Make WordPress Core

Ticket #38231: 38231.1.diff

File 38231.1.diff, 1.1 KB (added by psrpinto, 3 years ago)

Check return values and other improvements

  • src/wp-admin/includes/file.php

    diff --git src/wp-admin/includes/file.php src/wp-admin/includes/file.php
    index 98e0f4962c..38ec41fd92 100644
    function download_url( $url, $timeout = 300, $signature_verification = false ) { 
    11411141                return new WP_Error( 'http_404', trim( wp_remote_retrieve_response_message( $response ) ), $data );
    11421142        }
    11431143
     1144        $content_disposition = wp_remote_retrieve_header( $response, 'Content-Disposition' );
     1145        if ( ! empty( $content_disposition ) && 1 === preg_match( '/filename="([^ ]+)"/', $content_disposition, $matches ) ) {
     1146
     1147                $filename_from_header = wp_tempnam( $matches[1] );
     1148                if ( ! $filename_from_header ) {
     1149                        return new WP_Error( 'http_no_file', __( 'Could not create temporary file using Content-Disposition header' ) );
     1150                }
     1151
     1152                if ( ! rename( $tmpfname, $filename_from_header ) ) {
     1153                        unlink( $filename_from_header );
     1154                        return new WP_Error( 'http_no_file', __( 'Could not move temporary file' ) );
     1155                }
     1156
     1157                $tmpfname = $filename_from_header;
     1158        }
     1159
    11441160        $content_md5 = wp_remote_retrieve_header( $response, 'content-md5' );
    11451161
    11461162        if ( $content_md5 ) {