Diff: STRATO-apps/wordpress_03/app/wp-admin/includes/class-file-upload-upgrader.php

Keine Baseline-Datei – Diff nur gegen leer.
Baseline Vorherige Version
Zur Liste
1 -
1 + <?php
2 + /**
3 + * Upgrade API: File_Upload_Upgrader class
4 + *
5 + * @package WordPress
6 + * @subpackage Upgrader
7 + * @since 4.6.0
8 + */
9 +
10 + /**
11 + * Core class used for handling file uploads.
12 + *
13 + * This class handles the upload process and passes it as if it's a local file
14 + * to the Upgrade/Installer functions.
15 + *
16 + * @since 2.8.0
17 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php.
18 + */
19 + #[AllowDynamicProperties]
20 + class File_Upload_Upgrader {
21 +
22 + /**
23 + * The full path to the file package.
24 + *
25 + * @since 2.8.0
26 + * @var string $package
27 + */
28 + public $package;
29 +
30 + /**
31 + * The name of the file.
32 + *
33 + * @since 2.8.0
34 + * @var string $filename
35 + */
36 + public $filename;
37 +
38 + /**
39 + * The ID of the attachment post for this file.
40 + *
41 + * @since 3.3.0
42 + * @var int $id
43 + */
44 + public $id = 0;
45 +
46 + /**
47 + * Construct the upgrader for a form.
48 + *
49 + * @since 2.8.0
50 + *
51 + * @param string $form The name of the form the file was uploaded from.
52 + * @param string $urlholder The name of the `GET` parameter that holds the filename.
53 + */
54 + public function __construct( $form, $urlholder ) {
55 +
56 + if ( empty( $_FILES[ $form ]['name'] ) && empty( $_GET[ $urlholder ] ) ) {
57 + wp_die( __( 'Please select a file' ) );
58 + }
59 +
60 + // Handle a newly uploaded file. Else, assume it's already been uploaded.
61 + if ( ! empty( $_FILES ) ) {
62 + $overrides = array(
63 + 'test_form' => false,
64 + 'test_type' => false,
65 + );
66 + $file = wp_handle_upload( $_FILES[ $form ], $overrides );
67 +
68 + if ( isset( $file['error'] ) ) {
69 + wp_die( $file['error'] );
70 + }
71 +
72 + if ( 'pluginzip' === $form || 'themezip' === $form ) {
73 + if ( ! wp_zip_file_is_valid( $file['file'] ) ) {
74 + wp_delete_file( $file['file'] );
75 +
76 + if ( 'pluginzip' === $form ) {
77 + $plugins_page = sprintf(
78 + '<a href="%s">%s</a>',
79 + self_admin_url( 'plugin-install.php' ),
80 + __( 'Return to the Plugin Installer' )
81 + );
82 + wp_die( __( 'Incompatible Archive.' ) . '<br />' . $plugins_page );
83 + }
84 +
85 + if ( 'themezip' === $form ) {
86 + $themes_page = sprintf(
87 + '<a href="%s" target="_parent">%s</a>',
88 + self_admin_url( 'theme-install.php' ),
89 + __( 'Return to the Theme Installer' )
90 + );
91 + wp_die( __( 'Incompatible Archive.' ) . '<br />' . $themes_page );
92 + }
93 + }
94 + }
95 +
96 + $this->filename = $_FILES[ $form ]['name'];
97 + $this->package = $file['file'];
98 +
99 + // Construct the attachment array.
100 + $attachment = array(
101 + 'post_title' => $this->filename,
102 + 'post_content' => $file['url'],
103 + 'post_mime_type' => $file['type'],
104 + 'guid' => $file['url'],
105 + 'context' => 'upgrader',
106 + 'post_status' => 'private',
107 + );
108 +
109 + // Save the data.
110 + $this->id = wp_insert_attachment( $attachment, $file['file'] );
111 +
112 + // Schedule a cleanup for 2 hours from now in case of failed installation.
113 + wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $this->id ) );
114 +
115 + } elseif ( is_numeric( $_GET[ $urlholder ] ) ) {
116 + // Numeric Package = previously uploaded file, see above.
117 + $this->id = (int) $_GET[ $urlholder ];
118 + $attachment = get_post( $this->id );
119 + if ( empty( $attachment ) ) {
120 + wp_die( __( 'Please select a file' ) );
121 + }
122 +
123 + $this->filename = $attachment->post_title;
124 + $this->package = get_attached_file( $attachment->ID );
125 + } else {
126 + // Else, It's set to something, Back compat for plugins using the old (pre-3.3) File_Uploader handler.
127 + $uploads = wp_upload_dir();
128 + if ( ! ( $uploads && false === $uploads['error'] ) ) {
129 + wp_die( $uploads['error'] );
130 + }
131 +
132 + $this->filename = sanitize_file_name( $_GET[ $urlholder ] );
133 + $this->package = $uploads['basedir'] . '/' . $this->filename;
134 +
135 + if ( ! str_starts_with( realpath( $this->package ), realpath( $uploads['basedir'] ) ) ) {
136 + wp_die( __( 'Please select a file' ) );
137 + }
138 + }
139 + }
140 +
141 + /**
142 + * Deletes the attachment/uploaded file.
143 + *
144 + * @since 3.2.2
145 + *
146 + * @return bool Whether the cleanup was successful.
147 + */
148 + public function cleanup() {
149 + if ( $this->id ) {
150 + wp_delete_attachment( $this->id );
151 +
152 + } elseif ( file_exists( $this->package ) ) {
153 + return @unlink( $this->package );
154 + }
155 +
156 + return true;
157 + }
158 + }
159 +