Privacy: Reuse existing archive filenames to maintain URLs.
Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken. That can be avoided by reusing the same filename when building fresh archives. Props desrosj, tz-media, allendav. Fixes #43905. git-svn-id: https://develop.svn.wordpress.org/trunk@43180 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
a131758bf5
commit
a631c2378d
|
@ -2127,12 +2127,30 @@ function wp_privacy_generate_personal_data_export_file( $request_id ) {
|
|||
fwrite( $file, "</html>\n" );
|
||||
fclose( $file );
|
||||
|
||||
// Now, generate the ZIP.
|
||||
/*
|
||||
* Now, generate the ZIP.
|
||||
*
|
||||
* If an archive has already been generated, then remove it and reuse the
|
||||
* filename, to avoid breaking any URLs that may have been previously sent
|
||||
* via email.
|
||||
*/
|
||||
$error = false;
|
||||
$archive_url = get_post_meta( $request_id, '_export_file_url', true );
|
||||
$archive_pathname = get_post_meta( $request_id, '_export_file_path', true );
|
||||
|
||||
if ( empty( $archive_pathname ) || empty( $archive_url ) ) {
|
||||
$archive_filename = $file_basename . '.zip';
|
||||
$archive_pathname = $exports_dir . $archive_filename;
|
||||
$archive_url = $exports_url . $archive_filename;
|
||||
|
||||
update_post_meta( $request_id, '_export_file_url', $archive_url );
|
||||
update_post_meta( $request_id, '_export_file_path', $archive_pathname );
|
||||
}
|
||||
|
||||
if ( ! empty( $archive_pathname ) && file_exists( $archive_pathname ) ) {
|
||||
wp_delete_file( $archive_pathname );
|
||||
}
|
||||
|
||||
$zip = new ZipArchive;
|
||||
if ( true === $zip->open( $archive_pathname, ZipArchive::CREATE ) ) {
|
||||
if ( ! $zip->addFile( $html_report_pathname, 'index.html' ) ) {
|
||||
|
@ -2163,10 +2181,6 @@ function wp_privacy_generate_personal_data_export_file( $request_id ) {
|
|||
if ( $error ) {
|
||||
wp_send_json_error( $error );
|
||||
}
|
||||
|
||||
// Save the export file in the request.
|
||||
update_post_meta( $request_id, '_export_file_url', $archive_url );
|
||||
update_post_meta( $request_id, '_export_file_path', $archive_pathname );
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -2342,14 +2356,6 @@ function wp_privacy_process_personal_data_export_page( $response, $exporter_inde
|
|||
delete_post_meta( $request_id, '_export_data_raw' );
|
||||
update_post_meta( $request_id, '_export_data_grouped', $groups );
|
||||
|
||||
// And now, generate the export file, cleaning up any previous file
|
||||
$export_path = get_post_meta( $request_id, '_export_file_path', true );
|
||||
if ( ! empty( $export_path ) ) {
|
||||
delete_post_meta( $request_id, '_export_file_path' );
|
||||
@unlink( $export_path );
|
||||
}
|
||||
delete_post_meta( $request_id, '_export_file_url' );
|
||||
|
||||
// Generate the export file from the collected, grouped personal data.
|
||||
do_action( 'wp_privacy_personal_data_export_file', $request_id );
|
||||
|
||||
|
|
Loading…
Reference in New Issue