On Thu, Jun 3, 2010 at 12:11 AM, Marco Schuster
<marco(a)harddisk.is-a-geek.org> wrote:
just one thing which makes Wordpress AutoUpdate suck
and would be
great if you'd take care of it while designing: check for the
permissions of ALL files you try to overwrite / update BEFORE trying
the update - maybe include a update.xml for each version delta which
details the changed files. Then make a fileperms() on each one and
look if the www-data user is allowed to write on this file.
fileperms() will return false results if non-Unix permissions are used
(like SELinux or AppArmor) or in the event of a race condition or in
the event of some non-permissions error like a full disk, and I assume
it doesn't work on Windows at all. It's usually not a good idea to
test for permission before you do something, if you can avoid it --
the only way to know if you can really take an action is to try and
see.
The most reliable way to do this is probably to make copies of all
directories that need to be changed; make the changes in the copies;
move those into place all at once; and move them all back if there's
an error. This way you spend as little time as possible in a
partially-updated state, and you can roll back quickly and easily if
there's a problem. If you can move a directory out of place, there
are very few conceivable errors that would prevent you from moving it
back, short of the PHP process dying midway through. Which is
hopefully unlikely, since a few directory moves should be very fast.