WordPress.org

Make WordPress Core

Ticket #12278: file.php.diff

File file.php.diff, 3.5 KB (added by tychay, 6 years ago)

Patch to file.php

  • .php

    old new  
    220224 * @param array $file Reference to a single element of $_FILES. Call the function once for each uploaded file. 
    221225 * @param array $overrides Optional. An associative array of names=>values to override default variables with extract( $overrides, EXTR_OVERWRITE ). 
    222226 * @return array On success, returns an associative array of file attributes. On failure, returns $overrides['upload_error_handler'](&$file, $message ) or array( 'error'=>$message ). 
     227 * @todo I don't think it's correct to define the error handler for prefilter errors before running extract. -tychay 
    223228 */ 
    224229function wp_handle_upload( &$file, $overrides = false, $time = null ) { 
    225230        // The default error handler. 
     
    258263        // All tests are on by default. Most can be turned off by $override[{test_name}] = false; 
    259264        $test_form = true; 
    260265        $test_size = true; 
     266        $test_upload = true; 
    261267 
    262268        // If you override this, you must provide $ext and $type!!!! 
    263269        $test_type = true; 
     
    269275 
    270276        // A correct form post will pass this test. 
    271277        if ( $test_form && (!isset( $_POST['action'] ) || ($_POST['action'] != $action ) ) ) 
    272                 return $upload_error_handler( $file, __( 'Invalid form submission.' )); 
     278                return call_user_func($upload_error_handler, $file, __( 'Invalid form submission.' )); 
    273279 
    274280        // A successful upload will pass this test. It makes no sense to override this one. 
    275281        if ( $file['error'] > 0 ) 
    276                 return $upload_error_handler( $file, $upload_error_strings[$file['error']] ); 
     282                return call_user_func($upload_error_handler, $file, $upload_error_strings[$file['error']] ); 
    277283 
    278284        // A non-empty file will pass this test. 
    279285        if ( $test_size && !($file['size'] > 0 ) ) 
    280                 return $upload_error_handler( $file, __( 'File is empty. Please upload something more substantial. This error could also be caused by uploads being disabled in your php.ini or by post_max_size being defined as smaller than upload_max_filesize in php.ini.' )); 
     286                return call_user_func($upload_error_handler, $file, __( 'File is empty. Please upload something more substantial.' )); 
    281287 
    282288        // A properly uploaded file will pass this test. There should be no reason to override this one. 
    283         if (! @ is_uploaded_file( $file['tmp_name'] ) ) 
    284                 return $upload_error_handler( $file, __( 'Specified file failed upload test.' )); 
     289        if ( $test_upload && ! @ is_uploaded_file( $file['tmp_name'] ) ) 
     290                return call_user_func($upload_error_handler, $file, __( 'Specified file failed upload test.' )); 
    285291 
    286292        // A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter. 
    287293        if ( $test_type ) { 
     
    289295 
    290296                extract( $wp_filetype ); 
    291297 
     298                /* WPCOM - Limit site admin uploads 
    292299                if ( ( !$type || !$ext ) && !current_user_can( 'unfiltered_upload' ) ) 
    293                         return $upload_error_handler( $file, __( 'File type does not meet security guidelines. Try another.' )); 
     300                */ 
     301                if ( !$type || !$ext ) 
     302                        return call_user_func($upload_error_handler, $file, __( 'File type does not meet security guidelines. Try another.' )); 
    294303 
    295304                if ( !$ext ) 
    296305                        $ext = ltrim(strrchr($file['name'], '.'), '.'); 
     
    303312 
    304313        // A writable uploads dir will pass this test. Again, there's no point overriding this one. 
    305314        if ( ! ( ( $uploads = wp_upload_dir($time) ) && false === $uploads['error'] ) ) 
    306                 return $upload_error_handler( $file, $uploads['error'] ); 
     315                return call_user_func($upload_error_handler, $file, $uploads['error'] ); 
    307316 
    308317        $filename = wp_unique_filename( $uploads['path'], $file['name'], $unique_filename_callback );