Ticket #30245: 30245.diff
File 30245.diff, 26.6 KB (added by , 10 years ago) |
---|
-
src/wp-admin/includes/class-wp-filesystem-base.php
1 1 <?php 2 2 /** 3 3 * Base WordPress Filesystem 4 4 * 5 5 * @package WordPress 6 6 * @subpackage Filesystem 7 7 */ 8 8 9 9 /** 10 10 * Base WordPress Filesystem class for which Filesystem implementations extend 11 11 * 12 12 * @since 2.5.0 13 13 */ 14 14 class WP_Filesystem_Base { 15 16 /** 17 * The Minimum chmod value for directories created with this class. 18 * 19 * @access public 20 * @since 4.1.0 21 * @var octal 22 */ 23 public $default_minimum_chmod_dir = 0755; 24 25 /** 26 * The Minimum chmod value for files created with this class. 27 * 28 * @access public 29 * @since 4.1.0 30 * @var octal 31 */ 32 public $default_minimum_chmod_file = 0644; 33 15 34 /** 16 35 * Whether to display debug data for the connection. 17 36 * 18 37 * @access public 19 38 * @since 2.5.0 20 39 * @var bool 21 40 */ 22 41 public $verbose = false; 23 42 24 43 /** 25 44 * Cached list of local filepaths to mapped remote filepaths. 26 45 * 27 46 * @access private 28 47 * @since 2.7.0 29 48 * @var array -
src/wp-admin/includes/class-wp-filesystem-direct.php
370 370 371 371 if ( 'd' == $struc['type'] ) { 372 372 if ( $recursive ) 373 373 $struc['files'] = $this->dirlist($path . '/' . $struc['name'], $include_hidden, $recursive); 374 374 else 375 375 $struc['files'] = array(); 376 376 } 377 377 378 378 $ret[ $struc['name'] ] = $struc; 379 379 } 380 380 $dir->close(); 381 381 unset($dir); 382 382 return $ret; 383 383 } 384 384 } 385 386 /** 387 * WordPress Filesystem Class for direct Group Writable PHP file and folder manipulation. 388 * 389 * @since 4.1.0 390 * @package WordPress 391 * @subpackage Filesystem 392 * @uses WP_Filesystem_Direct Extends class 393 * @uses WP_Filesystem_Base Extends class 394 */ 395 class WP_Filesystem_Direct_GroupWritable extends WP_Filesystem_Direct { 396 /** 397 * The Minimum chmod value for directories created with this class. 398 * 399 * @access public 400 * @since 4.1.0 401 * @var octal 402 */ 403 public $default_minimum_chmod_dir = 0775; 404 405 /** 406 * The Minimum chmod value for files created with this class. 407 * 408 * @access public 409 * @since 4.1.0 410 * @var octal 411 */ 412 public $default_minimum_chmod_file = 0664; 413 414 /** 415 * constructor 416 * 417 * @param mixed $arg ignored argument 418 */ 419 public function __construct($arg) { 420 $this->method = 'direct_groupwritable'; 421 $this->errors = new WP_Error(); 422 } 423 } 424 425 /** 426 * WordPress Filesystem Class for direct World Writable PHP file and folder manipulation. 427 * 428 * @since 4.1.0 429 * @package WordPress 430 * @subpackage Filesystem 431 * @uses WP_Filesystem_Direct Extends class 432 * @uses WP_Filesystem_Base Extends class 433 */ 434 class WP_Filesystem_Direct_WorldWritable extends WP_Filesystem_Direct { 435 /** 436 * The Minimum chmod value for directories created with this class. 437 * 438 * @access public 439 * @since 4.1.0 440 * @var octal 441 */ 442 public $default_minimum_chmod_dir = 0777; 443 444 /** 445 * The Minimum chmod value for files created with this class. 446 * 447 * @access public 448 * @since 4.1.0 449 * @var octal 450 */ 451 public $default_minimum_chmod_file = 0666; 452 453 /** 454 * constructor 455 * 456 * @param mixed $arg ignored argument 457 */ 458 public function __construct($arg) { 459 $this->method = 'direct_worldwritable'; 460 $this->errors = new WP_Error(); 461 } 462 } 463 No newline at end of file -
