云策 WordPress 开发者社区

函数文档

wp_delete_file_from_directory()

查看官方原文 ↗
💡 云策文档标注

概述

wp_delete_file_from_directory() 是一个 WordPress 函数,用于在文件路径位于指定目录内时删除该文件。它通过验证文件路径是否在目录内来确保安全删除。

关键要点

  • 函数接受两个必需参数:$file(要删除文件的绝对路径)和 $directory(目录的绝对路径)。
  • 返回布尔值:成功时返回 true,失败时返回 false。
  • 内部使用 wp_is_stream() 处理流路径,wp_normalize_path() 规范化路径,并检查文件是否在目录内(使用 str_starts_with() 和 trailingslashit())。
  • 如果文件路径不在目录内或路径无效,函数返回 false。
  • 最终调用 wp_delete_file() 执行删除操作。

代码示例

function wp_delete_file_from_directory( $file, $directory ) {
    if ( wp_is_stream( $file ) ) {
        $real_file      = $file;
        $real_directory = $directory;
    } else {
        $real_file      = realpath( wp_normalize_path( $file ) );
        $real_directory = realpath( wp_normalize_path( $directory ) );
    }

    if ( false !== $real_file ) {
        $real_file = wp_normalize_path( $real_file );
    }

    if ( false !== $real_directory ) {
        $real_directory = wp_normalize_path( $real_directory );
    }

    if ( false === $real_file || false === $real_directory || ! str_starts_with( $real_file, trailingslashit( $real_directory ) ) ) {
        return false;
    }

    return wp_delete_file( $file );
}

注意事项

  • 确保提供绝对路径,否则可能导致删除失败或安全风险。
  • 函数在 WordPress 4.9.7 版本中引入。
  • 相关函数包括 wp_delete_file()、wp_is_stream()、wp_normalize_path() 和 trailingslashit()。
  • 被 wp_delete_attachment_files() 用于删除附件文件。
📄 原文内容

Deletes a file if its path is within the given directory.

Parameters

$filestringrequired
Absolute path to the file to delete.
$directorystringrequired
Absolute path to a directory.

Return

bool True on success, false on failure.

Source

function wp_delete_file_from_directory( $file, $directory ) {
	if ( wp_is_stream( $file ) ) {
		$real_file      = $file;
		$real_directory = $directory;
	} else {
		$real_file      = realpath( wp_normalize_path( $file ) );
		$real_directory = realpath( wp_normalize_path( $directory ) );
	}

	if ( false !== $real_file ) {
		$real_file = wp_normalize_path( $real_file );
	}

	if ( false !== $real_directory ) {
		$real_directory = wp_normalize_path( $real_directory );
	}

	if ( false === $real_file || false === $real_directory || ! str_starts_with( $real_file, trailingslashit( $real_directory ) ) ) {
		return false;
	}

	return wp_delete_file( $file );
}

View all references View on Trac View on GitHub

Uses Description
wp_delete_file()wp-includes/functions.php

Deletes a file.
wp_is_stream()wp-includes/functions.php

Tests if a given path is a stream URL
wp_normalize_path()wp-includes/functions.php

Normalizes a filesystem path.
trailingslashit()wp-includes/formatting.php

Appends a trailing slash.

Show 1 moreShow less

Used by Description
wp_delete_attachment_files()wp-includes/post.php

Deletes all files that belong to the given attachment.

Changelog

Version Description
4.9.7 Introduced.