WordPress.org

Make WordPress Core

Ticket #21292: 21292-2.diff

File 21292-2.diff, 3.9 KB (added by markoheijnen, 6 years ago)

Added unfiltered_upload capability check

  • wp-includes/functions.php

     
    15861586                return array( 'error' => __( 'Empty filename' ) );
    15871587
    15881588        $wp_filetype = wp_check_filetype( $name );
    1589         if ( !$wp_filetype['ext'] )
     1589        if ( ( ! $wp_filetype['type'] || ! $wp_filetype['ext'] ) && ! current_user_can( 'unfiltered_upload' ) )
    15901590                return array( 'error' => __( 'Invalid file type' ) );
    15911591
    15921592        $upload = wp_upload_dir( $time );
     
    15951595                return $upload;
    15961596
    15971597        $upload_bits_error = apply_filters( 'wp_upload_bits', array( 'name' => $name, 'bits' => $bits, 'time' => $time ) );
    1598         if ( !is_array( $upload_bits_error ) ) {
     1598        if ( ! is_array( $upload_bits_error ) || isset( $upload_bits_error['error'] ) ) {
    15991599                $upload[ 'error' ] = $upload_bits_error;
    16001600                return $upload;
    16011601        }
     
    16171617        clearstatcache();
    16181618
    16191619        // Set correct file permissions
    1620         $stat = @ stat( dirname( $new_file ) );
     1620        $stat  = stat( dirname( $new_file ) );
    16211621        $perms = $stat['mode'] & 0007777;
    16221622        $perms = $perms & 0000666;
    16231623        @ chmod( $new_file, $perms );
     
    16261626        // Compute the URL
    16271627        $url = $upload['url'] . "/$filename";
    16281628
     1629        if ( is_multisite() )
     1630                delete_transient( 'dirsize_cache' );
     1631
    16291632        return array( 'file' => $new_file, 'url' => $url, 'error' => false );
    16301633}
    16311634
  • wp-includes/class-wp-xmlrpc-server.php

     
    45574557                }
    45584558
    45594559                $upload = wp_upload_bits($name, null, $bits);
     4560
    45604561                if ( ! empty($upload['error']) ) {
    45614562                        $errorString = sprintf(__('Could not write file %1$s (%2$s)'), $name, $upload['error']);
    45624563                        return new IXR_Error(500, $errorString);
  • wp-admin/includes/ms.php

     
    1919        if ( get_site_option( 'upload_space_check_disabled' ) )
    2020                return $file;
    2121
    22         if ( $file['error'] != '0' ) // there's already an error
     22        if ( $file['error'] && $file['error'] != '0' ) // there's already an error
    2323                return $file;
    2424
    2525        if ( defined( 'WP_IMPORTING' ) )
     
    2828        $space_allowed = 1048576 * get_space_allowed();
    2929        $space_used = get_dirsize( BLOGUPLOADDIR );
    3030        $space_left = $space_allowed - $space_used;
    31         $file_size = filesize( $file['tmp_name'] );
    32         if ( $space_left < $file_size )
     31
     32        if( 'wp_upload_bits' == current_filter() ) {
     33                if( function_exists( 'mb_strlen' ) )
     34                        $file_size = mb_strlen( $file['bits'], 'ascii');
     35                else
     36                        $file_size = strlen( $file['bits'] );
     37        }
     38        else {
     39                $file_size = filesize( $file['tmp_name'] );
     40        }
     41
     42        if( $space_left < $file_size )
    3343                $file['error'] = sprintf( __( 'Not enough space to upload. %1$s KB needed.' ), number_format( ($file_size - $space_left) /1024 ) );
    34         if ( $file_size > ( 1024 * get_site_option( 'fileupload_maxk', 1500 ) ) )
     44        if( $file_size > ( 1024 * get_site_option( 'fileupload_maxk', 1500 ) ) )
    3545                $file['error'] = sprintf(__('This file is too big. Files must be less than %1$s KB in size.'), get_site_option( 'fileupload_maxk', 1500 ) );
    36         if ( upload_is_user_over_quota( false ) ) {
     46        if( upload_is_user_over_quota( false ) ) {
    3747                $file['error'] = __( 'You have used your space quota. Please delete files before uploading.' );
    3848        }
    39         if ( $file['error'] != '0' && !isset($_POST['html-upload']) )
     49        if( $file['error'] != '0' && ! isset( $_POST['html-upload'] ) && 'wp_handle_upload_prefilter' == current_filter() )
    4050                wp_die( $file['error'] . ' <a href="javascript:history.go(-1)">' . __( 'Back' ) . '</a>' );
    4151
    4252        return $file;
    4353}
    4454add_filter( 'wp_handle_upload_prefilter', 'check_upload_size' );
     55add_filter( 'wp_upload_bits', 'check_upload_size' );
    4556
    4657/**
    4758 * Delete a blog