_unzip_file_ziparchive fails with open_basedir in effect
|Reported by:||tinuzz||Owned by:||dd32|
wp-admin/includes/file.php contains a function called _unzip_file_ziparchive, that is used -at least- for automatically upgrading plugins.
In this function, the list of needed directories, that it is passed as the third argument, is expanded, so that is contains all the parent directories of every needed directory, up to '/'.
After that, for each path component, starting with '/', an attempt to create it is made, and if that fails, its existence is checked with $wp_filesystem->is_dir().
Now, when FS_METHOD == "direct" and open_basedir is in effect, $wp_filesystem->is_dir('/') returns false, and it does this for every directory that is outside the open_basedir.
The result is, that the action fails with the message "Could not create directory. /".
I think that Wordpress should not try and create directories /above/ its own installation directory. Wordpress trying to do mkdir('/') is juist plain stupid.
A check should be implemented so that Wordpress will only attempt to create directories /below/ WP_CONTENT_DIR.