Make WordPress Core


Ignore:
Timestamp:
07/10/2020 06:06:46 AM (4 years ago)
Author:
whyisjake
Message:

Upgrade/Install: Ensure cleanup after canceled update.

Ensure that the uploaded zip is hidden from the media library, where a task will remove failed installs after two hours.

Fixes #50612.

Props psykro, desrosj, joyously, azaozz, noisysocks, whyisjake.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/update.php

    r48390 r48417  
    1717
    1818require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
     19
     20wp_enqueue_script( 'wp-a11y' );
    1921
    2022if ( isset( $_GET['action'] ) ) {
     
    175177        require_once ABSPATH . 'wp-admin/admin-footer.php';
    176178
     179    } elseif ( 'upload-plugin-cancel-overwrite' === $action ) {
     180        if ( ! current_user_can( 'upload_plugins' ) ) {
     181            wp_die( __( 'Sorry, you are not allowed to install plugins on this site.' ) );
     182        }
     183
     184        check_admin_referer( 'plugin-upload-cancel-overwrite' );
     185
     186        // Make sure the attachment still exists, or File_Upload_Upgrader will call wp_die()
     187        // that shows a generic "Please select a file" error.
     188        if ( ! empty( $_GET['package'] ) ) {
     189            $attachment_id = (int) $_GET['package'];
     190
     191            if ( get_post( $attachment_id ) ) {
     192                $file_upload = new File_Upload_Upgrader( 'pluginzip', 'package' );
     193                $file_upload->cleanup();
     194            }
     195        }
     196
     197        wp_redirect( self_admin_url( 'plugin-install.php' ) );
     198        exit;
    177199    } elseif ( 'upgrade-theme' === $action ) {
    178200
     
    298320        require_once ABSPATH . 'wp-admin/admin-footer.php';
    299321
     322    } elseif ( 'upload-theme-cancel-overwrite' === $action ) {
     323        if ( ! current_user_can( 'upload_themes' ) ) {
     324            wp_die( __( 'Sorry, you are not allowed to install themes on this site.' ) );
     325        }
     326
     327        check_admin_referer( 'theme-upload-cancel-overwrite' );
     328
     329        // Make sure the attachment still exists, or File_Upload_Upgrader will call wp_die()
     330        // that shows a generic "Please select a file" error.
     331        if ( ! empty( $_GET['package'] ) ) {
     332            $attachment_id = (int) $_GET['package'];
     333
     334            if ( get_post( $attachment_id ) ) {
     335                $file_upload = new File_Upload_Upgrader( 'themezip', 'package' );
     336                $file_upload->cleanup();
     337            }
     338        }
     339
     340        wp_redirect( self_admin_url( 'theme-install.php' ) );
     341        exit;
    300342    } else {
    301343        /**
Note: See TracChangeset for help on using the changeset viewer.