WordPress.org

Make WordPress Core

Changeset 18618


Ignore:
Timestamp:
08/28/11 15:02:48 (4 years ago)
Author:
dd32
Message:

First slice of rejecting invalid Plugin and Theme zip uploads (Incompatible file structure, not containing a Plugin/Theme, etc). See #14999

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/class-wp-upgrader.php

    r18617 r18618  
    5353        $this->strings['folder_exists'] = __('Destination folder already exists.'); 
    5454        $this->strings['mkdir_failed'] = __('Could not create directory.'); 
    55         $this->strings['bad_package'] = __('Incompatible Archive.'); 
     55        $this->strings['incompatible_archive'] = __('The package is corrupt or not in the correct format.'); 
    5656 
    5757        $this->strings['maintenance_start'] = __('Enabling Maintenance mode…'); 
     
    154154        if ( is_wp_error($result) ) { 
    155155            $wp_filesystem->delete($working_dir, true); 
     156            if ( 'incompatible_archive' == $result->get_error_code() ) { 
     157                return new WP_Error( 'incompatible_archive', $this->strings['incompatible_archive'], $result->get_error_data() ); 
     158            } 
    156159            return $result; 
    157160        } 
     
    191194            $source = trailingslashit($source) . trailingslashit($source_files[0]); 
    192195        elseif ( count($source_files) == 0 ) 
    193             return new WP_Error('bad_package', $this->strings['bad_package']); //There are no files? 
     196            return new WP_Error('incompatible_archive', $this->strings['incompatible_archive']); //There are no files? 
    194197        //else //Its only a single file, The upgrader will use the foldername of this file as the destination folder. foldername is based on zip filename. 
    195198 
     
    392395        $this->install_strings(); 
    393396 
     397        add_filter('upgrader_source_selection', array(&$this, 'check_package') ); 
     398 
    394399        $this->run(array( 
    395400                    'package' => $package, 
     
    399404                    'hook_extra' => array() 
    400405                    )); 
     406 
     407        remove_filter('upgrader_source_selection', array(&$this, 'check_package') ); 
    401408 
    402409        if ( ! $this->result || is_wp_error($this->result) ) 
     
    534541    } 
    535542 
     543    function check_package($source) { 
     544        global $wp_filesystem; 
     545 
     546        if ( is_wp_error($source) ) 
     547            return $source; 
     548 
     549        $working_directory = str_replace( $wp_filesystem->wp_content_dir(), trailingslashit(WP_CONTENT_DIR), $source); 
     550        if ( ! is_dir($working_directory) ) // Sanity check, if the above fails, lets not prevent installation. 
     551            return $source; 
     552 
     553        // Check the folder contains at least 1 valid plugin. 
     554        $plugins_found = false; 
     555        foreach ( glob( $working_directory . '*.php' ) as $file ) { 
     556            $info = get_plugin_data($file, false, false); 
     557            if ( !empty( $info['Name'] ) ) { 
     558                $plugins_found = true; 
     559                break; 
     560            } 
     561        } 
     562 
     563        if ( ! $plugins_found ) 
     564            return new WP_Error( 'incompatible_archive', $this->strings['incompatible_archive'] ); 
     565 
     566        return $source; 
     567    } 
     568 
    536569    //return plugin info. 
    537570    function plugin_info() { 
     
    636669        $this->install_strings(); 
    637670 
     671        add_filter('upgrader_source_selection', array(&$this, 'check_package') ); 
     672 
    638673        $options = array( 
    639674                        'package' => $package, 
     
    644679 
    645680        $this->run($options); 
     681 
     682        remove_filter('upgrader_source_selection', array(&$this, 'check_package') ); 
    646683 
    647684        if ( ! $this->result || is_wp_error($this->result) ) 
     
    687724        $this->run($options); 
    688725 
     726        remove_filter('upgrader_pre_install', array(&$this, 'current_before'), 10, 2); 
     727        remove_filter('upgrader_post_install', array(&$this, 'current_after'), 10, 2); 
     728        remove_filter('upgrader_clear_destination', array(&$this, 'delete_old_theme'), 10, 4); 
     729 
    689730        if ( ! $this->result || is_wp_error($this->result) ) 
    690731            return $this->result; 
     
    783824    } 
    784825 
     826    function check_package($source) { 
     827        global $wp_filesystem; 
     828 
     829        if ( is_wp_error($source) ) 
     830            return $source; 
     831 
     832        // Check the folder contains a valid theme 
     833        $working_directory = str_replace( $wp_filesystem->wp_content_dir(), trailingslashit(WP_CONTENT_DIR), $source); 
     834        if ( ! is_dir($working_directory) ) // Sanity check, if the above fails, lets not prevent installation. 
     835            return $source; 
     836 
     837        if ( ! file_exists( $working_directory . 'style.css' ) ) // A proper archive should have a style.css file in the single subdirectory 
     838            return new WP_Error( 'incompatible_archive', $this->strings['incompatible_archive'] ); 
     839 
     840        $info = get_theme_data( $working_directory . 'style.css' ); 
     841        if ( empty($info['Name']) ) 
     842            return new WP_Error( 'incompatible_archive', $this->strings['incompatible_archive'] ); 
     843 
     844        if ( empty($info['Template']) && ! file_exists( $working_directory . 'index.php' ) ) // If no template is set, it must have at least an index.php to be legit. 
     845            return new WP_Error( 'incompatible_archive', $this->strings['incompatible_archive'] ); 
     846 
     847        return $source; 
     848    } 
     849 
    785850    function current_before($return, $theme) { 
    786851 
     
    798863        return $return; 
    799864    } 
     865 
    800866    function current_after($return, $theme) { 
    801867        if ( is_wp_error($return) ) 
Note: See TracChangeset for help on using the changeset viewer.