File_Upload_Upgrader::__construct()publicWP 2.8.0

Construct the upgrader for a form.

Method of the class: File_Upload_Upgrader{}

Hooks from the method

Return

null. Nothing (null).

Usage

$File_Upload_Upgrader = new File_Upload_Upgrader();
$File_Upload_Upgrader->__construct( $form, $urlholder );
$form(string) (required)
The name of the form the file was uploaded from.
$urlholder(string) (required)
The name of the GET parameter that holds the filename.

Changelog

Since 2.8.0 Introduced.

File_Upload_Upgrader::__construct() code WP 6.4.3

public function __construct( $form, $urlholder ) {

	if ( empty( $_FILES[ $form ]['name'] ) && empty( $_GET[ $urlholder ] ) ) {
		wp_die( __( 'Please select a file' ) );
	}

	// Handle a newly uploaded file. Else, assume it's already been uploaded.
	if ( ! empty( $_FILES ) ) {
		$overrides = array(
			'test_form' => false,
			'test_type' => false,
		);
		$file      = wp_handle_upload( $_FILES[ $form ], $overrides );

		if ( isset( $file['error'] ) ) {
			wp_die( $file['error'] );
		}

		if ( 'pluginzip' === $form || 'themezip' === $form ) {
			$archive_is_valid = false;

			/** This filter is documented in wp-admin/includes/file.php */
			if ( class_exists( 'ZipArchive', false ) && apply_filters( 'unzip_file_use_ziparchive', true ) ) {
				$archive          = new ZipArchive();
				$archive_is_valid = $archive->open( $file['file'], ZIPARCHIVE::CHECKCONS );

				if ( true === $archive_is_valid ) {
					$archive->close();
				}
			} else {
				require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';

				$archive          = new PclZip( $file['file'] );
				$archive_is_valid = is_array( $archive->properties() );
			}

			if ( true !== $archive_is_valid ) {
				wp_delete_file( $file['file'] );
				wp_die( __( 'Incompatible Archive.' ) );
			}
		}

		$this->filename = $_FILES[ $form ]['name'];
		$this->package  = $file['file'];

		// Construct the attachment array.
		$attachment = array(
			'post_title'     => $this->filename,
			'post_content'   => $file['url'],
			'post_mime_type' => $file['type'],
			'guid'           => $file['url'],
			'context'        => 'upgrader',
			'post_status'    => 'private',
		);

		// Save the data.
		$this->id = wp_insert_attachment( $attachment, $file['file'] );

		// Schedule a cleanup for 2 hours from now in case of failed installation.
		wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $this->id ) );

	} elseif ( is_numeric( $_GET[ $urlholder ] ) ) {
		// Numeric Package = previously uploaded file, see above.
		$this->id   = (int) $_GET[ $urlholder ];
		$attachment = get_post( $this->id );
		if ( empty( $attachment ) ) {
			wp_die( __( 'Please select a file' ) );
		}

		$this->filename = $attachment->post_title;
		$this->package  = get_attached_file( $attachment->ID );
	} else {
		// Else, It's set to something, Back compat for plugins using the old (pre-3.3) File_Uploader handler.
		$uploads = wp_upload_dir();
		if ( ! ( $uploads && false === $uploads['error'] ) ) {
			wp_die( $uploads['error'] );
		}

		$this->filename = sanitize_file_name( $_GET[ $urlholder ] );
		$this->package  = $uploads['basedir'] . '/' . $this->filename;

		if ( ! str_starts_with( realpath( $this->package ), realpath( $uploads['basedir'] ) ) ) {
			wp_die( __( 'Please select a file' ) );
		}
	}
}