WC_Admin_Settings::check_download_folder_protection()
Checks which method we’re using to serve downloads.
Description Description
If using force or x-sendfile, this ensures the .htaccess is in place.
Source Source
File: includes/admin/class-wc-admin-settings.php
public static function check_download_folder_protection() {
$upload_dir = wp_get_upload_dir();
$downloads_path = $upload_dir['basedir'] . '/woocommerce_uploads';
$download_method = get_option( 'woocommerce_file_download_method' );
$file_path = $downloads_path . '/.htaccess';
$file_content = 'redirect' === $download_method ? 'Options -Indexes' : 'deny from all';
$create = false;
if ( wp_mkdir_p( $downloads_path ) && ! file_exists( $file_path ) ) {
$create = true;
} else {
$current_content = @file_get_contents( $file_path ); // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged, WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents
if ( $current_content !== $file_content ) {
unlink( $file_path );
$create = true;
}
}
if ( $create ) {
$file_handle = @fopen( $file_path, 'wb' ); // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged, WordPress.WP.AlternativeFunctions.file_system_read_fopen
if ( $file_handle ) {
fwrite( $file_handle, $file_content ); // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fwrite
fclose( $file_handle ); // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fclose
}
}
}