src/wp-admin/includes/class-wp-upgrader-skins.php
28 28 } 29 29 30 30 public function set_upgrader(&$upgrader) { 31 31 if ( is_object($upgrader) ) 32 32 $this->upgrader =& $upgrader; 33 33 $this->add_strings(); 34 34 } 35 35 36 36 public function add_strings() { 37 37 } 38 38 39 39 public function set_result($result) { 40 40 $this->result = $result; 41 41 } 42 42 43 public function request_filesystem_credentials( $error = false) {43 public function request_filesystem_credentials( $error = false, $context = false, $allow_relaxed_file_ownership = false ) { 44 44 $url = $this->options['url']; 45 $context = $this->options['context']; 46 if ( !empty($this->options['nonce']) ) 45 if ( ! $context ) { 46 $context = $this->options['context']; 47 } 48 if ( !empty($this->options['nonce']) ) { 47 49 $url = wp_nonce_url($url, $this->options['nonce']); 48 return request_filesystem_credentials($url, '', $error, $context); //Possible to bring inline, Leaving as is for now. 50 } 51 52 $extra_fields = array(); 53 54 return request_filesystem_credentials( $url, '', $error, $context, $extra_fields, $allow_relaxed_file_ownership ); 49 55 } 50 56 51 57 public function header() { 52 58 if ( $this->done_header ) { 53 59 return; 54 60 } 55 61 $this->done_header = true; 56 62 echo '<div class="wrap">'; 57 63 echo '<h2>' . $this->options['title'] . '</h2>'; 58 64 } 59 65 public function footer() { 60 66 if ( $this->done_footer ) { 61 67 return; 62 68 } 63 69 $this->done_footer = true; … … 687 693 } 688 694 689 695 /** 690 696 * Upgrader Skin for Automatic WordPress Upgrades 691 697 * 692 698 * This skin is designed to be used when no output is intended, all output 693 699 * is captured and stored for the caller to process and log/email/discard. 694 700 * 695 701 * @package WordPress 696 702 * @subpackage Upgrader 697 703 * @since 3.7.0 698 704 */ 699 705 class Automatic_Upgrader_Skin extends WP_Upgrader_Skin { 700 706 protected $messages = array(); 701 707 702 public function request_filesystem_credentials( $error = false, $context = '' ) {703 if ( $context ) 708 public function request_filesystem_credentials( $error = false, $context = '', $allow_relaxed_file_ownership = false ) { 709 if ( $context ) { 704 710 $this->options['context'] = $context; 711 } 705 712 // TODO: fix up request_filesystem_credentials(), or split it, to allow us to request a no-output version 706 713 // This will output a credentials form in event of failure, We don't want that, so just hide with a buffer 707 714 ob_start(); 708 $result = parent::request_filesystem_credentials( $error );715 $result = parent::request_filesystem_credentials( $error, $context, $allow_relaxed_file_ownership ); 709 716 ob_end_clean(); 710 717 return $result; 711 718 } 712 719 713 720 public function get_upgrade_messages() { 714 721 return $this->messages; 715 722 } 716 723 717 724 public function feedback( $data ) { 718 725 if ( is_wp_error( $data ) ) 719 726 $string = $data->get_error_message(); 720 727 else if ( is_array( $data ) ) 721 728 return; 722 729 else 723 730 $string = $data; -
src/wp-admin/includes/class-wp-upgrader.php
