Changeset 55720 for trunk/src/wp-admin/includes/class-wp-upgrader.php

Timestamp:

05/04/2023 02:34:58 AM (12 months ago)

Author:

SergeyBiryukov

Message:

Upgrade/Install: Create a temporary backup of plugins and themes before updating.

This aims to make the update process more reliable and ensures that if a plugin or theme update fails, the previous version can be safely restored.

• When updating a plugin or theme, the old version is moved to a temporary backup directory:
  • wp-content/upgrade-temp-backup/plugins/[plugin-slug] for plugins
  • wp-content/upgrade-temp-backup/themes/[theme-slug] for themes.

• If the update fails, then the backup kept in the temporary backup directory is restored to its original location.
• If the update succeeds, the temporary backup is deleted.

To further help troubleshoot plugin and theme updates, two new checks were added to the Site Health screen:

• A check to make sure that the upgrade-temp-backup directory is writable.
• A check that there is enough disk space available to safely perform updates.

To avoid confusion: The temporary backup directory will NOT be used to “roll back” a plugin to a previous version after a completed update. This directory will simply contain a transient backup of the previous version of a plugin or theme being updated, and as soon as the update process finishes, the directory will be empty.

Follow-up to [55204], [55220].

Props afragen, costdev, pbiron, azaozz, hellofromTonya, aristath, peterwilsoncc, TJNowell, bronsonquick, Clorith, dd32, poena, TimothyBlynJacobs, audrasjb, mikeschroder, a2hosting, KZeni, galbaras, richards1052, Boniu91, mai21, francina, TobiasBg, desrosj, noisysocks, johnbillion, dlh, chaion07, davidbaumwald, jrf, thisisyeasin, ignatggeorgiev, SergeyBiryukov.
Fixes #51857.

File:

• trunk/src/wp-admin/includes/class-wp-upgrader.php (modified) (9 diffs)

trunk/src/wp-admin/includes/class-wp-upgrader.php

@@ -114 +114 @@
 
     /**
+     * Stores the list of plugins or themes added to temporary backup directory.
+     *
+     * Used by the rollback functions.
+     *
+     * @since 6.3.0
+     * @var array
+     */
+    private $temp_backups = array();
+
+    /**
+     * Stores the list of plugins or themes to be restored from temporary backup directory.
+     *
+     * Used by the rollback functions.
+     *
+     * @since 6.3.0
+     * @var array
+     */
+    private $temp_restores = array();
+
+    /**
      * Construct the upgrader with a skin.
      *
@@ -135 +155 @@
      * and also add the generic strings to `WP_Upgrader::$strings`.
      *
+     * Additionally, it will schedule a weekly task to clean up the temporary backup directory.
+     *
      * @since 2.8.0
+     * @since 6.3.0 Added the `schedule_temp_backup_cleanup()` task.
      */
     public function init() {
         $this->skin->set_upgrader( $this );
         $this->generic_strings();
+
+        if ( ! wp_installing() ) {
+            $this->schedule_temp_backup_cleanup();
+        }
+    }
+
+    /**
+     * Schedules the cleanup of the temporary backup directory.
+     *
+     * @since 6.3.0
+     */
+    protected function schedule_temp_backup_cleanup() {
+        if ( false === wp_next_scheduled( 'wp_delete_temp_updater_backups' ) ) {
+            wp_schedule_event( time(), 'weekly', 'wp_delete_temp_updater_backups' );
+        }
     }
 
@@ -168 +206 @@
         $this->strings['maintenance_start'] = __( 'Enabling Maintenance mode…' );
         $this->strings['maintenance_end']   = __( 'Disabling Maintenance mode…' );
+
+        /* translators: %s: upgrade-temp-backup */
+        $this->strings['temp_backup_mkdir_failed'] = sprintf( __( 'Could not create the %s directory.' ), 'upgrade-temp-backup' );
+        /* translators: %s: upgrade-temp-backup */
+        $this->strings['temp_backup_move_failed'] = sprintf( __( 'Could not move the old version to the %s directory.' ), 'upgrade-temp-backup' );
+        /* translators: %s: The plugin or theme slug. */
+        $this->strings['temp_backup_restore_failed'] = __( 'Could not restore the original version of %s.' );
+        /* translators: %s: The plugin or theme slug. */
+        $this->strings['temp_backup_delete_failed'] = __( 'Could not delete the temporary backup directory for %s.' );
     }
 
