('subscriber', $allowed_roles)) {
    echo "Subscribers can access this package";
}

## Key Points:

– **Method 1** completely replaces the original functions
– **Method 2** creates parallel functions you control
– **Method 3** uses filters to modify existing behavior
– **Method 4** provides safe fallbacks

Choose the method that best fits your needs. Method 4 is recommended for production use as it’s the safest approach. Please kindly check.

Thank you and regards

I think this is a server issue. You can directly contact with your server administrator too for your issue. Please kindly check.

Thank you and kind regards

For cancelling auto-renew please send an order note from this Page by following This. Also, please let us know which feature we can add/improve or support we can give you. Please check and let me know if you have any queries.

Thank you and kind regards