49 49 $this->strings['fs_no_themes_dir'] = __('Unable to locate WordPress Theme directory.'); 50 50 /* translators: %s: directory name */ 51 51 $this->strings['fs_no_folder'] = __('Unable to locate needed folder (%s).'); 52 52 53 53 $this->strings['download_failed'] = __('Download failed.'); 54 54 $this->strings['installing_package'] = __('Installing the latest version…'); 55 55 $this->strings['no_files'] = __('The package contains no files.'); 56 56 $this->strings['folder_exists'] = __('Destination folder already exists.'); 57 57 $this->strings['mkdir_failed'] = __('Could not create directory.'); 58 58 $this->strings['incompatible_archive'] = __('The package could not be installed.'); 59 59 60 60 $this->strings['maintenance_start'] = __('Enabling Maintenance mode…'); 61 61 $this->strings['maintenance_end'] = __('Disabling Maintenance mode…'); 62 62 } 63 63 64 public function fs_connect( $directories = array() ) {64 public function fs_connect( $directories = array(), $allow_relaxed_file_ownership = false ) { 65 65 global $wp_filesystem; 66 66 67 if ( false === ( $credentials = $this->skin->request_filesystem_credentials()) )67 if ( false === ( $credentials = $this->skin->request_filesystem_credentials( false, $directories[0], $allow_relaxed_file_ownership ) ) ) { 68 68 return false; 69 } 69 70 70 if ( ! WP_Filesystem( $credentials) ) {71 if ( ! WP_Filesystem( $credentials, $directories[0], $allow_relaxed_file_ownership ) ) { 71 72 $error = true; 72 73 if ( is_object($wp_filesystem) && $wp_filesystem->errors->get_error_code() ) 73 74 $error = $wp_filesystem->errors; 74 $this->skin->request_filesystem_credentials($error); //Failed to connect, Error and request again 75 // Failed to connect, Error and request again 76 $this->skin->request_filesystem_credentials( $error, $directories[0], $allow_relaxed_file_ownership ); 75 77 return false; 76 78 } 77 79 78 80 if ( ! is_object($wp_filesystem) ) 79 81 return new WP_Error('fs_unavailable', $this->strings['fs_unavailable'] ); 80 82 81 83 if ( is_wp_error($wp_filesystem->errors) && $wp_filesystem->errors->get_error_code() ) 82 84 return new WP_Error('fs_error', $this->strings['fs_error'], $wp_filesystem->errors); 83 85 84 86 foreach ( (array)$directories as $dir ) { 85 87 switch ( $dir ) { 86 88 case ABSPATH: 87 89 if ( ! $wp_filesystem->abspath() ) 88 90 return new WP_Error('fs_no_root_dir', $this->strings['fs_no_root_dir']); 89 91 break; … … 1444 1446 $this->strings['start_rollback'] = __( 'Attempting to roll back to previous version.' ); 1445 1447 $this->strings['rollback_was_required'] = __( 'Due to an error during updating, WordPress has rolled back to your previous version.' ); 1446 1448 } 1447 1449 1448 1450 public function upgrade( $current, $args = array() ) { 1449 1451 global $wp_filesystem; 1450 1452 1451 1453 include( ABSPATH . WPINC . '/version.php' ); // $wp_version; 1452 1454 1453 1455 $start_time = time(); 1454 1456 1455 1457 $defaults = array( 1456 1458 'pre_check_md5' => true, 1457 1459 'attempt_rollback' => false, 1458 1460 'do_rollback' => false, 1461 'allow_relaxed_file_ownership' => false, 1459 1462 ); 1460 1463 $parsed_args = wp_parse_args( $args, $defaults ); 1461 1464 1462 1465 $this->init(); 1463 1466 $this->upgrade_strings(); 1464 1467 1465 1468 // Is an update available? 1466 1469 if ( !isset( $current->response ) || $current->response == 'latest' ) 1467 1470 return new WP_Error('up_to_date', $this->strings['up_to_date']); 1468 1471 1469 $res = $this->fs_connect( array( ABSPATH, WP_CONTENT_DIR));1472 $res = $this->fs_connect( array( ABSPATH, WP_CONTENT_DIR ), $parsed_args['allow_relaxed_file_ownership'] ); 1470 1473 if ( ! $res || is_wp_error( $res ) ) { 1471 1474 return $res; 1472 1475 } 1473 1476 1474 1477 $wp_dir = trailingslashit($wp_filesystem->abspath()); 1475 1478 1476 1479 $partial = true; 1477 1480 if ( $parsed_args['do_rollback'] ) 1478 1481 $partial = false; 1479 1482 elseif ( $parsed_args['pre_check_md5'] && ! $this->check_files() ) 1480 1483 $partial = false; 1481 1484 1482 1485 /* 1483 1486 * If partial update is returned from the API, use that, unless we're doing 1484 1487 * a reinstall. If we cross the new_bundled version number, then use … … 1899 1902 * @since 3.7.0 1900 1903 * 1901 1904 * @param string $type The type of update being checked: 'core', 'theme', 1902 1905 * 'plugin', 'translation'. 