#20778 closed enhancement (fixed)
get_temp_dir should use the system tmp directory as first choice
Reported by: | simonwheatley | Owned by: | dd32 |
---|---|---|---|
Milestone: | 3.5 | Priority: | normal |
Severity: | normal | Version: | 2.5 |
Component: | Filesystem API | Keywords: | has-patch commit |
Focuses: | Cc: |
Description
I believe WordPress should use the system tmp directory as first preference temp directory in get_temp_dir
if
WP_TEMP_DIR
, is not defined. It just seems… odd… to use
wp-content
in preference to the proper, managed, temp directory.
Some historical context on introducing get_temp_dir
: #5984
Attachments (5)
Change History (40)
#1
@
12 years ago
Agreed.
If WP_TEMP_DIR isn't defined, the first fallback should be sys_get_temp_dir(), not WP_CONTENT.
#2
@
12 years ago
I tracked down this history in IRC with simonwheatley. The original order was introduced in #5984 and made sense at the time, but in [14016] an is_writeable() check was added to the result of sys_get_temp_dir(), at which point the order stopped making sense.
It makes sense to first check sys_get_temp_dir() as long as we are still keeping the is_writeable().
#4
@
12 years ago
Does it make sense to use WP_CONTENT_DIR in preference to upload_tmp_dir here? I'd have thought that WP_CONTENT_DIR should be relegated to the absolute last preference?
#6
@
12 years ago
- Milestone changed from Awaiting Review to 3.5
I agree, seems like WP_CONTENT_DIR should go last.
#7
@
12 years ago
- Cc kurtpayne added
Patch updated with:
- Put WP_CONTENT_DIR last
- Use win_is_writable when host system is windows
- Don't save sys_get_temp_dir to static $temp var until it passes the is_writable check
#8
@
12 years ago
Is win_is_writable() needed anymore? Seems like the ACL issues have been fixed since 5.0.x.
#9
@
12 years ago
The comments on this bug don't inspire confidence.
Official view on this problem is "wont fix", since we lack the time and inclination to mess with NT security API (it's an ugly beast), but would accept a patch that implements it.
#11
follow-up:
↓ 12
@
12 years ago
- Status changed from assigned to accepted
I completely agree with switching the priorities here, however, the latest patch has a small logic error in the case of win_is_writable().
If win_is_writable() is designed to work around cases where is_writable() returns true when it can't actually write to a directory, the current logic goes as follows:
If ( ( is windows AND windows is writable ) OR is writable )
On affected windows hosts that would boil down to If ( ( 1 AND 0 ) OR 1 )
I'm not sure I understand the want to avoid writing to the $temp
variable, as if a path that can't be written to is stored in it, It'll be overwritten by the next location test anyway, and failing all tests, overwritten with /tmp/
. Micro-optimizations definitely isn't needed here, so that just seems to increase the complexity of the function.
I haven't tested on a Windows environment with ACL's in place yet, but attached is my take on the patch, Anyone see anything wrong with this approach?
#12
in reply to:
↑ 11
@
12 years ago
Replying to dd32:
Anyone see anything wrong with this approach?
The logic in the patch makes sense to me.
#15
@
12 years ago
- Cc knut@… added
+1
wp-content easily becomes polluted by uploaded zip files from an upload that didn't complete (zip file not extracted and installed). They have to be deleted manually. This should not happen.
#16
follow-up:
↓ 17
@
12 years ago
+1 wp-content easily becomes polluted by uploaded zip files from an upload that didn't complete (zip file not extracted and installed).
That sounds like a separate bug that should be reported if you can reliably duplicate it, the uploaded files should always be cleaned up (Only case I can think of right now would be a fatal or similar during the installation process).
Thanks for the sanity checks, I'll commit this later on
#17
in reply to:
↑ 16
@
12 years ago
Replying to dd32:
That sounds like a separate bug that should be reported if you can reliably duplicate it, the uploaded files should always be cleaned up (Only case I can think of right now would be a fatal or similar during the installation process).
I think it happens when there is a request timeout. The file, or part of the file, is uploaded, but then the process aborts. If this file is just left in a temp dir, then there is no fixable WordPress bug involved.
#18
@
12 years ago
Tested OK on a Windows 7 box..
However, is_writable() works as expected for me on windows 7 with PHP 5.4.4, Denying write causes is_writable to return false, Allowing Write but not Delete causes both is_writable() and is_win_writable() to return true (although the latter makes a PHP Warning (Unable to delete the test file)). I'd be interested in finding the configurations which cause it to fail..
win_is_writable() will also need to move from wp-admin/includes/misc.php to wp-includes/functions.php, although core doesn't use get_temp_dir() outside of the admin, if it's available to plugins so it should work.
#21
@
12 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
It seems it is broken on Mac OS since a lot of unit tests are broken now. Somehow /private/ got added.
#22
@
12 years ago
- Resolution set to fixed
- Status changed from reopened to closed
Looks like this is only happening because the test in question is realpath()ing the result.
Working with kurtpayne to fix the test.
#23
follow-up:
↓ 24
@
12 years ago
Looks like this is only happening because the test in question is realpath()ing the result.
That sounds like something that someone would do to work around symlinks or something.
I'll also note this here, I am somewhat unconvinced that we *actually* need to use win_is_writable()
at all in core, however, I'm unsure of the latest PHP version which is affected by the bugs which require it's use (I would not be surprised if PHP 5.2 is affected, while 5.3/5.4 are not).
Since this change means that a system directory outside of the normal web directories may be used, I thought it was the safest bet to use win_is_writable()
to prevent any edge cases. A new ticket will need to circle back on it, but I'd really like to define the conditions which make it needed.
#24
in reply to:
↑ 23
@
12 years ago
Replying to dd32:
Looks like this is only happening because the test in question is realpath()ing the result.
The code in the #6821 patch is using realpath()
. The test wasn't. On OS X, the /tmp folder is linked to /private/tmp and it was causing a mismatch on the assertion. The test was updated to call realpath()
on both the $acutal
an $expected
before the assertion.
#25
@
12 years ago
- Keywords commit removed
- Resolution fixed deleted
- Status changed from closed to reopened
Not sure if we want to fix it, but through the change a warning appears on updates.
Warning: is_dir() [function.is-dir]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): ( /var/www/web39/html/: /var/www/web39/phptmp/: /var/www/web39/files/: /var/www/web39/atd/ ) in /var/www/web39/html/wp-includes/functions.php on line 1394
See #12866 for background. Patch uses @is_dir
.
#26
@
12 years ago
- Keywords commit added
Yup, we should fix warnings like that from safemode. It looks like that should be the only directory which needs the @is_dir()
check.
#28
@
12 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
This could have caused http://wordpress.org/support/topic/unable-to-update-2?replies=1
Looking at the report, 'C:\WINDOWS\TEMP\/wordpress-latest.tmp'
contains a \/ as a path delimiter, that condition seems to be causing the problem here.
#30
@
12 years ago
Could not reproduce the "Missing archive file" error from the forum thread on Windows XP.
I could, however, reproduce the wrong path delimiter. 20778.2.patch fixes that.
#31
@
12 years ago
I've seen windows fail with a double slash in a path , or \/ before, but I think it's limited to a certain filesystem or ACL set.
In this case, The fact that trailingslashit() and untrailingslashit() don't support windows paths seems like a good new ticket, but for now, that patch looks good to me. I don't have a windows system to test on right now, but will follow up later
Switch sys_get_temp_dir and WP_CONTENT_DIR within get_temp_dir