Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-09-27 06:42:56 +02:00
Code Issues Projects Releases Wiki Activity

Eliminate use of extract() in wp_handle_upload().

Browse Source 
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28450


git-svn-id: http://core.svn.wordpress.org/trunk@28277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Scott Taylor 2014-05-16 16:10:38 +00:00
parent fdaea6b7f2
commit 4caf3e79f3
1 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
wp-admin/includes/file.php
View File

@ -224,16 +224,27 @@ function wp_handle_upload( &$file, $overrides = false, $time = null ) {
// You may define your own function and pass the name in $overrides['upload_error_handler']
$upload_error_handler = 'wp_handle_upload_error';
if ( isset( $overrides['upload_error_handler'] ) ) {
$upload_error_handler = $overrides['upload_error_handler'];
}
// You may have had one or more 'wp_handle_upload_prefilter' functions error out the file. Handle that gracefully.
if ( isset( $file['error'] ) && !is_numeric( $file['error'] ) && $file['error'] )
return $upload_error_handler( $file, $file['error'] );
// Install user overrides. Did we mention that this voids your warranty?
// You may define your own function and pass the name in $overrides['unique_filename_callback']
$unique_filename_callback = null;
if ( isset( $overrides['unique_filename_callback'] ) ) {
$unique_filename_callback = $overrides['unique_filename_callback'];
}
// $_POST['action'] must be set and its value must equal $overrides['action'] or this:
$action = 'wp_handle_upload';
if ( isset( $overrides['action'] ) ) {
$action = $overrides['action'];
}
// Courtesy of php.net, the strings that describe the error indicated in $_FILES[{form field}]['error'].
$upload_error_strings = array( false,
@ -246,23 +257,24 @@ function wp_handle_upload( &$file, $overrides = false, $time = null ) {
__( "Failed to write file to disk." ),
__( "File upload stopped by extension." ));
// this may not have orignially been intended to be overrideable, but historically has been
if ( isset( $overrides['upload_error_strings'] ) ) {
$upload_error_strings = $overrides['upload_error_strings'];
}
// All tests are on by default. Most can be turned off by $overrides[{test_name}] = false;
$test_form = true;
$test_size = true;
$test_upload = true;
$test_form = isset( $overrides['test_form'] ) ? $overrides['test_form'] : true;
$test_size = isset( $overrides['test_size'] ) ? $overrides['test_size'] : true;
$test_upload = isset( $overrides['test_upload'] ) ? $overrides['test_upload'] : true;
// If you override this, you must provide $ext and $type!!!!
$test_type = true;
$mimes = false;
// Install user overrides. Did we mention that this voids your warranty?
if ( is_array( $overrides ) )
extract( $overrides, EXTR_OVERWRITE );
$test_type = isset( $overrides['test_type'] ) ? $overrides['test_type'] : true;
$mimes = isset( $overrides['mimes'] ) ? $overrides['mimes'] : false;
// A correct form post will pass this test.
if ( $test_form && (!isset( $_POST['action'] ) || ($_POST['action'] != $action ) ) )
return call_user_func($upload_error_handler, $file, __( 'Invalid form submission.' ));
if ( $test_form && ( ! isset( $_POST['action'] ) || ($_POST['action'] != $action ) ) ) {
return call_user_func( $upload_error_handler, $file, __( 'Invalid form submission.' ) );
}
// A successful upload will pass this test. It makes no sense to override this one.
if ( isset( $file['error'] ) && $file['error'] > 0 ) {
return call_user_func( $upload_error_handler, $file, $upload_error_strings[ $file['error'] ] );