1903 1906 * @param object $item The update offer. 1904 1907 * @param string $context The filesystem context (a path) against which filesystem 1905 1908 * access and status should be checked. 1906 1909 */ 1907 1910 public function should_update( $type, $item, $context ) { 1908 1911 // Used to see if WP_Filesystem is set up to allow unattended updates. 1909 1912 $skin = new Automatic_Upgrader_Skin; 1910 1913 1911 1914 if ( $this->is_disabled() ) 1912 1915 return false; 1913 1916 1917 // Only relax the filesystem checks when the update doesn't include new files 1918 $allow_relaxed_file_ownership = false; 1919 if ( 'core' == $type && isset( $item->new_files ) && ! $item->new_files ) { 1920 $allow_relaxed_file_ownership = true; 1921 } /* elseif ( 'translation' == $type && $translation_is_installed ) { 1922 $allow_relaxed_file_ownership = true; 1923 }*/ 1924 1914 1925 // If we can't do an auto core update, we may still be able to email the user. 1915 if ( ! $skin->request_filesystem_credentials( false, $context ) || $this->is_vcs_checkout( $context ) ) {1926 if ( ! $skin->request_filesystem_credentials( false, $context, $allow_relaxed_file_ownership ) || $this->is_vcs_checkout( $context ) ) { 1916 1927 if ( 'core' == $type ) 1917 1928 $this->send_core_update_notification_email( $item ); 1918 1929 return false; 1919 1930 } 1920 1931 1921 1932 // Next up, is this an item we can update? 1922 1933 if ( 'core' == $type ) 1923 1934 $update = Core_Upgrader::should_update_to_version( $item->current ); 1924 1935 else 1925 1936 $update = ! empty( $item->autoupdate ); 1926 1937 1927 1938 /** 1928 1939 * Filter whether to automatically update core, a plugin, a theme, or a language. 1929 1940 * 1930 1941 * The dynamic portion of the hook name, $type, refers to the type of update … … 2060 2071 $skin->feedback( __( 'Updating theme: %s' ), $item_name ); 2061 2072 break; 2062 2073 case 'plugin': 2063 2074 $upgrader_item = $item->plugin; 2064 2075 $plugin_data = get_plugin_data( $context . '/' . $upgrader_item ); 2065 2076 $item_name = $plugin_data['Name']; 2066 2077 $skin->feedback( __( 'Updating plugin: %s' ), $item_name ); 2067 2078 break; 2068 2079 case 'translation': 2069 2080 $language_item_name = $upgrader->get_name_for_update( $item ); 2070 2081 $item_name = sprintf( __( 'Translations for %s' ), $language_item_name ); 2071 2082 $skin->feedback( sprintf( __( 'Updating translations for %1$s (%2$s)…' ), $language_item_name, $item->language ) ); 2072 2083 break; 2073 2084 } 2074 2085 2086 $allow_relaxed_file_ownership = false; 2087 if ( 'core' == $type && isset( $item->new_files ) && ! $item->new_files ) { 2088 $allow_relaxed_file_ownership = true; 2089 }/* elseif ( 'translation' == $type && $translation_is_installed ) { 2090 $allow_relaxed_file_ownership = true; 2091 }*/ 2092 2075 2093 // Boom, This sites about to get a whole new splash of paint! 2076 2094 $upgrade_result = $upgrader->upgrade( $upgrader_item, array( 2077 2095 'clear_update_cache' => false, 2078 2096 // Always use partial builds if possible for core updates. 2079 2097 'pre_check_md5' => false, 2080 2098 // Only available for core updates. 