Skip to content

Commit

Permalink
Improve CCSS settings import.
Browse files Browse the repository at this point in the history
  • Loading branch information
@futtta
futtta committed Aug 21, 2020
1 parent 60fd08d commit d504cfd
Showing 1 changed file with 14 additions and 2 deletions.
16 changes: 14 additions & 2 deletions classes/autoptimizeCriticalCSSSettingsAjax.php
View file
Expand Up @@ -281,7 +281,7 @@ public function ao_ccss_import_callback() {
$error = false;

// Process an uploaded file with no errors.
if ( ! $_FILES['file']['error'] ) {
if ( current_user_can( 'manage_options' ) && ! $_FILES['file']['error'] && strpos( $_FILES['file']['name'], '.zip' ) === strlen( $_FILES['file']['name'] ) - 4 ) {
// Save file to the cache directory.
$zipfile = AO_CCSS_DIR . $_FILES['file']['name'];
move_uploaded_file( $_FILES['file']['tmp_name'], $zipfile );
Expand All @@ -292,10 +292,20 @@ public function ao_ccss_import_callback() {
$zip->extractTo( AO_CCSS_DIR );
$zip->close();
} else {
$error = 'extracting';
$error = 'could not extract';
}

if ( ! $error ) {
// only known files allowed, all others are deleted.
$_dir_contents_ccss = glob( AO_CCSS_DIR . 'ccss_*.css' );
$_dir_known_ok = array( AO_CCSS_DIR . 'queue.lock', AO_CCSS_DIR . 'queuelog.html', AO_CCSS_DIR . 'index.html', AO_CCSS_DIR . 'settings.json' );
$_dir_contents_ok = array_merge( $_dir_contents_ccss, $_dir_known_ok );
$_dir_contents_all = glob( AO_CCSS_DIR . '*' );
$_dir_to_be_deleted = array_diff( $_dir_contents_all, $_dir_contents_ok );
foreach ( $_dir_to_be_deleted as $_file_to_be_deleted ) {
unlink( $_file_to_be_deleted );
}

// Archive extraction ok, continue settings importing
// Settings file.
$importfile = AO_CCSS_DIR . 'settings.json';
Expand All @@ -318,6 +328,8 @@ public function ao_ccss_import_callback() {
$error = 'settings file does not exist';
}
}
} else {
$error = 'file could not be saved';
}

// Prepare response.
Expand Down

0 comments on commit d504cfd

Please sign in to comment.