WordPress.org

Make WordPress Core

Opened 5 years ago

Closed 4 years ago

Last modified 4 years ago

#8830 closed defect (bug) (fixed)

wp_mkdir_p doesn't work with safe mode enabled

Reported by: remi Owned by:
Milestone: 3.0 Priority: normal
Severity: normal Version: 2.7
Component: Filesystem API Keywords: needs-patch bug-hunt
Focuses: Cc:

Description

The wp_mkdir_p function (which is used by many WP features like media uploading) doesn't work when PHP's safe-mode is enabled because it allows trailing slashes at the end of the directories it tries to create.

Adding this code at the beginning of the function solves the problem:

if (substr($target, -1) == "/") {
  $target = substr($target, 0, -1);
}

Attachments (1)

8830.diff (447 bytes) - added by Denis-de-Bernardy 5 years ago.

Download all attachments as: .zip

Change History (16)

Denis-de-Bernardy5 years ago

comment:1 Denis-de-Bernardy5 years ago

  • Keywords has-patch tested dev-feedback added

I'm not 100% this won't have side effects

comment:2 ryan5 years ago

  • Component changed from General to Filesystem
  • Owner anonymous deleted

comment:3 Denis-de-Bernardy5 years ago

  • Keywords needs-testing added; tested removed

comment:4 Denis-de-Bernardy5 years ago

  • Milestone changed from 2.8 to Future Release

punting pending tests

comment:5 Denis-de-Bernardy5 years ago

  • Milestone changed from Future Release to 2.9

comment:6 Denis-de-Bernardy5 years ago

  • Keywords needs-review added; needs-testing dev-feedback removed

comment:7 Denis-de-Bernardy5 years ago

  • Keywords needs-patch added; has-patch needs-review removed
  • Milestone changed from 2.9 to Future Release
  • Type changed from defect (bug) to enhancement

$target = / is problematic.

comment:9 scribu4 years ago

Patch should use untrailingslashit().

comment:10 follow-up: dd324 years ago

perhaps this should be added instead:

$target = untrailingslashit($target); 
if ( empty($target) )
  $target = '/';

comment:11 dd324 years ago

  • Type changed from enhancement to defect (bug)

also, this is a defect, It doesnt operate correctly under safe mode.

comment:12 in reply to: ↑ 10 ryan4 years ago

Replying to dd32:

perhaps this should be added instead:

$target = untrailingslashit($target); 
if ( empty($target) )
  $target = '/';

Sounds good.

comment:13 dd324 years ago

  • Milestone changed from Future Release to 3.0

comment:14 automattor4 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [12740]) Fix wp_mkdir_p() when running under safe_mode on certain PHP versions. Props Denis-de-Bernardy. Fixes #8830

comment:15 Denis-de-Bernardy4 years ago

  • Keywords bug-hunt added
Note: See TracTickets for help on using tickets.