WordPress.org

Make WordPress Core

Ticket #2802: wp_handle_upload-file-permissions-patch-2.diff

File wp_handle_upload-file-permissions-patch-2.diff, 783 bytes (added by Libertus, 12 years ago)

This patch also corrects a nearby bug - a missing directory name in the error message

  • wp-admin/admin-functions.php

     
    18831883        // Move the file to the uploads dir
    18841884        $new_file = $uploads['path'] . "/$filename";
    18851885        if ( false === @ move_uploaded_file($file['tmp_name'], $new_file) )
    1886                 die(printf(__('The uploaded file could not be moved to %s.'), $file['path']));
     1886                die(printf(__('The uploaded file could not be moved to %s.'), $uploads['path']));
    18871887
    18881888        // Set correct file permissions
    18891889        $stat = stat(dirname($new_file));
    1890         $perms = $stat['mode'] & 0000666;
     1890        $perms = $stat['mode'] & 0664; // never executable, never world-writable
    18911891        @ chmod($new_file, $perms);
    18921892
    18931893        // Compute the URL