No, there is not a more convenient way. The thing is, your first example is insecure on the most common hosting systems because the directory will be “owned” by whatever user the webserver itself is running as. Thus, anybody else able to execute code on that same webserver will be able to access it, write … Read more
No. Keep in mind that the code sniffer is a limited utility operating on very simplistic parsing of the PHP code and has very little contextual knowledge. Therefor, you should use it as an advisory, a tool that should direct you to give a second thought to a part of your code, and not as … Read more
Initialize the WP filesystem and no more using file_put_contents function. Try this: […] global $wp_filesystem; // Initialize the WP filesystem, no more using ‘file-put-contents’ function if (empty($wp_filesystem)) { require_once (ABSPATH . ‘/wp-admin/includes/file.php’); WP_Filesystem(); } if(!$wp_filesystem->put_contents( $path, $css, 0644) ) { return __(‘Failed to create css file’); }
i guess you are looking for this add_attachment and delete_attachment example: add_action(‘add_attachment’, ‘attachment_manipulation’); function attachment_manipulation($id) { if(wp_attachment_is_image($id)){ //do your own tasks } }
Check out download_url() – it’s only loaded in the admin, so you’ll have to include it (or write your own) if needed on the front-end. From download_url() you can use: $response = wp_remote_get( TCS_CPDF_REMOTE_ZIP, array( ‘timeout’ => 300, ‘stream’ => true, ‘filename’ => TCS_CPDF_LOCAL_ZIP ) );
It would be nice if WordPress had a standards based cache directory, but since it doesn’t I think the best option is to keep it in the plugin folder itself. Uploads are in my opinion for actual uploads and cache files are not really considered as such. I think it easier to manage , reduces … Read more
wp-content/uploads/ should be writable for the server (otherwise it would be impossible to upload a file, no?). If you are going to create something under this directory, it is safe to use wp_mkdir_p(). I would only use WP_Filesystem if there is a chance the server does not have permissions to write to the location, like … Read more