2081 2099 'attempt_rollback' => true, 2100 // Allow relaxed file ownership in some scenarios 2101 'allow_relaxed_file_ownership' => $allow_relaxed_file_ownership, 2102 2082 2103 ) ); 2083 2104 2084 2105 // If the filesystem is unavailable, false is returned. 2085 2106 if ( false === $upgrade_result ) { 2086 2107 $upgrade_result = new WP_Error( 'fs_unavailable', __( 'Could not access filesystem.' ) ); 2087 2108 } 2088 2109 2089 2110 // Core doesn't output this, so lets append it so we don't get confused. 2090 2111 if ( 'core' == $type ) { 2091 2112 if ( is_wp_error( $upgrade_result ) ) { 2092 2113 $skin->error( __( 'Installation Failed' ), $upgrade_result ); 2093 2114 } else { 2094 2115 $skin->feedback( __( 'WordPress updated successfully' ) ); 2095 2116 } 2096 2117 } -
src/wp-admin/includes/file.php
797 797 } 798 798 } 799 799 return true; 800 800 } 801 801 802 802 /** 803 803 * Initialises and connects the WordPress Filesystem Abstraction classes. 804 804 * This function will include the chosen transport and attempt connecting. 805 805 * 806 806 * Plugins may add extra transports, And force WordPress to use them by returning the filename via the 'filesystem_method_file' filter. 807 807 * 808 808 * @since 2.5.0 809 809 * 810 810 * @param array $args (optional) Connection args, These are passed directly to the WP_Filesystem_*() classes. 811 811 * @param string $context (optional) Context for get_filesystem_method(), See function declaration for more information. 812 * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable. 812 813 * @return null|boolean false on failure, true on success 813 814 */ 814 function WP_Filesystem( $args = false, $context = false ) {815 function WP_Filesystem( $args = false, $context = false, $allow_relaxed_file_ownership = false ) { 815 816 global $wp_filesystem; 816 817 817 818 require_once(ABSPATH . 'wp-admin/includes/class-wp-filesystem-base.php'); 818 819 819 $method = get_filesystem_method( $args, $context);820 $method = get_filesystem_method( $args, $context, $allow_relaxed_file_ownership ); 820 821 821 822 if ( ! $method ) 822 823 return false; 823 824 824 825 if ( ! class_exists("WP_Filesystem_$method") ) { 825 826 827 $abstraction_file = ABSPATH . 'wp-admin/includes/class-wp-filesystem-' . $method . '.php'; 828 829 // Include the correct file for the Direct_* subclasses 830 if ( in_array( $method, array( 'direct_groupwritable', 'direct_worldwritable' ) ) ) { 831 $abstraction_file = ABSPATH . 'wp-admin/includes/class-wp-filesystem-direct.php'; 832 } 833 826 834 /** 827 835 * Filter the path for a specific filesystem method class file. 828 836 * 829 837 * @since 2.6.0 830 838 * 831 839 * @see get_filesystem_method() 832 840 * 833 841 * @param string $path Path to the specific filesystem method class file. 834 842 * @param string $method The filesystem method to use. 835 843 */ 836 $abstraction_file = apply_filters( 'filesystem_method_file', ABSPATH . 'wp-admin/includes/class-wp-filesystem-' . $method . '.php', $method );844 $abstraction_file = apply_filters( 'filesystem_method_file', $abstraction_file, $method ); 837 845 838 846 if ( ! file_exists($abstraction_file) ) 839 847 return; 840 848 841 849 require_once($abstraction_file); 842 850 } 843 851 $method = "WP_Filesystem_$method"; 844 852 845 853 $wp_filesystem = new $method($args); 846 854 847 855 //Define the timeouts for the connections. Only available after the construct is called to allow for per-transport overriding of the default. 