Duplicate mo.php files

Thanks for flagging! In the new version, woocommerce-el.mo.php is the correct file extension. No idea how .mo.php.php could happen, that’s definitely wrong. At first glance I cannot reproduce it, but I’ll check it out more closely!

I see you have some backup PO file there as well. Are you using some other multilingual-related plugins on your site?

View post on imgur.com

Okay, i use loco translate on custom and default folder inside /language/ but, even though i have set auto_update_translation to false, in order not to download default plugins translations, so i use only on custom, they are downloaded and put on /plugins/, apart from /loco/plugins/ (which i have my default translations. I think when this download happens, your plugin detects both, and adds another php file, so it duplicated mo.php adding .php in the end, thus the mo.php.php file. I also have found that BOTH are run from your plugin, which makes it slower. For example when I have woocommerce plugin po both inside /plugins/ and /loco/plugins/ and it makes the performant translations why slower.

At last, I have some concerns about the secury of these approaches, since the po files which are downloaded automatically (and cant be stopped) are instanlty converted to .php and run on each page load, which could have implications. What are your plans to make this approach as secure as possible?

Thanks for the additional context! I see now that Loco Translate has some interesting logic. We’ll fix this in 1.0.5!

I also have found that BOTH are run from your plugin, which makes it slower.

Just having two files generated does not make them slower. Only one of them will be loaded. You can safely delete one if you’d like, but it also doesn’t hurt anything.

At last, I have some concerns about the secury of these approaches, since the po files which are downloaded automatically (and cant be stopped) are instantly converted to .php and run on each page load, which could have implications. What are your plans to make this approach as secure as possible?

There’s not really a security implication with this automatic generation. Any translation files are already trusted by WordPress, and the file conversion is just a convenience. Also, once we merge this into WordPress core, you’ll get the PHP files directly from translate.www.remarpro.com, mostly removing the need for the whole file conversion. That said, you can also completely disable the file conversion or PHP file usage in general using the provided filters.

Thank you, very good job.

But, Loco plugin indeed runs the php two times i have done many tests that can confirm it. For example if i have woocommerce po both on languages/loco/plugins (custom) and language/plugins (system), its significantly slower (0.1s), while immediatelly when i delete one of these it gets to 0.06s. I have done hundreds of these benchmarking, and the time is very consistent according to the php file size. I havent customize the load plugin testdomain filter, this is the default behavior from Performant tranlsations combined with loco translate.