WordPress.org

Make WordPress Core


Ignore:
Timestamp:
09/09/2013 02:42:52 AM (7 years ago)
Author:
dd32
Message:

WP_Filesystem: Ensure that all files are read/written correctly by verifying the return values from fwrite() and using FTP_BINARY mode (ASCII converts line endings as per the spec). See #25237

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-wp-filesystem-ftpext.php

    r21223 r25304  
    8989    }
    9090
    91     function get_contents($file, $type = '', $resumepos = 0 ) {
    92         if ( empty($type) )
    93             $type = FTP_BINARY;
    94 
     91    function get_contents( $file ) {
    9592        $tempfile = wp_tempnam($file);
    9693        $temp = fopen($tempfile, 'w+');
     
    9996            return false;
    10097
    101         if ( ! @ftp_fget($this->link, $temp, $file, $type, $resumepos) )
     98        if ( ! @ftp_fget($this->link, $temp, $file, FTP_BINARY ) )
    10299            return false;
    103100
     
    118115    function put_contents($file, $contents, $mode = false ) {
    119116        $tempfile = wp_tempnam($file);
    120         $temp = fopen($tempfile, 'w+');
     117        $temp = fopen( $tempfile, 'wb+' );
    121118        if ( ! $temp )
    122119            return false;
    123120
    124         fwrite($temp, $contents);
    125         fseek($temp, 0); //Skip back to the start of the file being written to
    126 
    127         $type = $this->is_binary($contents) ? FTP_BINARY : FTP_ASCII;
    128         $ret = @ftp_fput($this->link, $file, $temp, $type);
     121        $bytes_written = fwrite( $temp, $contents );
     122        if ( false === $bytes_written || $bytes_written != strlen( $contents ) ) {
     123            fclose( $temp );
     124            unlink( $tempfile );
     125            return false;
     126        }
     127
     128        fseek( $temp, 0 ); // Skip back to the start of the file being written to
     129
     130        $ret = @ftp_fput( $this->link, $file, $temp, FTP_BINARY );
    129131
    130132        fclose($temp);
     
    188190            return false;
    189191        $content = $this->get_contents($source);
    190         if ( false === $content)
     192        if ( false === $content )
    191193            return false;
    192194        return $this->put_contents($destination, $content, $mode);
Note: See TracChangeset for help on using the changeset viewer.