[wp-trac] [WordPress Trac] #45020: Can theme and plugin file uploading utilize the same form that media uploads use?

WordPress Trac noreply at wordpress.org
Mon Oct 1 20:49:10 UTC 2018

#45020: Can theme and plugin file uploading utilize the same form that media
uploads use?
 Reporter:  shaneeckert  |      Owner:  (none)
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  Awaiting Review
Component:  Upload       |    Version:  trunk
 Severity:  minor        |   Keywords:
  Focuses:  ui           |
 The media uploader in **wp-admin/upload.php**  has an '''Add New''' button
 that loads `media-new.php` (Line 77) which calls the `media_upload_form`
 function in `media.php` (Line 1938). This form runs quite a few checks on
 the file. For example a file with an `.exe` extension cannot be uploaded.

 This is not the same for uploading Plugins and Themes. Right now you can
 upload any file through these two sections.

 For example In `plugin-install.php` on line 334 we create a form to upload
 instead of using the one in media.php line 1938..

 There is no check, it just fails when the installer cannot work with the
 file. As well the file is not cleaned up upon failure. This leaves files
 in the directory.

 For consistency can we please use the same form for uploading a plugin and
 a theme as we do for media, with adjustments that limit to just ZIP files?




 **Similar tickets**



Ticket URL: <https://core.trac.wordpress.org/ticket/45020>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list