Skip to content

Commit

Permalink
Fix: disable server side custom file name in export feature (#6458)
Browse files Browse the repository at this point in the history
  • Loading branch information
ravinderk authored Jun 16, 2022
1 parent a96046d commit 5a08268
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 13 deletions.
18 changes: 9 additions & 9 deletions includes/admin/tools/export/class-batch-export.php
Original file line number Diff line number Diff line change
Expand Up @@ -116,25 +116,25 @@ class Give_Batch_Export extends Give_Export {
/**
* Give_Batch_Export constructor.
*
* @unreleased Create only csv file.
* @since 2.9.0 add hash to filename to avoid collisions
* @since 1.5
*
* @param int $_step
* @param string|null $filename
*/
public function __construct( $_step = 1, $filename = null ) {

$upload_dir = wp_upload_dir();
$upload_dir = wp_upload_dir();
$this->filetype = '.csv';

if ( null === $filename ) {
$hash = uniqid();
$this->filename = "give-{$hash}-{$this->export_type}{$this->filetype}";
} else {
$this->filename = $filename;
}
if ( null === $filename ) {
$hash = uniqid();
$this->filename = "give-{$hash}-{$this->export_type}{$this->filetype}";
} else {
$this->filename = "{$filename}{$this->filetype}";
}

$this->file = trailingslashit( $upload_dir['basedir'] ) . $this->filename;
$this->file = trailingslashit( $upload_dir['basedir'] ) . $this->filename;

if ( ! is_writable( $upload_dir['basedir'] ) ) {
$this->is_writable = false;
Expand Down
6 changes: 3 additions & 3 deletions includes/admin/tools/export/export-actions.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
/**
* Process the download file generated by a batch export.
*
* @unreleased Sanitize file name. Allow plain file name only.
* @since 2.9.0 pass the filename received to the exporter
* @since 1.5
*
Expand Down Expand Up @@ -45,11 +46,10 @@ function give_process_batch_export_form() {
*/
do_action( 'give_batch_export_class_include', $_REQUEST['class'] );

$filename = $_REQUEST['file_name'];
$filename = basename(sanitize_file_name($_REQUEST['file_name']), '.csv');

$export = new $_REQUEST['class']( 1, $filename );
$export = new $_REQUEST['class']( 1, $filename );
$export->export();

}

add_action( 'give_form_batch_export', 'give_process_batch_export_form' );
Expand Down
5 changes: 4 additions & 1 deletion includes/admin/tools/export/export-functions.php
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
/**
* Process batch exports via ajax
*
* @unreleased Sanitize file name. Allow plain file name only.
* @since 1.5
* @return void
*/
Expand Down Expand Up @@ -48,7 +49,9 @@ function give_do_ajax_export() {

$step = absint( $_POST['step'] );
$class = sanitize_text_field( $form['give-export-class'] );
$filename = isset( $_POST['file_name'] ) ? sanitize_text_field( $_POST['file_name'] ) : null;
$filename = isset( $_POST['file_name'] ) ?
basename(sanitize_file_name( $_POST['file_name'] ), '.csv') :
null;

/* @var Give_Batch_Export $export */
$export = new $class( $step, $filename );
Expand Down

0 comments on commit 5a08268

Please sign in to comment.