validate_file

File validates against allowed set of defined rules.

Description

(int) validate_file( (string) $file, (string) $allowed_files = '' ); 

A return value of 1 means that the $file contains either ... or ./. A return value of 2 means that the $file contains : after the first character. A return value of 3 means that the file is not in the allowed files list.

Returns (int)

0 means nothing is wrong, greater than 0 means something was wrong.

Parameters (2)

0. $file (string)
File path.
1. $allowed_files — Optional. (string) => ''
List of allowed files.

Usage

  1. if ( !function_exists( 'validate_file' ) ) { 
  2. require_once ABSPATH . WPINC . '/functions.php'; 
  3.  
  4. // File path. 
  5. $file = ''; 
  6.  
  7. // List of allowed files. 
  8. $allowed_files = ''; 
  9.  
  10. // NOTICE! Understand what this does before running. 
  11. $result = validate_file($file, $allowed_files); 
  12.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/functions.php  
  1. function validate_file( $file, $allowed_files = '' ) { 
  2. if ( false !== strpos( $file, '..' ) ) 
  3. return 1; 
  4.  
  5. if ( false !== strpos( $file, './' ) ) 
  6. return 1; 
  7.  
  8. if ( ! empty( $allowed_files ) && ! in_array( $file, $allowed_files ) ) 
  9. return 3; 
  10.  
  11. if (':' == substr( $file, 1, 1 ) ) 
  12. return 2; 
  13.  
  14. return 0;