Upload::upload( array $file )

Description #

Upload file and store it in temporary directory.

Copied directly from WordPress Core. Only difference is upload directory. All files were uploaded to anspress-temp directory and it need to moved manually. All files older then 2 hours are deleted from anspress-temp directory.

Parameters #

  • $file
    array (Required) $_FILE value.

Changelog #

VersionDescription
4.1.8Introduced.

Source #

File: lib/form/class-upload.php

	private function upload( $file ) {
		// If there is error in file then return.
		if ( isset( $file['error'] ) && ! is_numeric( $file['error'] ) && $file['error'] ) {
			return new \WP_Error( 'upload_file_error', $file['error'] ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		// Courtesy of php.net, the strings that describe the error indicated in $_FILES[{form field}]['error'].
		$upload_error_strings = array(
			false,
			__( 'The uploaded file exceeds the upload_max_filesize directive in php.ini.', 'anspress-question-answer' ),
			__( 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.', 'anspress-question-answer' ),
			__( 'The uploaded file was only partially uploaded.', 'anspress-question-answer' ),
			__( 'No file was uploaded.', 'anspress-question-answer' ),
			'',
			__( 'Missing a temporary folder.', 'anspress-question-answer' ),
			__( 'Failed to write file to disk.', 'anspress-question-answer' ),
			__( 'File upload stopped by extension.', 'anspress-question-answer' ),
		);

		// Check error.
		if ( isset( $file['error'] ) && $file['error'] > 0 ) {
			return new \WP_Error( 'upload_file_size', $upload_error_strings[ $file['error'] ] ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		$file_size = $file['size'];

		// A non-empty file will pass this test.
		if ( ! ( $file_size > 0 ) ) {
			return new \WP_Error( 'upload_file_size', __( 'File is empty. Please upload something more substantial.', 'anspress-question-answer' ) ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		// Check file size.
		if ( $file_size > ap_opt( 'max_upload_size' ) ) {
			return new \WP_Error( 'upload_file_size', __( 'File is bigger than the allowed limit.', 'anspress-question-answer' ) ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		// Check file uploaded using proper method.
		if ( true !== is_uploaded_file( $file['tmp_name'] ) ) {
			return new \WP_Error( 'upload_file_failed', __( 'Specified file failed upload test.', 'anspress-question-answer' ) ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		$mimes = $this->get( 'upload_options.allowed_mimes' );
		$mimes = ! empty( $mimes ) ? $mimes : false;

		// A correct MIME type will pass this test.
		$wp_filetype     = wp_check_filetype_and_ext( $file['tmp_name'], $file['name'], $mimes );
		$ext             = empty( $wp_filetype['ext'] ) ? '' : $wp_filetype['ext'];
		$type            = empty( $wp_filetype['type'] ) ? '' : $wp_filetype['type'];
		$proper_filename = empty( $wp_filetype['proper_filename'] ) ? '' : $wp_filetype['proper_filename'];

		// Check to see if wp_check_filetype_and_ext() determined the filename was incorrect.
		if ( $proper_filename ) {
			$file['name'] = $proper_filename;
		}

		if ( ! $type || ! $ext ) {
			return new \WP_Error( 'upload_file_ext', __( 'Sorry, this file type is not permitted for security reasons.', 'anspress-question-answer' ) ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		if ( ! $type ) {
			$type = $file['type'];
		}

		$uploads = wp_upload_dir();

		/**
		 * A writable uploads dir will pass this test.
		 */
		if ( false !== $uploads['error'] ) {
			return new \WP_Error( 'upload_file_dir', $uploads['error'] ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		$temp_dir = $uploads['basedir'] . '/anspress-temp/';

		// Make sure WP_Filesystem is loaded.
		if ( ! function_exists( 'WP_Filesystem' ) ) {
			require_once ABSPATH . 'wp-admin/includes/file.php';
		}

		// Initialize WP_Filesystem.
		if ( ! WP_Filesystem() ) {
			// Unable to initialize WP_Filesystem, handle error accordingly.
			return;
		}

		global $wp_filesystem;

		// Make dir if not exists.
		if ( ! file_exists( $temp_dir ) ) {
			$wp_filesystem->mkdir( $temp_dir );
		}

		$sha           = sha1_file( $file['tmp_name'] );
		$user_id       = get_current_user_id();
		$new_file_name = "{$sha}_$user_id.$ext";
		$new_file      = $temp_dir . "$new_file_name";

		$move_new_file = move_uploaded_file( $file['tmp_name'], $new_file );

		// Return if unable to move file.
		if ( false === $move_new_file ) {
			return new \WP_Error( 'upload_file_move', 'The uploaded file could not be moved' ); // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
		}

		// Set correct file permissions.
		$stat  = stat( dirname( $new_file ) );
		$perms = $stat['mode'] & 0000666;

		// Use WP_Filesystem's chmod method.
		$wp_filesystem->chmod( $new_file, $perms );

		return $new_file_name; // phpcs:ignore Universal.CodeAnalysis.ConstructorDestructorReturn.ReturnValueFound
	}

Expand full source code Collapse full source code View on GitHub: lib/form/class-upload.php:384

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Add your comment