* Upgrade API: WP_Upgrader class
* Requires skin classes and WP_Upgrader subclasses for backward compatibility.
/** WP_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader-skin.php';
/** Plugin_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-plugin-upgrader-skin.php';
/** Theme_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-theme-upgrader-skin.php';
/** Bulk_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-bulk-upgrader-skin.php';
/** Bulk_Plugin_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-bulk-plugin-upgrader-skin.php';
/** Bulk_Theme_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-bulk-theme-upgrader-skin.php';
/** Plugin_Installer_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-plugin-installer-skin.php';
/** Theme_Installer_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-theme-installer-skin.php';
/** Language_Pack_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-language-pack-upgrader-skin.php';
/** Automatic_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-automatic-upgrader-skin.php';
/** WP_Ajax_Upgrader_Skin class */
require_once ABSPATH . 'wp-admin/includes/class-wp-ajax-upgrader-skin.php';
* Core class used for upgrading/installing a local set of files via
* the Filesystem Abstraction classes from a Zip file.
#[AllowDynamicProperties]
* The error/notification strings used to update the user on the progress.
public $strings = array();
* The upgrader skin being used.
* @var Automatic_Upgrader_Skin|WP_Upgrader_Skin $skin
* The result of the installation.
* This is set by WP_Upgrader::install_package(), only when the package is installed
* successfully. It will then be an array, unless a WP_Error is returned by the
* {@see 'upgrader_post_install'} filter. In that case, the WP_Error will be assigned to
* @var array|WP_Error $result {
* @type string $source The full path to the source the files were installed from.
* @type string $source_files List of all the files in the source directory.
* @type string $destination The full path to the installation destination folder.
* @type string $destination_name The name of the destination folder, or empty if `$destination`
* and `$local_destination` are the same.
* @type string $local_destination The full local path to the destination folder. This is usually
* the same as `$destination`.
* @type string $remote_destination The full remote path to the destination folder
* (i.e., from `$wp_filesystem`).
* @type bool $clear_destination Whether the destination folder was cleared.
public $result = array();
* The total number of updates being performed.
* Set by the bulk update methods.
public $update_count = 0;
* The current update if multiple updates are being performed.
* Used by the bulk update methods, and incremented for each update.
public $update_current = 0;
* Stores the list of plugins or themes added to temporary backup directory.
* Used by the rollback functions.
private $temp_backups = array();
* Stores the list of plugins or themes to be restored from temporary backup directory.
* Used by the rollback functions.
private $temp_restores = array();
* Construct the upgrader with a skin.
* @param WP_Upgrader_Skin $skin The upgrader skin to use. Default is a WP_Upgrader_Skin
public function __construct( $skin = null ) {
$this->skin = new WP_Upgrader_Skin();
* Initializes the upgrader.
* This will set the relationship between the skin being used and this upgrader,
* and also add the generic strings to `WP_Upgrader::$strings`.
* Additionally, it will schedule a weekly task to clean up the temporary backup directory.
* @since 6.3.0 Added the `schedule_temp_backup_cleanup()` task.
$this->skin->set_upgrader( $this );
$this->generic_strings();
if ( ! wp_installing() ) {
$this->schedule_temp_backup_cleanup();
* Schedules the cleanup of the temporary backup directory.
protected function schedule_temp_backup_cleanup() {
if ( false === wp_next_scheduled( 'wp_delete_temp_updater_backups' ) ) {
wp_schedule_event( time(), 'weekly', 'wp_delete_temp_updater_backups' );
* Adds the generic strings to WP_Upgrader::$strings.
