when FS_METHOD = ‘direct’ is chosen?

0 Views

According to the WordPress Codes FS_METHOD = 'direct' is chosen when appropriate.

(Primary Preference) “direct” forces it to use Direct File I/O
requests from within PHP, this is fraught with opening up security
issues on poorly configured hosts, This is chosen automatically when
appropriate.

Read More

http://codex.wordpress.org/Editing_wp-config.php#WordPress_Upgrade_Constants

What is the criteria to be appropriate?

Post Views: 0

Related posts

Leave a Reply

1 comment

  1. Here’s the code from wp-admin/includes/file.php:

    if ( ! $method && function_exists('getmyuid') && function_exists('fileowner') ){
    if ( !$context )
        $context = WP_CONTENT_DIR;

    // If the directory doesn't exist (wp-content/languages) then use the parent directory
    // as we'll create it.
    if ( WP_LANG_DIR == $context && ! is_dir( $context ) )
        $context = dirname( $context );

    $context = trailingslashit($context);
    $temp_file_name = $context . 'temp-write-test-' . time();
    $temp_handle = @fopen($temp_file_name, 'w');
    if ( $temp_handle ) {
        if ( getmyuid() == @fileowner($temp_file_name) )
            $method = 'direct';
        @fclose($temp_handle);
        @unlink($temp_file_name);
    }
}

    The test appears to be

    1. Can we create a temporary file in the wp-content or wp-content/languages directory?
    2. Does that file belong to the current Unix user, i.e. there’s no setuid on wp-content?

    It only executes this check if we didn’t specify an FS_METHOD ourselves, and if the necessary filesystem calls to check #2 are available. The temporary file is cleaned up afterwards.