WordPress.org

Make WordPress Core

Ticket #12278: file.php.diff

File file.php.diff, 3.5 KB (added by tychay, 8 years ago)

Patch to file.php

  • .php

    old new  
    220224 * @param array $file Reference to a single element of $_FILES. Call the function once for each uploaded file.
    221225 * @param array $overrides Optional. An associative array of names=>values to override default variables with extract( $overrides, EXTR_OVERWRITE ).
    222226 * @return array On success, returns an associative array of file attributes. On failure, returns $overrides['upload_error_handler'](&$file, $message ) or array( 'error'=>$message ).
     227 * @todo I don't think it's correct to define the error handler for prefilter errors before running extract. -tychay
    223228 */
    224229function wp_handle_upload( &$file, $overrides = false, $time = null ) {
    225230        // The default error handler.
     
    258263        // All tests are on by default. Most can be turned off by $override[{test_name}] = false;
    259264        $test_form = true;
    260265        $test_size = true;
     266        $test_upload = true;
    261267
    262268        // If you override this, you must provide $ext and $type!!!!
    263269        $test_type = true;
     
    269275
    270276        // A correct form post will pass this test.
    271277        if ( $test_form && (!isset( $_POST['action'] ) || ($_POST['action'] != $action ) ) )
    272                 return $upload_error_handler( $file, __( 'Invalid form submission.' ));
     278                return call_user_func($upload_error_handler, $file, __( 'Invalid form submission.' ));
    273279
    274280        // A successful upload will pass this test. It makes no sense to override this one.
    275281        if ( $file['error'] > 0 )
    276                 return $upload_error_handler( $file, $upload_error_strings[$file['error']] );
     282                return call_user_func($upload_error_handler, $file, $upload_error_strings[$file['error']] );
    277283
    278284        // A non-empty file will pass this test.
    279285        if ( $test_size && !($file['size'] > 0 ) )
    280                 return $upload_error_handler( $file, __( 'File is empty. Please upload something more substantial. This error could also be caused by uploads being disabled in your php.ini or by post_max_size being defined as smaller than upload_max_filesize in php.ini.' ));
     286                return call_user_func($upload_error_handler, $file, __( 'File is empty. Please upload something more substantial.' ));
    281287
    282288        // A properly uploaded file will pass this test. There should be no reason to override this one.
    283         if (! @ is_uploaded_file( $file['tmp_name'] ) )
    284                 return $upload_error_handler( $file, __( 'Specified file failed upload test.' ));
     289        if ( $test_upload && ! @ is_uploaded_file( $file['tmp_name'] ) )
     290                return call_user_func($upload_error_handler, $file, __( 'Specified file failed upload test.' ));
    285291
    286292        // A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter.
    287293        if ( $test_type ) {
     
    289295
    290296                extract( $wp_filetype );
    291297
     298                /* WPCOM - Limit site admin uploads
    292299                if ( ( !$type || !$ext ) && !current_user_can( 'unfiltered_upload' ) )
    293                         return $upload_error_handler( $file, __( 'File type does not meet security guidelines. Try another.' ));
     300                */
     301                if ( !$type || !$ext )
     302                        return call_user_func($upload_error_handler, $file, __( 'File type does not meet security guidelines. Try another.' ));
    294303
    295304                if ( !$ext )
    296305                        $ext = ltrim(strrchr($file['name'], '.'), '.');
     
    303312
    304313        // A writable uploads dir will pass this test. Again, there's no point overriding this one.
    305314        if ( ! ( ( $uploads = wp_upload_dir($time) ) && false === $uploads['error'] ) )
    306                 return $upload_error_handler( $file, $uploads['error'] );
     315                return call_user_func($upload_error_handler, $file, $uploads['error'] );
    307316
    308317        $filename = wp_unique_filename( $uploads['path'], $file['name'], $unique_filename_callback );