848 856 if ( ! defined('FS_CONNECT_TIMEOUT') ) 849 857 define('FS_CONNECT_TIMEOUT', 30); 850 858 if ( ! defined('FS_TIMEOUT') ) 851 859 define('FS_TIMEOUT', 30); 852 860 853 861 if ( is_wp_error($wp_filesystem->errors) && $wp_filesystem->errors->get_error_code() ) 854 862 return false; 855 863 856 864 if ( !$wp_filesystem->connect() ) 857 865 return false; //There was an error connecting to the server. 858 866 859 867 // Set the permission constants if not already set. 860 if ( ! defined('FS_CHMOD_DIR') ) 861 define('FS_CHMOD_DIR', ( fileperms( ABSPATH ) & 0777 | 0755 ) ); 862 if ( ! defined('FS_CHMOD_FILE') ) 863 define('FS_CHMOD_FILE', ( fileperms( ABSPATH . 'index.php' ) & 0777 | 0644 ) ); 868 if ( ! defined('FS_CHMOD_DIR') ) { 869 define( 'FS_CHMOD_DIR', ( fileperms( ABSPATH ) & 0777 | $wp_filesystem->default_minimum_chmod_dir ) ); 870 } 871 872 if ( ! defined('FS_CHMOD_FILE') ) { 873 define( 'FS_CHMOD_FILE', ( fileperms( ABSPATH . 'index.php' ) & 0777 | $wp_filesystem->default_minimum_chmod_file ) ); 874 } 864 875 865 876 return true; 866 877 } 867 878 868 879 /** 869 880 * Determines which Filesystem Method to use. 870 881 * The priority of the Transports are: Direct, SSH2, FTP PHP Extension, FTP Sockets (Via Sockets class, or fsockopen()) 871 882 * 872 883 * Note that the return value of this function can be overridden in 2 ways 873 884 * - By defining FS_METHOD in your <code>wp-config.php</code> file 874 885 * - By using the filesystem_method filter 875 886 * Valid values for these are: 'direct', 'ssh2', 'ftpext' or 'ftpsockets' 876 887 * Plugins may also define a custom transport handler, See the WP_Filesystem function for more information. 877 888 * 878 889 * @since 2.5.0 879 890 * 880 891 * @param array $args Connection details. 881 892 * @param string $context Full path to the directory that is tested for being writable. 893 * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable. 882 894 * @return string The transport to use, see description for valid return values. 883 895 */ 884 function get_filesystem_method( $args = array(), $context = false) {896 function get_filesystem_method( $args = array(), $context = false, $allow_relaxed_file_ownership = false ) { 885 897 $method = defined('FS_METHOD') ? FS_METHOD : false; // Please ensure that this is either 'direct', 'ssh2', 'ftpext' or 'ftpsockets' 886 898 887 if ( ! $method && function_exists('getmyuid') && function_exists('fileowner') ){888 if ( !$context ) 899 if ( ! $method ) { 900 if ( !$context ) { 889 901 $context = WP_CONTENT_DIR; 902 } 890 903 891 904 // If the directory doesn't exist (wp-content/languages) then use the parent directory as we'll create it. 892 if ( WP_LANG_DIR == $context && ! is_dir( $context ) ) 905 if ( WP_LANG_DIR == $context && ! is_dir( $context ) ) { 893 906 $context = dirname( $context ); 907 } 894 908 895 909 $context = trailingslashit($context); 910 896 911 $temp_file_name = $context . 'temp-write-test-' . time(); 897 912 $temp_handle = @fopen($temp_file_name, 'w'); 898 913 if ( $temp_handle ) { 899 if ( getmyuid() == @fileowner($temp_file_name) ) 914 /** 915 * getmyuid() will return the User ID of the current script, equiv to fileowner( __FILE__ ). 916 * getmygid() will return the Group ID of the current script, equiv to filegroup( __FILE__ ). 917 * 918 * The below tests are used to select the appropriate WP_Filesystem_* class, allowing for 919 * created files to be owned by the correct user. If no new files are being created, then 920 * group / world writable is enough to modify core files. 