Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #22981 from woocommerce/update/22976 

Updating geolocation download to avoid wp_upload_dir and direct filesystem access
This commit is contained in:
Mike Jolley 2019-03-13 17:41:54 +00:00 committed by GitHub
parent c3abdfedc4 9bd38c496e
commit 6995e6ec84
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
includes/class-wc-geolocation.php
View File

@ -237,13 +237,13 @@ class WC_Geolocation {
* @return string
*/
public static function get_local_database_path( $deprecated = '2' ) {
$upload_dir = wp_get_upload_dir();
return apply_filters( 'woocommerce_geolocation_local_database_path', $upload_dir['basedir'] . '/GeoLite2-Country.mmdb', $deprecated );
return apply_filters( 'woocommerce_geolocation_local_database_path', WP_CONTENT_DIR . '/uploads/GeoLite2-Country.mmdb', $deprecated );
}
/**
* Update geoip database.
*
* Extract files with PharData. Tool built into PHP since 5.3.
*/
public static function update_database() {
$logger = wc_get_logger();
@ -255,31 +255,27 @@ class WC_Geolocation {
require_once ABSPATH . 'wp-admin/includes/file.php';
$upload_dir = wp_upload_dir();
$tmp_database_path = download_url( self::GEOLITE2_DB );
$database = 'GeoLite2-Country.mmdb';
$target_database_path = self::get_local_database_path();
$tmp_database_path = download_url( self::GEOLITE2_DB );
if ( ! is_wp_error( $tmp_database_path ) ) {
WP_Filesystem();
global $wp_filesystem;
try {
// GeoLite2 database name.
$database = 'GeoLite2-Country.mmdb';
$dest_path = trailingslashit( $upload_dir['basedir'] ) . $database;
// Make sure target dir exists.
$wp_filesystem->mkdir( dirname( $target_database_path ) );
// Extract files with PharData. Tool built into PHP since 5.3.
$file = new PharData( $tmp_database_path ); // phpcs:ignore PHPCompatibility.Classes.NewClasses.phardataFound
$file_path = trailingslashit( $file->current()->getFileName() ) . $database;
$file->extractTo( dirname( $tmp_database_path ), $file_path, true );
// Extract under uploads directory.
$file->extractTo( $upload_dir['basedir'], $file_path, true );
// Remove old database.
@unlink( $dest_path ); // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.VIP.FileSystemWritesDisallow.file_ops_unlink
// Copy database and delete tmp directories.
@rename( trailingslashit( $upload_dir['basedir'] ) . $file_path, $dest_path ); // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.VIP.FileSystemWritesDisallow.file_ops_rename
@rmdir( trailingslashit( $upload_dir['basedir'] ) . $file->current()->getFileName() ); // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.VIP.FileSystemWritesDisallow.directory_rmdir
// Set correct file permission.
@chmod( $dest_path, 0644 ); // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.VIP.FileSystemWritesDisallow.chmod_chmod
// Move file and delete temp.
$wp_filesystem->move( trailingslashit( dirname( $tmp_database_path ) ) . $file_path, $target_database_path, true );
$wp_filesystem->delete( trailingslashit( dirname( $tmp_database_path ) ) . $file->current()->getFileName() );
} catch ( Exception $e ) {
$logger->notice( $e->getMessage(), array( 'source' => 'geolocation' ) );
@ -287,8 +283,8 @@ class WC_Geolocation {
wp_clear_scheduled_hook( 'woocommerce_geoip_updater' );
wp_schedule_event( strtotime( 'first tuesday of next month' ), 'monthly', 'woocommerce_geoip_updater' );
}
@unlink( $tmp_database_path ); // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, WordPress.VIP.FileSystemWritesDisallow.file_ops_unlink
// Delete temp file regardless of success.
$wp_filesystem->delete( $tmp_database_path );
} else {
$logger->notice(
'Unable to download GeoIP Database: ' . $tmp_database_path->get_error_message(),

4
includes/class-wc-install.php
View File

@ -425,8 +425,8 @@ class WC_Install {
wp_schedule_event( strtotime( 'first tuesday of next month' ), 'monthly', 'woocommerce_geoip_updater' );
wp_schedule_event( time() + 10, apply_filters( 'woocommerce_tracker_event_recurrence', 'daily' ), 'woocommerce_tracker_send_event' );
// Trigger GeoLite2 database download after 5 minutes.
wp_schedule_single_event( time() + ( MINUTE_IN_SECONDS * 5 ), 'woocommerce_geoip_updater' );
// Trigger GeoLite2 database download after 1 minute.
wp_schedule_single_event( time() + ( MINUTE_IN_SECONDS * 1 ), 'woocommerce_geoip_updater' );
}
/**