Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Check if uploads/woocommerce_uploads is protected

This commit is contained in:
Claudio Sanches 2020-05-06 21:41:04 -03:00
parent d6a17aad4e
commit 191bc7f134
1 changed files with 10 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
includes/admin/class-wc-admin-notices.php
View File

@ -564,42 +564,18 @@ class WC_Admin_Notices {
return 'protected' === $status; return 'protected' === $status;
} }
// Get uploads directory data and allows to get created if doesn't exists. // Get only data from the uploads directory.
$uploads = wp_upload_dir( null, true ); $uploads = wp_get_upload_dir();
// Skip if returns an error. // Check for the "uploads/woocommerce_uploads" directory.
if ( $uploads['error'] ) { $response = wp_remote_get( $uploads['baseurl'] . '/woocommerce_uploads' );
return false; $response_code = intval( wp_remote_retrieve_response_code( $response ) );
} $response_content = wp_remote_retrieve_body( $response );
// Allow us to easily interact with the filesystem. // Check if returns 200 with empty content in case can open an index.html file,
require_once ABSPATH . 'wp-admin/includes/file.php'; // and check for non-200 codes in case the directory is protected.
WP_Filesystem(); $is_protected = ( 200 === $response_code && empty( $response_content ) ) || ( 200 !== $response_code );
global $wp_filesystem; set_transient( $cache_key, $is_protected ? 'protected' : 'unprotected', 1 * DAY_IN_SECONDS );
$is_protected = false;
$test_dir = 'woocommerce-uploads-test';
$test_dir_path = trailingslashit( $uploads['basedir'] ) . $test_dir;
// Clean up the test directory before we start.
if ( $wp_filesystem->exists( $test_dir_path ) ) {
$wp_filesystem->delete( $test_dir_path );
}
// Create a new directory to check in case the uploads root is only protected by an index.php or index.html file.
if ( $wp_filesystem->mkdir( $test_dir_path ) ) {
$response = wp_remote_get( $uploads['baseurl'] . '/' . $test_dir );
$response_code = intval( wp_remote_retrieve_response_code( $response ) );
$response_content = wp_remote_retrieve_body( $response );
// Check if returns 200 with empty content in case there's some index.html,
// and check for non-200 codes in case the directory is protected.
$is_protected = 200 === $response_code && empty( $response_content ) || 200 !== $response_code;
// Remove test directory.
$wp_filesystem->delete( $test_dir_path );
set_transient( $cache_key, $is_protected ? 'protected' : 'unprotected', 1 * DAY_IN_SECONDS );
}
return $is_protected; return $is_protected;
} }