921 */ 922 923 $owner_writable_functions_exist = function_exists('getmyuid') && function_exists('fileowner'); 924 $group_writable_functions_exist = function_exists('getmygid') && function_exists('filegroup'); 925 926 if ( $owner_writable_functions_exist && getmyuid() == @fileowner( $temp_file_name ) ) { 900 927 $method = 'direct'; 928 } elseif ( $allow_relaxed_file_ownership && $group_writable_functions_exist && getmygid() === @filegroup( $temp_file_name ) ) { 929 $method = 'direct_groupwritable'; 930 } elseif ( $allow_relaxed_file_ownership ) { 931 // wp_is_writable( $context ) is assumed based on fopen() suceeding. 932 $method = 'direct_worldwritable'; 933 } 901 934 @fclose($temp_handle); 902 935 @unlink($temp_file_name); 903 936 } 904 937 } 905 938 906 939 if ( ! $method && isset($args['connection_type']) && 'ssh' == $args['connection_type'] && extension_loaded('ssh2') && function_exists('stream_get_contents') ) $method = 'ssh2'; 907 940 if ( ! $method && extension_loaded('ftp') ) $method = 'ftpext'; 908 941 if ( ! $method && ( extension_loaded('sockets') || function_exists('fsockopen') ) ) $method = 'ftpsockets'; //Sockets: Socket extension; PHP Mode: FSockopen / fwrite / fread 909 942 910 943 /** 911 944 * Filter the filesystem method to use. 912 945 * 913 946 * @since 2.6.0 914 947 * 915 948 * @param string $method Filesystem method to return. … … 921 954 /** 922 955 * Displays a form to the user to request for their FTP/SSH details in order to connect to the filesystem. 923 956 * All chosen/entered details are saved, Excluding the Password. 924 957 * 925 958 * Hostnames may be in the form of hostname:portnumber (eg: wordpress.org:2467) to specify an alternate FTP/SSH port. 926 959 * 927 960 * Plugins may override this form by returning true|false via the <code>request_filesystem_credentials</code> filter. 928 961 * 929 962 * @since 2.5.0 930 963 * 931 964 * @param string $form_post the URL to post the form to 932 965 * @param string $type the chosen Filesystem method in use 933 966 * @param boolean $error if the current request has failed to connect 934 967 * @param string $context The directory which is needed access to, The write-test will be performed on this directory by get_filesystem_method() 935 968 * @param string $extra_fields Extra POST fields which should be checked for to be included in the post. 969 * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable. 936 970 * @return boolean False on failure. True on success. 937 971 */ 938 function request_filesystem_credentials($form_post, $type = '', $error = false, $context = false, $extra_fields = null ) {972 function request_filesystem_credentials($form_post, $type = '', $error = false, $context = false, $extra_fields = null, $allow_relaxed_file_ownership = false ) { 939 973 940 974 /** 941 975 * Filter the filesystem credentials form output. 942 976 * 943 977 * Returning anything other than an empty string will effectively short-circuit 944 978 * output of the filesystem credentials form, returning that value instead. 945 979 * 946 980 * @since 2.5.0 947 981 * 948 982 * @param mixed $output Form output to return instead. Default empty. 949 983 * @param string $form_post URL to POST the form to. 950 984 * @param string $type Chosen type of filesystem. 951 985 * @param bool $error Whether the current request has failed to connect. 952 986 * Default false. 953 987 * @param string $context Full path to the directory that is tested for 954 988 * being writable. 989 * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable. 955 990 * @param array $extra_fields Extra POST fields. 