[wp-trac] [WordPress Trac] #19800: Media & WXR Uploads: Inaccurate error reporting because move_uploaded_file() fails to return false.

WordPress Trac wp-trac at lists.automattic.com
Wed Jan 11 10:44:28 UTC 2012 

#19800: Media & WXR Uploads: Inaccurate error reporting because
move_uploaded_file() fails to return false.
--------------------------+------------------------------
 Reporter:  emhr          |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Upload        |     Version:  3.3
 Severity:  normal        |  Resolution:
 Keywords:  has-patch     |
--------------------------+------------------------------
Changes (by duck_):

 * version:  3.3.1 => 3.3


Comment:

 Good catch, thanks!

 The changeset that caused this was [18482].

 I am uploading two different patch options:

  1. Check the return value of copy() and return an error then.
  1. move_uploaded_file() to the uploads directory as before. If a resize
 is requested the new, resized image is made and renamed.

 The second has the benefit of only moving/copying the upload once if a
 resize is not requested. Currently we always move and then copy anyway. I
 haven't done proper testing for when a resize is requested for either
 (though it's only the second that could have a bug), and I don't think the
 second does enough to ensure that the resized file name is unique.

 A couple of other things I noticed about [18482]:

  1. If the upload cannot be moved to wp_tempnam($filename) (this is rather
 unlikely) then the error message will display an incorrect path
  1. There's no feedback returned to the user if an image resize fails

 A third option is to remove this resizing code. This was actually (mostly)
 done in [19223] for #19174, but it came back in [19225] and [19226] to
 allow plugins to make use of resizing. However, since this code has been
 in wp_handle_upload() for a release it probably cannot be taken out now.

 Finally, I'm not really sure why, but I seem to feel that it's a strange
 location for resizing code.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/19800#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list