[wp-trac] [WordPress Trac] #53084: wp_delete_attachment deletes file even if $force_delete is false
WordPress Trac
noreply at wordpress.org
Sun Apr 25 15:49:47 UTC 2021
#53084: wp_delete_attachment deletes file even if $force_delete is false
--------------------------+------------------------------
Reporter: pubalacon | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 5.7.1
Severity: major | Resolution:
Keywords: needs-patch | Focuses:
--------------------------+------------------------------
Description changed by mukesh27:
Old description:
> Around line 6085 in wp-includes/post.php
>
> line 6085: wp_delete_attachment_files( $post_id, $meta, $backup_sizes,
> $file );
>
> There is no test of $force_delete, so attachment file is physically
> removed from system file even if not wanted (or definitely not allowed)
>
> Suggested patch:
>
> if (!$force_delete) {
> wp_delete_attachment_files( $post_id, $meta, $backup_sizes, $file );
> }
New description:
Around line 6085 in wp-includes/post.php
line 6085: wp_delete_attachment_files( $post_id, $meta, $backup_sizes,
$file );
There is no test of $force_delete, so attachment file is physically
removed from system file even if not wanted (or definitely not allowed)
Suggested patch:
{{{
if (!$force_delete) {
wp_delete_attachment_files( $post_id, $meta, $backup_sizes, $file );
}
}}}
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53084#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list