WordPress.org

Make WordPress Core

Changeset 41258


Ignore:
Timestamp:
08/16/17 21:58:12 (17 hours ago)
Author:
DrewAPicture
Message:

Filesystem: Introduce the pre_move_uploaded_file filter.

Passing a non-null value to the filter will prevent the uploaded file from being moved to the uploads directory for any of the functions leveraging _wp_handle_upload(), such as wp_handle_upload() or wp_handle_sideload().

Error reporting related to the file being moved will also be skipped.

Props ryan, Mte90.
Fixes #24603.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/file.php

    r41032 r41258  
    372372    // Move the file to the uploads dir. 
    373373    $new_file = $uploads['path'] . "/$filename"; 
    374     if ( 'wp_handle_upload' === $action ) { 
    375         $move_new_file = @ move_uploaded_file( $file['tmp_name'], $new_file ); 
    376     } else { 
    377         // use copy and unlink because rename breaks streams. 
    378         $move_new_file = @ copy( $file['tmp_name'], $new_file ); 
    379         unlink( $file['tmp_name'] ); 
    380     } 
    381  
    382     if ( false === $move_new_file ) { 
    383         if ( 0 === strpos( $uploads['basedir'], ABSPATH ) ) { 
    384             $error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir']; 
     374 
     375    /** 
     376     * Filters whether to short-circuit moving the uploaded file after passing all checks. 
     377     * 
     378     * If a non-null value is passed to the filter, moving the file and any related error 
     379     * reporting will be completely skipped. 
     380     * 
     381     * @since 4.9.0 
     382     * 
     383     * @param string $move_new_file If null (default) move the file after the upload. 
     384     * @param string $file          An array of data for a single file. 
     385     * @param string $new_file      Filename of the newly-uploaded file. 
     386     * @param string $type          File type. 
     387     */ 
     388    $move_new_file = apply_filters( 'pre_move_uploaded_file', null, $file, $new_file, $type ); 
     389 
     390    if ( null === $move_new_file ) { 
     391        if ( 'wp_handle_upload' === $action ) { 
     392            $move_new_file = @ move_uploaded_file( $file['tmp_name'], $new_file ); 
    385393        } else { 
    386             $error_path = basename( $uploads['basedir'] ) . $uploads['subdir']; 
    387         } 
    388         return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $error_path ) ); 
     394            // use copy and unlink because rename breaks streams. 
     395            $move_new_file = @ copy( $file['tmp_name'], $new_file ); 
     396            unlink( $file['tmp_name'] ); 
     397        } 
     398 
     399        if ( false === $move_new_file ) { 
     400            if ( 0 === strpos( $uploads['basedir'], ABSPATH ) ) { 
     401                $error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir']; 
     402            } else { 
     403                $error_path = basename( $uploads['basedir'] ) . $uploads['subdir']; 
     404            } 
     405            return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $error_path ) ); 
     406        } 
    389407    } 
    390408 
Note: See TracChangeset for help on using the changeset viewer.