From a631c2378de7361e7ad43d28a9166cfcaf8f4c8f Mon Sep 17 00:00:00 2001
From: Ian Dunn <iandunn@git.wordpress.org>
Date: Tue, 8 May 2018 00:51:59 +0000
Subject: [PATCH] Privacy: Reuse existing archive filenames to maintain URLs.

Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken.

That can be avoided by reusing the same filename when building fresh archives.

Props desrosj, tz-media, allendav.
Fixes #43905.


git-svn-id: https://develop.svn.wordpress.org/trunk@43180 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-admin/includes/file.php | 38 ++++++++++++++++++++--------------
 1 file changed, 22 insertions(+), 16 deletions(-)

diff --git a/src/wp-admin/includes/file.php b/src/wp-admin/includes/file.php
index f0f64cdbe3..4bec958b25 100644
--- a/src/wp-admin/includes/file.php
+++ b/src/wp-admin/includes/file.php
@@ -2127,11 +2127,29 @@ function wp_privacy_generate_personal_data_export_file( $request_id ) {
 	fwrite( $file, "</html>\n" );
 	fclose( $file );
 
-	// Now, generate the ZIP.
+	/*
+	 * Now, generate the ZIP.
+	 *
+	 * If an archive has already been generated, then remove it and reuse the
+	 * filename, to avoid breaking any URLs that may have been previously sent
+	 * via email.
+	 */
 	$error            = false;
-	$archive_filename = $file_basename . '.zip';
-	$archive_pathname = $exports_dir . $archive_filename;
-	$archive_url      = $exports_url . $archive_filename;
+	$archive_url      = get_post_meta( $request_id, '_export_file_url', true );
+	$archive_pathname = get_post_meta( $request_id, '_export_file_path', true );
+
+	if ( empty( $archive_pathname ) || empty( $archive_url ) ) {
+		$archive_filename = $file_basename . '.zip';
+		$archive_pathname = $exports_dir . $archive_filename;
+		$archive_url      = $exports_url . $archive_filename;
+
+		update_post_meta( $request_id, '_export_file_url', $archive_url );
+		update_post_meta( $request_id, '_export_file_path', $archive_pathname );
+	}
+
+	if ( ! empty( $archive_pathname ) && file_exists( $archive_pathname ) ) {
+		wp_delete_file( $archive_pathname );
+	}
 
 	$zip = new ZipArchive;
 	if ( true === $zip->open( $archive_pathname, ZipArchive::CREATE ) ) {
@@ -2163,10 +2181,6 @@ function wp_privacy_generate_personal_data_export_file( $request_id ) {
 	if ( $error ) {
 		wp_send_json_error( $error );
 	}
-
-	// Save the export file in the request.
-	update_post_meta( $request_id, '_export_file_url', $archive_url );
-	update_post_meta( $request_id, '_export_file_path', $archive_pathname );
 }
 
 /**
@@ -2342,14 +2356,6 @@ function wp_privacy_process_personal_data_export_page( $response, $exporter_inde
 	delete_post_meta( $request_id, '_export_data_raw' );
 	update_post_meta( $request_id, '_export_data_grouped', $groups );
 
-	// And now, generate the export file, cleaning up any previous file
-	$export_path = get_post_meta( $request_id, '_export_file_path', true );
-	if ( ! empty( $export_path ) ) {
-		delete_post_meta( $request_id, '_export_file_path' );
-		@unlink( $export_path );
-	}
-	delete_post_meta( $request_id, '_export_file_url' );
-
 	// Generate the export file from the collected, grouped personal data.
 	do_action( 'wp_privacy_personal_data_export_file', $request_id );