WC_Product_Download::approved_directory_checks()
Confirms that the download exists within an approved directory.
If it is not within an approved directory but the current user has sufficient capabilities, then the method will try to add the download's directory to the approved directory list.
Method of the class: WC_Product_Download{}
Hooks from the method
Return
null. Nothing (null).
Usage
// private - for code of main (parent) class only $result = $this->approved_directory_checks( $auto_add_to_approved_directory_list );
- $auto_add_to_approved_directory_list(true|false)
- If the download is not already in the approved directory list, automatically add it if possible.
Default: true
WC_Product_Download::approved_directory_checks() WC Product Download::approved directory checks code WC 8.7.0
private function approved_directory_checks( bool $auto_add_to_approved_directory_list = true ) {
$download_directories = wc_get_container()->get( Download_Directories::class );
if ( $download_directories->get_mode() !== Download_Directories::MODE_ENABLED ) {
return;
}
$download_file = $this->get_file();
/**
* Controls whether shortcodes should be resolved and validated using the Approved Download Directory feature.
*
* @param bool $should_validate
*/
if ( apply_filters( 'woocommerce_product_downloads_approved_directory_validation_for_shortcodes', true ) && 'shortcode' === $this->get_type_of_file_path() ) {
$download_file = do_shortcode( $download_file );
}
$is_site_administrator = is_multisite() ? current_user_can( 'manage_sites' ) : current_user_can( 'manage_options' );
$valid_storage_directory = $download_directories->is_valid_path( $download_file );
if ( $valid_storage_directory ) {
return;
}
if ( $auto_add_to_approved_directory_list ) {
try {
// Add the parent URL to the approved directories list, but *do not enable it* unless the current user is a site admin.
$download_directories->add_approved_directory( ( new URL( $download_file ) )->get_parent_url(), $is_site_administrator );
$valid_storage_directory = $download_directories->is_valid_path( $download_file );
} catch ( Exception $e ) { // phpcs:ignore Generic.CodeAnalysis.EmptyStatement.DetectedCatch
// At this point, $valid_storage_directory will be false. Fall-through so the appropriate exception is
// triggered (same as if the storage directory was invalid and $auto_add_to_approved_directory_list was false.
}
}
if ( ! $valid_storage_directory ) {
$this->raise_invalid_file_exception( $download_file );
}
}