Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-05 02:10:45 +01:00
Code Issues Projects Releases Wiki Activity

Filesystem: Introduce the pre_move_uploaded_file filter.

Browse Source 
Passing a non-null value to the filter will prevent the uploaded file from being moved to the uploads directory for any of the functions leveraging `_wp_handle_upload()`, such as `wp_handle_upload()` or `wp_handle_sideload()`.

Error reporting related to the file being moved will also be skipped.

Props ryan, Mte90.
Fixes #24603.

Built from https://develop.svn.wordpress.org/trunk@41258


git-svn-id: http://core.svn.wordpress.org/trunk@41098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Drew Jaynes 2017-08-16 21:59:43 +00:00
parent e80cf1d861
commit d5e3ea444d
2 changed files with 31 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
wp-admin/includes/file.php
View File

@ -371,21 +371,39 @@ function _wp_handle_upload( &$file, $overrides, $time, $action ) {
// Move the file to the uploads dir. // Move the file to the uploads dir.
$new_file = $uploads['path'] . "/$filename"; $new_file = $uploads['path'] . "/$filename";
if ( 'wp_handle_upload' === $action ) {
$move_new_file = @ move_uploaded_file( $file['tmp_name'], $new_file );
} else {
// use copy and unlink because rename breaks streams.
$move_new_file = @ copy( $file['tmp_name'], $new_file );
unlink( $file['tmp_name'] );
}
if ( false === $move_new_file ) { /**
if ( 0 === strpos( $uploads['basedir'], ABSPATH ) ) { * Filters whether to short-circuit moving the uploaded file after passing all checks.
$error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir']; *
* If a non-null value is passed to the filter, moving the file and any related error
* reporting will be completely skipped.
*
* @since 4.9.0
*
* @param string $move_new_file If null (default) move the file after the upload.
* @param string $file An array of data for a single file.
* @param string $new_file Filename of the newly-uploaded file.
* @param string $type File type.
*/
$move_new_file = apply_filters( 'pre_move_uploaded_file', null, $file, $new_file, $type );
if ( null === $move_new_file ) {
if ( 'wp_handle_upload' === $action ) {
$move_new_file = @ move_uploaded_file( $file['tmp_name'], $new_file );
} else { } else {
$error_path = basename( $uploads['basedir'] ) . $uploads['subdir']; // use copy and unlink because rename breaks streams.
$move_new_file = @ copy( $file['tmp_name'], $new_file );
unlink( $file['tmp_name'] );
}
if ( false === $move_new_file ) {
if ( 0 === strpos( $uploads['basedir'], ABSPATH ) ) {
$error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir'];
} else {
$error_path = basename( $uploads['basedir'] ) . $uploads['subdir'];
}
return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $error_path ) );
} }
return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $error_path ) );
} }
// Set correct file permissions. // Set correct file permissions.

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.9-alpha-41257'; $wp_version = '4.9-alpha-41258';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.