WordPress.org
Get WordPress

Plugin Directory

Changeset 2245648


Ignore:
Timestamp:
02/17/2020 02:33:57 PM (5 years ago)
Author:
joelmelon
Message:

Updating to next version

File:
1 edited

Legend:

Unmodified
Added
Removed

  • shp-icon/trunk/src/Plugin.php

    r2235127 r2245648  
    233233        return $links;
    234234    }
     235
     236    /**
     237     * Sanitizes a SVG file before it's saved to the server storage.
     238     * This removes unallowed tags and scripts.
     239     *
     240     * @see    enshrined\svgSanitize\Sanitizer
     241     *
     242     * @param  Array $file Uploaded file.
     243     *
     244     * @return Array        Cleaned file if type is SVG.
     245     */
     246    public function sanitizeSvg( $file ) {
     247        if ( 'image/svg+xml' === $file['type'] ) {
     248            $sanitizer    = new Sanitizer();
     249            $dirty_svg    = file_get_contents( $file['tmp_name'] );
     250            $santized_svg = $sanitizer->sanitize( $dirty_svg );
     251
     252            global $wp_filesystem;
     253            $credentials = request_filesystem_credentials( site_url() . '/wp-admin/', '', false, false, array() );
     254            if ( ! WP_Filesystem( $credentials ) ) {
     255                request_filesystem_credentials( site_url() . '/wp-admin/', '', true, false, null );
     256            }
     257
     258            // Using the filesystem API provided by WordPress, we replace the contents of the temporary file and then let the process continue as normal.
     259            $wp_filesystem->put_contents( $file['tmp_name'], $santized_svg, FS_CHMOD_FILE );
     260        }
     261
     262        return $file;
     263    }
    235264}
Note: See TracChangeset for help on using the changeset viewer.