Replace use of tmpfile() with a safe get_temp_dir(). tmpfile() may use a temporary directly which is not writable. Add static caching to get_temp_dir() & better protect against bad server configs. Fixes #12866

git-svn-id: http://svn.automattic.com/wordpress/trunk@14016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-06 11:20:51 +00:00 · 2010-04-06 11:20:51 +00:00 · d5ee7bca10
parent 07a523894a
commit d5ee7bca10
2 changed files with 21 additions and 8 deletions
--- a/wp-admin/includes/class-wp-filesystem-ftpext.php
+++ b/wp-admin/includes/class-wp-filesystem-ftpext.php
@ -92,7 +92,9 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
 		if ( empty($type) )
 			$type = FTP_BINARY;

-		$temp = tmpfile();
+		$tempfile = wp_tempnam($file);
+		$temp = fopen($tempfile, 'w+');
+
 		if ( ! $temp )
 			return false;

@ -106,6 +108,7 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
 			$contents .= fread($temp, 8192);

 		fclose($temp);
+		unlink($tempfile);
 		return $contents;
 	}
 	function get_contents_array($file) {
@ -113,7 +116,8 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
 	}

 	function put_contents($file, $contents, $mode = false ) {
-		$temp = tmpfile();
+		$tempfile = wp_tempnam($file);
+		$temp = fopen($tempfile, 'w+');
 		if ( ! $temp )
 			return false;

@ -124,6 +128,7 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
 		$ret = @ftp_fput($this->link, $file, $temp, $type);

 		fclose($temp);
+		unlink($tempfile);

 		$this->chmod($file, $mode);

--- a/wp-admin/includes/file.php
+++ b/wp-admin/includes/file.php
@ -149,21 +149,29 @@ function list_files( $folder = '', $levels = 100 ) {
 * @return string Writable temporary directory
 */
 function get_temp_dir() {
+	static $temp;
 	if ( defined('WP_TEMP_DIR') )
 		return trailingslashit(WP_TEMP_DIR);

+	if ( $temp )
+		return trailingslashit($temp);
+
 	$temp = WP_CONTENT_DIR . '/';
 	if ( is_dir($temp) && is_writable($temp) )
 		return $temp;

-	if  ( function_exists('sys_get_temp_dir') )
-		return trailingslashit(sys_get_temp_dir());
+	if  ( function_exists('sys_get_temp_dir') ) {
+		$temp = sys_get_temp_dir();
+		if ( is_writable($temp) )
+			return trailingslashit($temp);
+	}

 	$temp = ini_get('upload_tmp_dir');
-	if ( is_dir($temp) ) // always writable
+	if ( is_dir($temp) && is_writable($temp) )
 		return trailingslashit($temp);

-	return '/tmp/';
+	$temp = '/tmp/';
+	return $temp;
 }

 /**
@ -179,7 +187,7 @@ function get_temp_dir() {
 * @param string $dir (optional) Directory to store the file in
 * @return string a writable filename
 */
-function wp_tempnam($filename = '', $dir = ''){
+function wp_tempnam($filename = '', $dir = '') {
 	if ( empty($dir) )
 		$dir = get_temp_dir();
 	$filename = basename($filename);
@ -603,7 +611,7 @@ function _unzip_file_ziparchive($file, $to, $needed_dirs = array() ) {
 			return new WP_Error('extract_failed', __('Could not extract file from archive.'), $info['name']);

 		if ( ! $wp_filesystem->put_contents( $to . $info['name'], $contents, FS_CHMOD_FILE) )
-			return new WP_Error('copy_failed', __('Could not copy file.'), $to . $file['filename']);
+			return new WP_Error('copy_failed', __('Could not copy file.'), $to . $info['filename']);
 	}

 	$z->close();