[wp-trac] [WordPress Trac] #38946: WP_Upgrader: Protection against deleting files in destination directory
WordPress Trac
noreply at wordpress.org
Tue Nov 7 15:26:13 UTC 2017
#38946: WP_Upgrader: Protection against deleting files in destination directory
-----------------------------+------------------------------
Reporter: shivapoudel | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-----------------------------+------------------------------
Comment (by shivapoudel):
Hey @dd32 sorry for the late response!
Look at this method `install_package` in `TG_Demo_Upgrader` class which
extends `WP_Upgrader` [https://github.com/themegrill/themegrill-demo-
importer/blob/4779becd5dfe90c689efa5bee137cdc5a2108865/includes/admin
/class-demo-upgrader.php#L137-L351]. This was the hackathon I have used to
protect my demo files directory.
Likewise that method has never been extended in class like
`Plugin_Upgrader` or themes etc. in anyway because themes and plugins
directories are always protected but we want to protect our custom
directories too. Read this and its worth for placing our directories or
not without args, just kidding you can brainstorm some thought too
[https://github.com/themegrill/themegrill-demo-
importer/blob/4779becd5dfe90c689efa5bee137cdc5a2108865/includes/admin
/class-demo-upgrader.php#L256-L263].
Finally above patch can allow us to provide args to protect_destination so
we are safe side without hassle. Look here [https://github.com/themegrill
/themegrill-demo-
importer/blob/4779becd5dfe90c689efa5bee137cdc5a2108865/includes/admin
/class-demo-upgrader.php#L85]
This solution can help me to get the name of main folder inside zip and
install as it is :)
That is my solution to get the name of main folder inside zip and install.
BUT I don't want to extend the WP core upgrader `install_package` method
in anyway in my upcoming plugin version so I am raising this patch :)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38946#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list