Automattic\WooCommerce\Internal\ProductDownloads\ApprovedDirectories
Register::is_valid_path
Indicates if the URL is within an approved directory. The approved directory must be enabled (it is possible for individual approved directories to be disabled).
For instance, for 'https://storage.king/12345/ebook.pdf' to be valid then 'https://storage.king/12345' would need to be within our register.
If the provided URL is a filepath it can be passed in without the 'file://' scheme.
Method of the class: Register{}
No Hooks.
Returns
true|false.
Usage
$Register = new Register(); $Register->is_valid_path( $download_url ): bool;
- $download_url(string) (required)
- The URL to check.
Register::is_valid_path() Register::is valid path code WC 10.5.0
public function is_valid_path( string $download_url ): bool {
global $wpdb;
$url_cache_key = 'url:' . $download_url;
if ( isset( $this->cache[ $url_cache_key ] ) ) {
return $this->cache[ $url_cache_key ];
}
$url = new URL( $this->normalize_url( $download_url ) );
$parents = $url->get_all_parent_urls();
if ( ! empty( $parents ) ) {
sort( $parents );
$parents_sql = "'" . implode( "','", array_map( 'esc_sql', $parents ) ) . "'";
$parents_cache_key = 'parents:' . md5( $parents_sql );
if ( ! isset( $this->cache[ $parents_cache_key ] ) ) {
// Look for a rule that matches the start of the download URL being tested. Since rules describe parent
// directories, we also ensure it ends with a trailing slash.
//
// phpcs:disable WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- $parents_sql is already escaped.
$this->cache[ $parents_cache_key ] = (bool) $wpdb->get_var(
"SELECT 1
FROM `{$this->get_table()}`
WHERE enabled = 1 AND url IN ({$parents_sql})"
);
// phpcs:enable
}
$this->cache[ $url_cache_key ] = $this->cache[ $parents_cache_key ];
} else {
$this->cache[ $url_cache_key ] = false;
}
return $this->cache[ $url_cache_key ];
}