Skip to content

Commit

Permalink
Site Health: Check if the directories are allowed when testing for a …
Browse files Browse the repository at this point in the history
…VCS checkout.

As part of determining whether to perform automatic updates, WordPress checks if it is running within a version-controlled environment, recursively looking up the filesystem to the top of the drive, looking for a Subversion, Git, Mercurial, or Bazaar directory, erring on the side of detecting a VCS checkout somewhere.

This commit reuses `WP_Automatic_Updater::is_allowed_dir()` in the Site Health test to avoid a PHP warning if the `open_basedir` directive is in use and any of the directories checked in the process are not allowed:
{{{
is_dir(): open_basedir restriction in effect. File(/.git) is not within the allowed path(s)
}}}

Follow-up to [44986], [55425].

Props Keffr3n, narenin.
Fixes #61834.

git-svn-id: https://develop.svn.wordpress.org/trunk@58921 602fd350-edb4-49c9-b593-d223f7449a82
  • Loading branch information
SergeyBiryukov committed Aug 21, 2024
1 parent 04eec0c commit 84332c9
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions src/wp-admin/includes/class-wp-site-health-auto-updates.php
Original file line number Diff line number Diff line change
Expand Up @@ -224,12 +224,18 @@ public function test_vcs_abspath() {
}

$check_dirs = array_unique( $check_dirs );
$updater = new WP_Automatic_Updater();
$checkout = false;

// Search all directories we've found for evidence of version control.
foreach ( $vcs_dirs as $vcs_dir ) {
foreach ( $check_dirs as $check_dir ) {
// phpcs:ignore Generic.CodeAnalysis.AssignmentInCondition,Squiz.PHP.DisallowMultipleAssignments
if ( $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ) ) {
if ( ! $updater->is_allowed_dir( $check_dir ) ) {
continue;
}

$checkout = is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" );
if ( $checkout ) {
break 2;
}
}
Expand Down

0 comments on commit 84332c9

Please sign in to comment.