956 991 */ 957 $req_cred = apply_filters( 'request_filesystem_credentials', '', $form_post, $type, $error, $context, $extra_fields );992 $req_cred = apply_filters( 'request_filesystem_credentials', '', $form_post, $type, $error, $context, $extra_fields, $allow_relaxed_file_ownership ); 958 993 if ( '' !== $req_cred ) 959 994 return $req_cred; 960 995 961 if ( empty($type) ) 962 $type = get_filesystem_method(array(), $context); 996 if ( empty($type) ) { 997 $type = get_filesystem_method( array(), $context, $allow_relaxed_file_ownership ); 998 } 963 999 964 if ( 'direct' == $type )1000 if ( in_array( $type, array( 'direct', 'direct_groupwritable', 'direct_worldwritable' ) ) ) { 965 1001 return true; 1002 } 966 1003 967 1004 if ( is_null( $extra_fields ) ) 968 1005 $extra_fields = array( 'version', 'locale' ); 969 1006 970 1007 $credentials = get_option('ftp_credentials', array( 'hostname' => '', 'username' => '')); 971 1008 972 1009 // If defined, set it to that, Else, If POST'd, set it to that, If not, Set it to whatever it previously was(saved details in option) 973 1010 $credentials['hostname'] = defined('FTP_HOST') ? FTP_HOST : (!empty($_POST['hostname']) ? wp_unslash( $_POST['hostname'] ) : $credentials['hostname']); 974 1011 $credentials['username'] = defined('FTP_USER') ? FTP_USER : (!empty($_POST['username']) ? wp_unslash( $_POST['username'] ) : $credentials['username']); 975 1012 $credentials['password'] = defined('FTP_PASS') ? FTP_PASS : (!empty($_POST['password']) ? wp_unslash( $_POST['password'] ) : ''); 976 1013 977 1014 // Check to see if we are setting the public/private keys for ssh 978 1015 $credentials['public_key'] = defined('FTP_PUBKEY') ? FTP_PUBKEY : (!empty($_POST['public_key']) ? wp_unslash( $_POST['public_key'] ) : ''); 979 1016 $credentials['private_key'] = defined('FTP_PRIKEY') ? FTP_PRIKEY : (!empty($_POST['private_key']) ? wp_unslash( $_POST['private_key'] ) : ''); 980 1017 -
src/wp-includes/update.php
130 130 return false; 131 131 132 132 $offers = $body['offers']; 133 133 134 134 foreach ( $offers as &$offer ) { 135 135 foreach ( $offer as $offer_key => $value ) { 136 136 if ( 'packages' == $offer_key ) 137 137 $offer['packages'] = (object) array_intersect_key( array_map( 'esc_url', $offer['packages'] ), 138 138 array_fill_keys( array( 'full', 'no_content', 'new_bundled', 'partial', 'rollback' ), '' ) ); 139 139 elseif ( 'download' == $offer_key ) 140 140 $offer['download'] = esc_url( $value ); 141 141 else 142 142 $offer[ $offer_key ] = esc_html( $value ); 143 143 } 144 144 $offer = (object) array_intersect_key( $offer, array_fill_keys( array( 'response', 'download', 'locale', 145 'packages', 'current', 'version', 'php_version', 'mysql_version', 'new_bundled', 'partial_version', 'notify_email', 'support_email' ), '' ) );145 'packages', 'current', 'version', 'php_version', 'mysql_version', 'new_bundled', 'partial_version', 'notify_email', 'support_email', 'new_files' ), '' ) ); 146 146 } 147 147 148 148 $updates = new stdClass(); 149 149 $updates->updates = $offers; 150 150 $updates->last_checked = time(); 151 151 $updates->version_checked = $wp_version; 152 152 153 153 if ( isset( $body['translations'] ) ) 154 154 $updates->translations = $body['translations']; 155 155 156 156 set_site_transient( 'update_core', $updates ); 157 157 158 158 if ( ! empty( $body['ttl'] ) ) { 159 159 $ttl = (int) $body['ttl']; 160 160 if ( $ttl && ( time() + $ttl < wp_next_scheduled( 'wp_version_check' ) ) ) {