Ticket #34562: 34562.diff
| File 34562.diff, 1.5 KB (added by , 8 years ago) |
|---|
-
src/wp-admin/includes/file.php
function wp_tempnam( $filename = '', $di 152 152 } 153 153 154 154 if ( empty( $filename ) || '.' == $filename || '/' == $filename ) { 155 155 $filename = time(); 156 156 } 157 157 158 158 // Use the basename of the given file without the extension as the name for the temporary directory 159 159 $temp_filename = basename( $filename ); 160 160 $temp_filename = preg_replace( '|\.[^.]*$|', '', $temp_filename ); 161 161 162 162 // If the folder is falsey, use its parent directory name instead. 163 163 if ( ! $temp_filename ) { 164 164 return wp_tempnam( dirname( $filename ), $dir ); 165 165 } 166 166 167 // Suffix some random data to avoid filename conflicts 168 $temp_filename .= '-' . wp_generate_password( 6, false ); 167 169 $temp_filename .= '.tmp'; 168 170 $temp_filename = $dir . wp_unique_filename( $dir, $temp_filename ); 169 touch( $temp_filename ); 171 172 $fp = @fopen( $temp_filename, 'x' ); 173 if ( ! $fp && is_writable( $dir ) && file_exists( $temp_filename ) ) { 174 return wp_tempnam( $filename, $dir ); 175 } 176 if ( $fp ) { 177 fclose( $fp ); 178 } 170 179 171 180 return $temp_filename; 172 181 } 173 182 174 183 /** 175 184 * Make sure that the file that was requested to edit, is allowed to be edited 176 185 * 177 186 * Function will die if if you are not allowed to edit the file 178 187 * 179 188 * @since 1.5.0 180 189 * 181 190 * @param string $file file the users is attempting to edit 182 191 * @param array $allowed_files Array of allowed files to edit, $file must match an entry exactly 183 192 * @return string|null 184 193 */