public function generic_strings() {
$this->strings['bad_request'] = __( 'Invalid data provided.' );
$this->strings['fs_unavailable'] = __( 'Could not access filesystem.' );
$this->strings['fs_error'] = __( 'Filesystem error.' );
$this->strings['fs_no_root_dir'] = __( 'Unable to locate WordPress root directory.' );
/* translators: %s: Directory name. */
$this->strings['fs_no_content_dir'] = sprintf( __( 'Unable to locate WordPress content directory (%s).' ), 'wp-content' );
$this->strings['fs_no_plugins_dir'] = __( 'Unable to locate WordPress plugin directory.' );
$this->strings['fs_no_themes_dir'] = __( 'Unable to locate WordPress theme directory.' );
/* translators: %s: Directory name. */
$this->strings['fs_no_folder'] = __( 'Unable to locate needed folder (%s).' );
$this->strings['no_package'] = __( 'Package not available.' );
$this->strings['download_failed'] = __( 'Download failed.' );
$this->strings['installing_package'] = __( 'Installing the latest version…' );
$this->strings['no_files'] = __( 'The package contains no files.' );
$this->strings['folder_exists'] = __( 'Destination folder already exists.' );
$this->strings['mkdir_failed'] = __( 'Could not create directory.' );
$this->strings['incompatible_archive'] = __( 'The package could not be installed.' );
$this->strings['files_not_writable'] = __( 'The update cannot be installed because some files could not be copied. This is usually due to inconsistent file permissions.' );
$this->strings['maintenance_start'] = __( 'Enabling Maintenance mode…' );
$this->strings['maintenance_end'] = __( 'Disabling Maintenance mode…' );
/* translators: %s: upgrade-temp-backup */
$this->strings['temp_backup_mkdir_failed'] = sprintf( __( 'Could not create the %s directory.' ), 'upgrade-temp-backup' );
/* translators: %s: upgrade-temp-backup */
$this->strings['temp_backup_move_failed'] = sprintf( __( 'Could not move the old version to the %s directory.' ), 'upgrade-temp-backup' );
/* translators: %s: The plugin or theme slug. */
$this->strings['temp_backup_restore_failed'] = __( 'Could not restore the original version of %s.' );
/* translators: %s: The plugin or theme slug. */
$this->strings['temp_backup_delete_failed'] = __( 'Could not delete the temporary backup directory for %s.' );
* Connects to the filesystem.
* @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
* @param string[] $directories Optional. Array of directories. If any of these do
* not exist, a WP_Error object will be returned.
* @param bool $allow_relaxed_file_ownership Whether to allow relaxed file ownership.
* @return bool|WP_Error True if able to connect, false or a WP_Error otherwise.
public function fs_connect( $directories = array(), $allow_relaxed_file_ownership = false ) {
$credentials = $this->skin->request_filesystem_credentials( false, $directories[0], $allow_relaxed_file_ownership );
if ( false === $credentials ) {
if ( ! WP_Filesystem( $credentials, $directories[0], $allow_relaxed_file_ownership ) ) {
if ( is_object( $wp_filesystem ) && $wp_filesystem->errors->has_errors() ) {
$error = $wp_filesystem->errors;
// Failed to connect. Error and request again.
$this->skin->request_filesystem_credentials( $error, $directories[0], $allow_relaxed_file_ownership );
if ( ! is_object( $wp_filesystem ) ) {
return new WP_Error( 'fs_unavailable', $this->strings['fs_unavailable'] );
if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) {
return new WP_Error( 'fs_error', $this->strings['fs_error'], $wp_filesystem->errors );
foreach ( (array) $directories as $dir ) {
if ( ! $wp_filesystem->abspath() ) {
return new WP_Error( 'fs_no_root_dir', $this->strings['fs_no_root_dir'] );
if ( ! $wp_filesystem->wp_content_dir() ) {
return new WP_Error( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] );
if ( ! $wp_filesystem->wp_plugins_dir() ) {
return new WP_Error( 'fs_no_plugins_dir', $this->strings['fs_no_plugins_dir'] );
if ( ! $wp_filesystem->wp_themes_dir() ) {
return new WP_Error( 'fs_no_themes_dir', $this->strings['fs_no_themes_dir'] );
if ( ! $wp_filesystem->find_folder( $dir ) ) {
return new WP_Error( 'fs_no_folder', sprintf( $this->strings['fs_no_folder'], esc_html( basename( $dir ) ) ) );
* @since 5.2.0 Added the `$check_signatures` parameter.
* @since 5.5.0 Added the `$hook_extra` parameter.
* @param string $package The URI of the package. If this is the full path to an
* existing local file, it will be returned untouched.
* @param bool $check_signatures Whether to validate file signatures. Default false.
* @param array $hook_extra Extra arguments to pass to the filter hooks. Default empty array.
* @return string|WP_Error The full path to the downloaded package file, or a WP_Error object.
public function download_package( $package, $check_signatures = false, $hook_extra = array() ) {
* Filters whether to return the package.
* @since 5.5.0 Added the `$hook_extra` parameter.
* @param bool $reply Whether to bail without returning the package.
* @param string $package The package file name.
* @param WP_Upgrader $upgrader The WP_Upgrader instance.
* @param array $hook_extra Extra arguments passed to hooked filters.
