AI Verified

Name

Delete WP Automatically Generated Images (not tested and audited yet)

About

Delete from the database the images that WP automatically generated from uploaded images

Language

PHP

Rating

Voted: 1 by 1 user(s)

Codevault

laurentf

Scroll down to see more snippets from this codevault.

Wordpress Compatability

The author has indicated that this snippet is compatable up to wordpress version: 6.1

Our AI bot has checked this snippet is compatable up to wordpress version: 6.1

Code Snippet Plugin Sync

Free & Pro

Download this snippet by clicking the download button, then head over to the Code Snippet Plugin settings in your wordpress admin dashboard, select the import menu then upload this file to import into your wordpress site.

Pro Only (Coming Soon)

You will be able to click a button and sync this snippet to your wordpress site automatically and from your dashboard manage all code snippets across all your wordpress sites that have the Code Snippets Pro plugin installed.

History

Last modified:

06/07/2024

Important Note

This snippet has the following status:

AI Verified

This snippet has been tested by our AI bot, see any comments below.

Learn More

AI Bot Comments:

Potential vulnerability found : File Inclusion / Path Traversal
Found on line : -1
Code : file(= $upload_dir['basedir'] . '/' . $path['dirname'] . '/' . $size_data['file'])
Vulnerable line : 10
Code : $path = pathinfo( $meta['file'] ));

Potential vulnerability found : File Inclusion / Path Traversal
Found on line : 27
Code : file( $intermediate_file )
Vulnerable line : 20
Code : $intermediate_file = $upload_dir['basedir'] . '/' . $path['dirname'] . '/' . $size_data['file']);

Found 2 vulnerabilities

Delete WP Automatically Generated Images (not tested and audited yet)

 
                    
 1// Define a function to delete generated image sizes for an attachment
 2function delete_generated_image_sizes( $attachment_id ) {
 3    // Get metadata for the attachment
 4    $meta = wp_get_attachment_metadata( $attachment_id );
 5 
 6    // Get the upload directory information
 7    $upload_dir = wp_upload_dir();
 8 
 9    // Get path information for the original file
10    $path = pathinfo( $meta['file'] );
11 
12    // Check if the dirname is outside the upload directory
13    if (strpos($path['dirname'], $upload_dir['basedir']) !== 0) {
14        return; // Stop execution if the dirname is outside the upload directory
15    }
16 
17    // Loop through each generated size of the image
18    foreach( $meta['sizes'] as $size => $size_data ) {
19        // Construct the path to the generated size file
20        $intermediate_file = $upload_dir['basedir'] . '/' . $path['dirname'] . '/' . $size_data['file'];
21 
22        // Skip if the intermediate file is outside the upload directory
23        if (strpos($intermediate_file, $upload_dir['basedir']) !== 0) {
24            continue; // Skip if the intermediate file is outside the upload directory
25        }
26 
27        // Delete the intermediate file
28        wp_delete_file( $intermediate_file );
29    }
30}
31 
32// Hook the function to the 'delete_attachment' action in WordPress
33add_action( 'delete_attachment', 'delete_generated_image_sizes' );

1

Comments

  • LF
    Laurent F.

    7 months ago

    I asked ChatGPT to come up with a fix to these vulnerabilities and here is the updated version:

function delete_generated_image_sizes( $attachment_id ) {
    $meta = wp_get_attachment_metadata( $attachment_id );
    $upload_dir = wp_upload_dir();
    $path = pathinfo( $meta['file'] );

    // Check if the dirname is outside the upload directory
    if (strpos($path['dirname'], $upload_dir['basedir']) !== 0) {
        return;
    }

    foreach( $meta['sizes'] as $size => $size_data ) {
        $intermediate_file = $upload_dir['basedir'] . '/' . $path['dirname'] . '/' . $size_data['file'];

        // Skip if the intermediate file is outside the upload directory
        if (strpos($intermediate_file, $upload_dir['basedir']) !== 0) {
            continue;
        }

        wp_delete_file( $intermediate_file );
    }
}

add_action( 'delete_attachment', 'delete_generated_image_sizes' );
  • LF
    Laurent F.

    7 months ago

    You can ignore my first comment because I updated the snippet above.

Related Snippets

Please see some snippets below related to this snippet..

General

AI Verified

0

Hide User Data

Added: 1 week ago

Last Updated: 1 week ago

Hides the user data from hackers using wp-json/wp/v2/users to find user info

View

General

Unverified

0

ticketReservation

Added: 2 months ago

Last Updated: 2 months ago

View

General

AI Verified

5

Remove Google Fonts and Use System Fonts

Added: 1 year ago

Last Updated: 4 months ago

Use this hook to remove all Google Fonts from website and use system fonts for best CLS Score.

View

Other Snippets in this Codevault

These are some popular snippets from this users codevault..

General

AI Verified

1

Delete WP Automatically Generated Images (not tested and audited yet)

Added: 7 months ago

Last Updated: 1 day ago

Delete from the database the images that WP automatically generated from uploaded images

View

General

AI Verified

0

Disable and Delete Image Sizes Generated by WordPress

Added: 7 months ago

Last Updated: 7 months ago

This WordPress code snippet optimizes image handling by disabling automatic generation of various image sizes during uploads and removing existing generated sizes, thereby enhancing site performance a...

View