WordPress.org

Ready to get started?Download WordPress

Forums

Prevent files from being overwritten; PlugIn Update (6 posts)

  1. valentinalisch
    Member
    Posted 2 years ago #

    Hey there,

    is there any way to prevent certain files from being overwritten by a plugIn update?
    I provided a plugIn in which user's area able to add custom stylesheets by adding them to a specific directory WITHIN the plugIn folder.

    No whenever I do push out updates those user-added stylesheets will be overwritten.
    How to prevent that?

    Regards,
    Valentin

  2. MickeyRoush
    Member
    Posted 2 years ago #

    Change the file permission of the file to 444.

  3. michael.mariart
    Member
    Posted 2 years ago #

    The best way to do this is to save the users files outside of the plugin directory.

    /
    /wp-content/
    /wp-content/plugins/
    /wp-content/plugins/myplugin
    /wp-content/plugins/myplugindata

    That way nothing in the /myplugindata/ folder will be over-written when you update your plugins code.

    The idea of changing the file permission isn't to bad in theory, but it will produce an error when the update code tries to delete the current plugin files. I haven't tried this myself but I know that it will at laest show up with an error when you do an update, but could possibly throw a fatal error, braeking the update and leaving you with an unstable system.

  4. MickeyRoush
    Member
    Posted 2 years ago #

    michael.mariart wrote:

    The idea of changing the file permission isn't to bad in theory, but it will produce an error when the update code tries to delete the current plugin files. I haven't tried this myself but I know that it will at laest show up with an error when you do an update, but could possibly throw a fatal error, braeking the update and leaving you with an unstable system.

    Error reporting should be disabled on a live site.

    I practice this all the time, with no ill side effects.

  5. michael.mariart
    Member
    Posted 2 years ago #

    I definately agree that error reprting should be turned off on a live site. this will help a lot with any issues that setting the file permissions will have.

    It's still not the best idea for a plugin. The biggest reason is what happens if the file permission gets set somehow else? I've had times when a server admin has done a 'chmod -R' on my file system to fix something that they thought was wrong, and if someone did something ike this, it would change back the file permissions, so it would enable writing to that file again. There's also the idea that most servers are set up slightly differently, especially on shared hosting servers, so you should never count on what the security and error reporting settings are unless you explicitly set them yourself. It may not be an issue, but if you are distrubuting a plugin then it's not a good idea to have "change file permissions" in the instructions because a whole lot of people will miss/ignore that sort of step as thye won't understand it. If it's installed through the automatic installer then they won't read the instructions anyway and will miss everything like that that you need done.

    By setting up important files outside of your plugin structure, you get around all of these issues, and all it takes is one or two lines of code in your plugin to craete the extra folder if it doesn't exist already.

    Changing the file permission isn't wrong, and it will work in the vast majority of cases. But it does create it's own set of concerns on top of what you start out with that can easly be removed by using a different strategy.

  6. valentinalisch
    Member
    Posted 2 years ago #

    Thanks a bunch for your help.

    Changing the file permission is definitely the wrong decision for this to work the way it should.

    I wen't with another folder which will be automatically created whenever a user installs the plugIn.
    Might not be the best solution to this problem but at least custom files are safe from being overwritten.

Topic Closed

This topic has been closed to new replies.

About this Topic