@@ -309 +356 @@
         $this->skin->feedback( 'unpack_package' );
 
+        if ( ! $wp_filesystem->wp_content_dir() ) {
+            return new WP_Error( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] );
+        }
+
         $upgrade_folder = $wp_filesystem->wp_content_dir() . 'upgrade/';
 
@@ -533 +584 @@
         if ( is_wp_error( $source ) ) {
             return $source;
+        }
+
+        if ( ! empty( $args['hook_extra']['temp_backup'] ) ) {
+            $temp_backup = $this->move_to_temp_backup_dir( $args['hook_extra']['temp_backup'] );
+
+            if ( is_wp_error( $temp_backup ) ) {
+                return $temp_backup;
+            }
+
+            $this->temp_backups[] = $args['hook_extra']['temp_backup'];
         }
 
@@ -615 +676 @@
         }
 
-        // Clear the working folder?
+        // Clear the working directory?
         if ( $args['clear_working'] ) {
             $wp_filesystem->delete( $remote_source, true );
@@ -828 +889 @@
 
         $this->skin->set_result( $result );
+
         if ( is_wp_error( $result ) ) {
+            if ( ! empty( $options['hook_extra']['temp_backup'] ) ) {
+                $this->temp_restores[] = $options['hook_extra']['temp_backup'];
+
+                /*
+                 * Restore the backup on shutdown.
+                 * Actions running on `shutdown` are immune to PHP timeouts,
+                 * so in case the failure was due to a PHP timeout,
+                 * it will still be able to properly restore the previous version.
+                 */
+                add_action( 'shutdown', array( $this, 'restore_temp_backup' ) );
+            }
             $this->skin->error( $result );
 
@@ -840 +913 @@
 
         $this->skin->after();
+
+        // Clean up the backup kept in the temporary backup directory.
+        if ( ! empty( $options['hook_extra']['temp_backup'] ) ) {
+            // Delete the backup on `shutdown` to avoid a PHP timeout.
+            add_action( 'shutdown', array( $this, 'delete_temp_backup' ), 100, 0 );
+        }
 
