From fa9a33d818470a5796f0ff8797f98b510ed8de18 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 17 Apr 2024 09:57:30 +0200 Subject: Merging upstream version 6.5+dfsg1. Signed-off-by: Daniel Baumann --- wp-admin/includes/file.php | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) (limited to 'wp-admin/includes/file.php') diff --git a/wp-admin/includes/file.php b/wp-admin/includes/file.php index 600ddc2..5832569 100644 --- a/wp-admin/includes/file.php +++ b/wp-admin/includes/file.php @@ -656,7 +656,7 @@ function wp_edit_theme_plugin_file( $args ) { /** * Returns a filename of a temporary unique file. * - * Please note that the calling function must unlink() this itself. + * Please note that the calling function must delete or move the file. * * The filename is based off the passed parameter or defaults to the current unix timestamp, * while the directory can either be passed as well, or by leaving it blank, default to a writable @@ -1139,7 +1139,7 @@ function wp_handle_sideload( &$file, $overrides = false, $time = null ) { /** * Downloads a URL to a local temporary file using the WordPress HTTP API. * - * Please note that the calling function must unlink() the file. + * Please note that the calling function must delete or move the file. * * @since 2.5.0 * @since 5.2.0 Signature Verification with SoftFail was added. @@ -1153,7 +1153,7 @@ function wp_handle_sideload( &$file, $overrides = false, $time = null ) { * @return string|WP_Error Filename on success, WP_Error on failure. */ function download_url( $url, $timeout = 300, $signature_verification = false ) { - // WARNING: The file is not automatically deleted, the script must unlink() the file. + // WARNING: The file is not automatically deleted, the script must delete or move the file. if ( ! $url ) { return new WP_Error( 'http_no_url', __( 'Invalid URL Provided.' ) ); } @@ -1563,6 +1563,37 @@ function wp_trusted_keys() { return apply_filters( 'wp_trusted_keys', $trusted_keys ); } +/** + * Determines whether the given file is a valid ZIP file. + * + * This function does not test to ensure that a file exists. Non-existent files + * are not valid ZIPs, so those will also return false. + * + * @since 6.4.4 + * + * @param string $file Full path to the ZIP file. + * @return bool Whether the file is a valid ZIP file. + */ +function wp_zip_file_is_valid( $file ) { + /** This filter is documented in wp-admin/includes/file.php */ + if ( class_exists( 'ZipArchive', false ) && apply_filters( 'unzip_file_use_ziparchive', true ) ) { + $archive = new ZipArchive(); + $archive_is_valid = $archive->open( $file, ZipArchive::CHECKCONS ); + if ( true === $archive_is_valid ) { + $archive->close(); + return true; + } + } + + // Fall through to PclZip if ZipArchive is not available, or encountered an error opening the file. + require_once ABSPATH . 'wp-admin/includes/class-pclzip.php'; + + $archive = new PclZip( $file ); + $archive_is_valid = is_array( $archive->properties() ); + + return $archive_is_valid; +} + /** * Unzips a specified ZIP file to a location on the filesystem via the WordPress * Filesystem Abstraction. -- cgit v1.2.3