Skip to content
Permalink
Browse files

Introduce file type check for tax rate importer

  • Loading branch information...
rodrigoprimo committed Jul 2, 2019
1 parent 7324e48 commit 737f6af5e8af27ae768d087e84c0303d8059281a
@@ -86,6 +86,7 @@ public static function get_importer( $file, $args = array() ) {
/**
* Check whether a file is a valid CSV file.
*
* @todo Replace this method with wc_is_file_valid_csv() function.
* @param string $file File path.
* @param bool $check_path Whether to also check the file is located in a valid location (Default: true).
* @return bool
@@ -200,8 +200,7 @@ public function import_end() {
* @return bool False if error uploading or invalid file, true otherwise
*/
public function handle_upload() {
// phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- Nonce already verified in WC_Tax_Rate_Importer::dispatch()
$file_url = isset( $_POST['file_url'] ) ? wc_clean( wp_unslash( $_POST['file_url'] ) ) : '';
$file_url = isset( $_POST['file_url'] ) ? wc_clean( wp_unslash( $_POST['file_url'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- Nonce already verified in WC_Tax_Rate_Importer::dispatch()
if ( empty( $file_url ) ) {
$file = wp_import_handle_upload();
@@ -210,13 +209,23 @@ public function handle_upload() {
$this->import_error( $file['error'] );
}
if ( ! wc_is_file_valid_csv( $file['file'], false ) ) {
// Remove file if not valid.
wp_delete_attachment( $file['id'], true );
$this->import_error( __( 'Invalid file type. The importer supports CSV and TXT file formats.', 'woocommerce' ) );
}
$this->id = absint( $file['id'] );
} elseif ( file_exists( ABSPATH . $file_url ) ) {
if ( ! wc_is_file_valid_csv( ABSPATH . $file_url ) ) {
$this->import_error( __( 'Invalid file type. The importer supports CSV and TXT file formats.', 'woocommerce' ) );
}
$this->file_url = esc_attr( $file_url );
} else {
$this->import_error();
}
// phpcs:enable
return true;
}
@@ -448,3 +448,47 @@ function wc_review_ratings_enabled() {
function wc_review_ratings_required() {
return 'yes' === get_option( 'woocommerce_review_rating_required' );
}
/**
* Check if a CSV file is valid.
*
* @since 3.6.5
* @param string $file File name.
* @param bool $check_path If should check for the path.
* @return bool
*/
function wc_is_file_valid_csv( $file, $check_path = true ) {
/**
* Filter check for CSV file path.
*
* @since 3.6.4
* @param bool $check_import_file_path If requires file path check. Defaults to true.
*/
$check_import_file_path = apply_filters( 'woocommerce_csv_importer_check_import_file_path', true );
if ( $check_path && $check_import_file_path && false !== stripos( $file, '://' ) ) {
return false;
}
/**
* Filter CSV valid file types.
*
* @since 3.6.5
* @param array $valid_filetypes List of valid file types.
*/
$valid_filetypes = apply_filters(
'woocommerce_csv_import_valid_filetypes',
array(
'csv' => 'text/csv',
'txt' => 'text/plain',
)
);
$filetype = wp_check_filetype( $file, $valid_filetypes );
if ( in_array( $filetype['type'], $valid_filetypes, true ) ) {
return true;
}
return false;
}
@@ -93,4 +93,16 @@ public function _https_url() {
public function test_wc_is_valid_url( $assert, $values ) {
$this->assertEquals( $assert, $values );
}
/**
* Test wc_is_file_valid_csv.
*
* @since 3.6.5
*/
public function test_wc_is_file_valid_csv() {
$this->assertTrue( wc_is_file_valid_csv( 'C:/wamp64/www/test.local/wp-content/uploads/2018/10/products_all_gg-1.csv' ) );
$this->assertTrue( wc_is_file_valid_csv( '/srv/www/woodev/wp-content/uploads/2018/10/1098488_single.csv' ) );
$this->assertFalse( wc_is_file_valid_csv( '/srv/www/woodev/wp-content/uploads/2018/10/img.jpg' ) );
$this->assertFalse( wc_is_file_valid_csv( 'file:///srv/www/woodev/wp-content/uploads/2018/10/1098488_single.csv' ) );
}
}

0 comments on commit 737f6af

Please sign in to comment.
You can’t perform that action at this time.