Make WordPress Core


Ignore:
Timestamp:
11/19/2014 05:39:52 AM (10 years ago)
Author:
dd32
Message:

Background Updates: Introduce support to take advantage of Group Writable (or World Writable) to Core Background updates.
This is only enabled when new files will not be installed during the update (as indicated by the WordPress.org API), and does not apply to Plugin/Theme/Translation Background Updates.

Additionally, the code to determine if the 'direct' filesystem transport should be used has been tweaked for wider support (where getmyuid() was unavailalbe) which fixes #10424

See #10205, #30245

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/file.php

    r30203 r30384  
    810810 * @param array $args (optional) Connection args, These are passed directly to the WP_Filesystem_*() classes.
    811811 * @param string $context (optional) Context for get_filesystem_method(), See function declaration for more information.
     812 * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable.
    812813 * @return null|boolean false on failure, true on success
    813814 */
    814 function WP_Filesystem( $args = false, $context = false ) {
     815function WP_Filesystem( $args = false, $context = false, $allow_relaxed_file_ownership = false ) {
    815816    global $wp_filesystem;
    816817
    817818    require_once(ABSPATH . 'wp-admin/includes/class-wp-filesystem-base.php');
    818819
    819     $method = get_filesystem_method($args, $context);
     820    $method = get_filesystem_method( $args, $context, $allow_relaxed_file_ownership );
    820821
    821822    if ( ! $method )
     
    880881 * @param array $args Connection details.
    881882 * @param string $context Full path to the directory that is tested for being writable.
     883 * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable.
    882884 * @return string The transport to use, see description for valid return values.
    883885 */
    884 function get_filesystem_method($args = array(), $context = false) {
     886function get_filesystem_method( $args = array(), $context = false, $allow_relaxed_file_ownership = false ) {
    885887    $method = defined('FS_METHOD') ? FS_METHOD : false; // Please ensure that this is either 'direct', 'ssh2', 'ftpext' or 'ftpsockets'
    886888
    887     if ( ! $method && function_exists('getmyuid') && function_exists('fileowner') ){
    888         if ( !$context )
    889             $context = WP_CONTENT_DIR;
    890 
    891         // If the directory doesn't exist (wp-content/languages) then use the parent directory as we'll create it.
    892         if ( WP_LANG_DIR == $context && ! is_dir( $context ) )
    893             $context = dirname( $context );
    894 
    895         $context = trailingslashit($context);
     889    if ( ! $context ) {
     890        $context = WP_CONTENT_DIR;
     891    }
     892
     893    // If the directory doesn't exist (wp-content/languages) then use the parent directory as we'll create it.
     894    if ( WP_LANG_DIR == $context && ! is_dir( $context ) ) {
     895        $context = dirname( $context );
     896    }
     897
     898    $context = trailingslashit( $context );
     899
     900    if ( ! $method ) {
     901
    896902        $temp_file_name = $context . 'temp-write-test-' . time();
    897903        $temp_handle = @fopen($temp_file_name, 'w');
    898904        if ( $temp_handle ) {
    899             if ( getmyuid() == @fileowner($temp_file_name) )
     905
     906            // Attempt to determine the file owner of the WordPress files, and that of newly created files
     907            $wp_file_owner = $temp_file_owner = false;
     908            if ( function_exists('fileowner') ) {
     909                $wp_file_owner = @fileowner( __FILE__ );
     910                $temp_file_owner = @fileowner( $temp_file_name );
     911            }
     912
     913            if ( $wp_file_owner !== false && $wp_file_owner === $temp_file_owner ) {
     914                // WordPress is creating files as the same owner as the WordPress files,
     915                // this means it's safe to modify & create new files via PHP.
    900916                $method = 'direct';
     917            } else if ( $allow_relaxed_file_ownership ) {
     918                // The $context directory is writable, and $allow_relaxed_file_ownership is set, this means we can modify files
     919                // safely in this directory. This mode doesn't create new files, only alter existing ones.
     920                $method = 'direct';
     921            }
     922
    901923            @fclose($temp_handle);
    902924            @unlink($temp_file_name);
     
    913935     * @since 2.6.0
    914936     *
    915      * @param string $method Filesystem method to return.
    916      * @param array  $args   An array of connection details for the method.
     937     * @param string $method  Filesystem method to return.
     938     * @param array  $args    An array of connection details for the method.
     939     * @param string $context Full path to the directory that is tested for being writable.
     940     * @param bool   $allow_relaxed_file_ownership Whether to allow Group/World writable.
    917941     */
    918     return apply_filters( 'filesystem_method', $method, $args );
     942    return apply_filters( 'filesystem_method', $method, $args, $context, $allow_relaxed_file_ownership );
    919943}
    920944
     
    934958 * @param string $context The directory which is needed access to, The write-test will be performed on this directory by get_filesystem_method()
    935959 * @param string $extra_fields Extra POST fields which should be checked for to be included in the post.
     960 * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable.
    936961 * @return boolean False on failure. True on success.
    937962 */
    938 function request_filesystem_credentials($form_post, $type = '', $error = false, $context = false, $extra_fields = null) {
     963function request_filesystem_credentials($form_post, $type = '', $error = false, $context = false, $extra_fields = null, $allow_relaxed_file_ownership = false ) {
    939964
    940965    /**
     
    953978     * @param string $context      Full path to the directory that is tested for
    954979     *                             being writable.
     980     * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable.
    955981     * @param array  $extra_fields Extra POST fields.
    956982     */
    957     $req_cred = apply_filters( 'request_filesystem_credentials', '', $form_post, $type, $error, $context, $extra_fields );
     983    $req_cred = apply_filters( 'request_filesystem_credentials', '', $form_post, $type, $error, $context, $extra_fields, $allow_relaxed_file_ownership );
    958984    if ( '' !== $req_cred )
    959985        return $req_cred;
    960986
    961     if ( empty($type) )
    962         $type = get_filesystem_method(array(), $context);
     987    if ( empty($type) ) {
     988        $type = get_filesystem_method( array(), $context, $allow_relaxed_file_ownership );
     989    }
    963990
    964991    if ( 'direct' == $type )
Note: See TracChangeset for help on using the changeset viewer.