Make WordPress Core

Changeset 48087


Ignore:
Timestamp:
06/18/2020 09:38:51 PM (4 years ago)
Author:
whyisjake
Message:

Privacy: Use relative paths for exported personal data.

Ensures back-compat while moving to paths off of the /exports directory.

Fixes: #44038.

Props: allendav, mrTall, desrosj, garrett-eclipse, cameronamcintyre, nmenescardi, xkon, whyisjake.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/privacy-tools.php

    r47279 r48087  
    469469     * via email.
    470470     */
    471     $error            = false;
     471    $error = false;
     472
     473    // This postmeta is used from version 5.4.
     474    $archive_filename = get_post_meta( $request_id, '_export_file_name', true );
     475
     476    // These are used for backwards compatibility.
    472477    $archive_url      = get_post_meta( $request_id, '_export_file_url', true );
    473478    $archive_pathname = get_post_meta( $request_id, '_export_file_path', true );
    474479
    475     if ( empty( $archive_pathname ) || empty( $archive_url ) ) {
    476         $archive_filename = $file_basename . '.zip';
     480    // If archive_filename exists make sure to remove  deprecated postmeta.
     481    if ( ! empty( $archive_filename ) ) {
    477482        $archive_pathname = $exports_dir . $archive_filename;
    478483        $archive_url      = $exports_url . $archive_filename;
    479484
    480         update_post_meta( $request_id, '_export_file_url', $archive_url );
    481         update_post_meta( $request_id, '_export_file_path', wp_normalize_path( $archive_pathname ) );
     485        // Remove the deprecated postmeta.
     486        delete_post_meta( $request_id, '_export_file_url' );
     487        delete_post_meta( $request_id, '_export_file_path' );
     488    } elseif ( ! empty( $archive_pathname ) ) {
     489        // Check if archive_pathname exists create the new postmeta and remove the deprecated.
     490
     491        $archive_filename = basename( $archive_pathname );
     492        $archive_url      = $exports_url . $archive_filename;
     493
     494        // Add the new postmeta that is used since version 5.4.
     495        update_post_meta( $request_id, '_export_file_name', wp_normalize_path( $archive_filename ) );
     496
     497        // Remove the deprecated postmeta.
     498        delete_post_meta( $request_id, '_export_file_url' );
     499        delete_post_meta( $request_id, '_export_file_path' );
     500    } else {
     501        // If there's no archive_filename or archive_pathname create a new one.
     502        $archive_filename = $file_basename . '.zip';
     503        $archive_url      = $exports_url . $archive_filename;
     504        $archive_pathname = $exports_dir . $archive_filename;
     505
     506        // Add the new postmeta that is used since version 5.4.
     507        update_post_meta( $request_id, '_export_file_name', wp_normalize_path( $archive_filename ) );
     508
     509        // Remove the deprecated postmeta.
     510        delete_post_meta( $request_id, '_export_file_url' );
     511        delete_post_meta( $request_id, '_export_file_path' );
    482512    }
    483513
     
    540570    $request = wp_get_user_request( $request_id );
    541571
     572    // Get the export file URL.
     573    $exports_url      = wp_privacy_exports_url();
     574    $export_file_name = get_post_meta( $request_id, '_export_file_name', true );
     575
    542576    if ( ! $request || 'export_personal_data' !== $request->action_name ) {
    543577        return new WP_Error( 'invalid_request', __( 'Invalid request ID when sending personal data export email.' ) );
     
    557591    $expiration_date = date_i18n( get_option( 'date_format' ), time() + $expiration );
    558592
    559     $export_file_url = get_post_meta( $request_id, '_export_file_url', true );
     593    $export_file_url = $exports_url . $export_file_name;
    560594    $site_name       = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
    561595    $site_url        = home_url();
     
    821855    } else {
    822856        // Modify the response to include the URL of the export file so the browser can fetch it.
    823         $export_file_url = get_post_meta( $request_id, '_export_file_url', true );
     857        $exports_url      = wp_privacy_exports_url();
     858        $export_file_name = get_post_meta( $request_id, '_export_file_name', true );
     859        $export_file_url  = $exports_url . $export_file_name;
     860
    824861        if ( ! empty( $export_file_url ) ) {
    825862            $response['url'] = $export_file_url;
Note: See TracChangeset for help on using the changeset viewer.