         if ( ! $options['is_multi'] ) {
@@ -967 +1046 @@
         return delete_option( $lock_name . '.lock' );
     }
+
+    /**
+     * Moves the plugin or theme being updated into a temporary backup directory.
+     *
+     * @since 6.3.0
+     *
+     * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
+     *
+     * @param string[] $args {
+     *     Array of data for the temporary backup.
+     *
+     *     @type string $slug Plugin or theme slug.
+     *     @type string $src  Path to the root directory for plugins or themes.
+     *     @type string $dir  Destination subdirectory name. Accepts 'plugins' or 'themes'.
+     * }
+     *
+     * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error.
+     */
+    public function move_to_temp_backup_dir( $args ) {
+        global $wp_filesystem;
+
+        if ( empty( $args['slug'] ) || empty( $args['src'] ) || empty( $args['dir'] ) ) {
+            return false;
+        }
+
+        /*
+         * Skip any plugin that has "." as its slug.
+         * A slug of "." will result in a `$src` value ending in a period.
+         *
+         * On Windows, this will cause the 'plugins' folder to be moved,
+         * and will cause a failure when attempting to call `mkdir()`.
+         */
+        if ( '.' === $args['slug'] ) {
+            return false;
+        }
+
+        if ( ! $wp_filesystem->wp_content_dir() ) {
+            return new WP_Error( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] );
+        }
+
+        $dest_dir = $wp_filesystem->wp_content_dir() . 'upgrade-temp-backup/';
+        $sub_dir  = $dest_dir . $args['dir'] . '/';
+
+        // Create the temporary backup directory if it does not exist.
+        if ( ! $wp_filesystem->is_dir( $sub_dir ) ) {
+            if ( ! $wp_filesystem->is_dir( $dest_dir ) ) {
+                $wp_filesystem->mkdir( $dest_dir, FS_CHMOD_DIR );
+            }
+
+            if ( ! $wp_filesystem->mkdir( $sub_dir, FS_CHMOD_DIR ) ) {
+                // Could not create the backup directory.
+                return new WP_Error( 'fs_temp_backup_mkdir', $this->strings['temp_backup_mkdir_failed'] );
+            }
+        }
+
+        $src_dir = $wp_filesystem->find_folder( $args['src'] );
+        $src     = trailingslashit( $src_dir ) . $args['slug'];
+        $dest    = $dest_dir . trailingslashit( $args['dir'] ) . $args['slug'];
+
+        // Delete the temporary backup directory if it already exists.
+        if ( $wp_filesystem->is_dir( $dest ) ) {
+            $wp_filesystem->delete( $dest, true );
+        }
+
+        // Move to the temporary backup directory.
+        $result = move_dir( $src, $dest, true );
+        if ( is_wp_error( $result ) ) {
+            return new WP_Error( 'fs_temp_backup_move', $this->strings['temp_backup_move_failed'] );
+        }
+
+        return true;
+    }
+
+    /**
+     * Restores the plugin or theme from temporary backup.
+     *
+     * @since 6.3.0
+     *
+     * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
+     *
+     * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error.
+     */
+    public function restore_temp_backup() {
+        global $wp_filesystem;
+
+        $errors = new WP_Error();
+
+        foreach ( $this->temp_restores as $args ) {
+            if ( empty( $args['slug'] ) || empty( $args['src'] ) || empty( $args['dir'] ) ) {
+                return false;
+            }
+
+            if ( ! $wp_filesystem->wp_content_dir() ) {
+                $errors->add( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] );
+                return $errors;
+            }
+
+            $src      = $wp_filesystem->wp_content_dir() . 'upgrade-temp-backup/' . $args['dir'] . '/' . $args['slug'];
+            $dest_dir = $wp_filesystem->find_folder( $args['src'] );
+            $dest     = trailingslashit( $dest_dir ) . $args['slug'];
+
+            if ( $wp_filesystem->is_dir( $src ) ) {
+                // Cleanup.
+                if ( $wp_filesystem->is_dir( $dest ) && ! $wp_filesystem->delete( $dest, true ) ) {
+                    $errors->add(
+                        'fs_temp_backup_delete',
+                        sprintf( $this->strings['temp_backup_restore_failed'], $args['slug'] )
+                    );
+                    continue;
+                }
+
+                // Move it.
+                $result = move_dir( $src, $dest, true );
+                if ( is_wp_error( $result ) ) {
+                    $errors->add(
+                        'fs_temp_backup_delete',
+                        sprintf( $this->strings['temp_backup_restore_failed'], $args['slug'] )
+                    );
+                    continue;
+                }
+            }
+        }
+
+        return $errors->has_errors() ? $errors : true;
+    }
+
+    /**
+     * Deletes a temporary backup.
+     *
+     * @since 6.3.0
+     *
+     * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
+     *
+     * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error.
+     */
+    public function delete_temp_backup() {
+        global $wp_filesystem;
+
+        $errors = new WP_Error();
+
+        foreach ( $this->temp_backups as $args ) {
+            if ( empty( $args['slug'] ) || empty( $args['dir'] ) ) {
+                return false;
+            }
+
+            if ( ! $wp_filesystem->wp_content_dir() ) {
+                $errors->add( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] );
+                return $errors;
+            }
+
+            $temp_backup_dir = $wp_filesystem->wp_content_dir() . "upgrade-temp-backup/{$args['dir']}/{$args['slug']}";
+
+            if ( ! $wp_filesystem->delete( $temp_backup_dir, true ) ) {
+                $errors->add(
+                    'temp_backup_delete_failed',
+                    sprintf( $this->strings['temp_backup_delete_failed'] ),
+                    $args['slug']
+                );
+                continue;
+            }
+        }
+
+        return $errors->has_errors() ? $errors : true;
+    }
 }