WordPress.org

Make WordPress Core

Ticket #2802: wp_handle_upload-file-permissions-patch-2.diff

File wp_handle_upload-file-permissions-patch-2.diff, 783 bytes (added by Libertus, 9 years ago)

This patch also corrects a nearby bug - a missing directory name in the error message

  • wp-admin/admin-functions.php

     
    18831883        // Move the file to the uploads dir 
    18841884        $new_file = $uploads['path'] . "/$filename"; 
    18851885        if ( false === @ move_uploaded_file($file['tmp_name'], $new_file) ) 
    1886                 die(printf(__('The uploaded file could not be moved to %s.'), $file['path'])); 
     1886                die(printf(__('The uploaded file could not be moved to %s.'), $uploads['path'])); 
    18871887 
    18881888        // Set correct file permissions 
    18891889        $stat = stat(dirname($new_file)); 
    1890         $perms = $stat['mode'] & 0000666; 
     1890        $perms = $stat['mode'] & 0664; // never executable, never world-writable 
    18911891        @ chmod($new_file, $perms); 
    18921892 
    18931893        // Compute the URL