|
1 <?php |
|
2 /** |
|
3 * Upgrade API: File_Upload_Upgrader class |
|
4 * |
|
5 * @package WordPress |
|
6 * @subpackage Upgrader |
|
7 * @since 4.6.0 |
|
8 */ |
|
9 |
|
10 /** |
|
11 * Core class used for handling file uploads. |
|
12 * |
|
13 * This class handles the upload process and passes it as if it's a local file |
|
14 * to the Upgrade/Installer functions. |
|
15 * |
|
16 * @since 2.8.0 |
|
17 * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php. |
|
18 */ |
|
19 class File_Upload_Upgrader { |
|
20 |
|
21 /** |
|
22 * The full path to the file package. |
|
23 * |
|
24 * @since 2.8.0 |
|
25 * @var string $package |
|
26 */ |
|
27 public $package; |
|
28 |
|
29 /** |
|
30 * The name of the file. |
|
31 * |
|
32 * @since 2.8.0 |
|
33 * @var string $filename |
|
34 */ |
|
35 public $filename; |
|
36 |
|
37 /** |
|
38 * The ID of the attachment post for this file. |
|
39 * |
|
40 * @since 3.3.0 |
|
41 * @var int $id |
|
42 */ |
|
43 public $id = 0; |
|
44 |
|
45 /** |
|
46 * Construct the upgrader for a form. |
|
47 * |
|
48 * @since 2.8.0 |
|
49 * |
|
50 * @param string $form The name of the form the file was uploaded from. |
|
51 * @param string $urlholder The name of the `GET` parameter that holds the filename. |
|
52 */ |
|
53 public function __construct( $form, $urlholder ) { |
|
54 |
|
55 if ( empty($_FILES[$form]['name']) && empty($_GET[$urlholder]) ) |
|
56 wp_die(__('Please select a file')); |
|
57 |
|
58 //Handle a newly uploaded file, Else assume it's already been uploaded |
|
59 if ( ! empty($_FILES) ) { |
|
60 $overrides = array( 'test_form' => false, 'test_type' => false ); |
|
61 $file = wp_handle_upload( $_FILES[$form], $overrides ); |
|
62 |
|
63 if ( isset( $file['error'] ) ) |
|
64 wp_die( $file['error'] ); |
|
65 |
|
66 $this->filename = $_FILES[$form]['name']; |
|
67 $this->package = $file['file']; |
|
68 |
|
69 // Construct the object array |
|
70 $object = array( |
|
71 'post_title' => $this->filename, |
|
72 'post_content' => $file['url'], |
|
73 'post_mime_type' => $file['type'], |
|
74 'guid' => $file['url'], |
|
75 'context' => 'upgrader', |
|
76 'post_status' => 'private' |
|
77 ); |
|
78 |
|
79 // Save the data. |
|
80 $this->id = wp_insert_attachment( $object, $file['file'] ); |
|
81 |
|
82 // Schedule a cleanup for 2 hours from now in case of failed installation. |
|
83 wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $this->id ) ); |
|
84 |
|
85 } elseif ( is_numeric( $_GET[$urlholder] ) ) { |
|
86 // Numeric Package = previously uploaded file, see above. |
|
87 $this->id = (int) $_GET[$urlholder]; |
|
88 $attachment = get_post( $this->id ); |
|
89 if ( empty($attachment) ) |
|
90 wp_die(__('Please select a file')); |
|
91 |
|
92 $this->filename = $attachment->post_title; |
|
93 $this->package = get_attached_file( $attachment->ID ); |
|
94 } else { |
|
95 // Else, It's set to something, Back compat for plugins using the old (pre-3.3) File_Uploader handler. |
|
96 if ( ! ( ( $uploads = wp_upload_dir() ) && false === $uploads['error'] ) ) |
|
97 wp_die( $uploads['error'] ); |
|
98 |
|
99 $this->filename = sanitize_file_name( $_GET[ $urlholder ] ); |
|
100 $this->package = $uploads['basedir'] . '/' . $this->filename; |
|
101 |
|
102 if ( 0 !== strpos( realpath( $this->package ), realpath( $uploads['basedir'] ) ) ) { |
|
103 wp_die( __( 'Please select a file' ) ); |
|
104 } |
|
105 } |
|
106 } |
|
107 |
|
108 /** |
|
109 * Delete the attachment/uploaded file. |
|
110 * |
|
111 * @since 3.2.2 |
|
112 * |
|
113 * @return bool Whether the cleanup was successful. |
|
114 */ |
|
115 public function cleanup() { |
|
116 if ( $this->id ) |
|
117 wp_delete_attachment( $this->id ); |
|
118 |
|
119 elseif ( file_exists( $this->package ) ) |
|
120 return @unlink( $this->package ); |
|
121 |
|
122 return true; |
|
123 } |
|
124 } |