$reply = apply_filters( 'upgrader_pre_download', false, $package, $this, $hook_extra );
if ( false !== $reply ) {
if ( ! preg_match( '!^(http|https|ftp)://!i', $package ) && file_exists( $package ) ) { // Local file or remote?
return $package; // Must be a local file.
if ( empty( $package ) ) {
return new WP_Error( 'no_package', $this->strings['no_package'] );
$this->skin->feedback( 'downloading_package', $package );
$download_file = download_url( $package, 300, $check_signatures );
if ( is_wp_error( $download_file ) && ! $download_file->get_error_data( 'softfail-filename' ) ) {
return new WP_Error( 'download_failed', $this->strings['download_failed'], $download_file->get_error_message() );
* Unpacks a compressed package file.
* @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
* @param string $package Full path to the package file.
* @param bool $delete_package Optional. Whether to delete the package file after attempting
* to unpack it. Default true.
* @return string|WP_Error The path to the unpacked contents, or a WP_Error on failure.
public function unpack_package( $package, $delete_package = true ) {
$this->skin->feedback( 'unpack_package' );
if ( ! $wp_filesystem->wp_content_dir() ) {
return new WP_Error( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] );
$upgrade_folder = $wp_filesystem->wp_content_dir() . 'upgrade/';
// Clean up contents of upgrade directory beforehand.
$upgrade_files = $wp_filesystem->dirlist( $upgrade_folder );
if ( ! empty( $upgrade_files ) ) {
foreach ( $upgrade_files as $file ) {
$wp_filesystem->delete( $upgrade_folder . $file['name'], true );
// We need a working directory - strip off any .tmp or .zip suffixes.
$working_dir = $upgrade_folder . basename( basename( $package, '.tmp' ), '.zip' );
// Clean up working directory.
if ( $wp_filesystem->is_dir( $working_dir ) ) {
$wp_filesystem->delete( $working_dir, true );
// Unzip package to working directory.
$result = unzip_file( $package, $working_dir );
// Once extracted, delete the package if required.
if ( is_wp_error( $result ) ) {
$wp_filesystem->delete( $working_dir, true );
if ( 'incompatible_archive' === $result->get_error_code() ) {
return new WP_Error( 'incompatible_archive', $this->strings['incompatible_archive'], $result->get_error_data() );
* Flattens the results of WP_Filesystem_Base::dirlist() for iterating over.
* @param array $nested_files Array of files as returned by WP_Filesystem_Base::dirlist().
* @param string $path Relative path to prepend to child nodes. Optional.
* @return array A flattened array of the $nested_files specified.
protected function flatten_dirlist( $nested_files, $path = '' ) {
foreach ( $nested_files as $name => $details ) {
$files[ $path . $name ] = $details;
// Append children recursively.
if ( ! empty( $details['files'] ) ) {
$children = $this->flatten_dirlist( $details['files'], $path . $name . '/' );
// Merge keeping possible numeric keys, which array_merge() will reindex from 0..n.
$files = $files + $children;
* Clears the directory where this item is going to be installed into.
* @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
* @param string $remote_destination The location on the remote filesystem to be cleared.
* @return true|WP_Error True upon success, WP_Error on failure.
public function clear_destination( $remote_destination ) {
$files = $wp_filesystem->dirlist( $remote_destination, true, true );
// False indicates that the $remote_destination doesn't exist.
if ( false === $files ) {
// Flatten the file list to iterate over.
$files = $this->flatten_dirlist( $files );
// Check all files are writable before attempting to clear the destination.
$unwritable_files = array();
foreach ( $files as $filename => $file_details ) {
if ( ! $wp_filesystem->is_writable( $remote_destination . $filename ) ) {
// Attempt to alter permissions to allow writes and try again.
$wp_filesystem->chmod( $remote_destination . $filename, ( 'd' === $file_details['type'] ? FS_CHMOD_DIR : FS_CHMOD_FILE ) );
if ( ! $wp_filesystem->is_writable( $remote_destination . $filename ) ) {
$unwritable_files[] = $filename;
if ( ! empty( $unwritable_files ) ) {
return new WP_Error( 'files_not_writable', $this->strings['files_not_writable'], implode( ', ', $unwritable_files ) );
if ( ! $wp_filesystem->delete( $remote_destination, true ) ) {
return new WP_Error( 'remove_old_failed', $this->strings['remove_old_failed'] );
* Copies the contents of a package from a source directory, and installs them in
* a destination directory. Optionally removes the source. It can also optionally
* clear out the destination folder if it already exists.
* @since 6.2.0 Use move_dir() instead of copy_dir() when possible.
* @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
* @global array $wp_theme_directories
* @param array|string $args {
* Optional. Array or string of arguments for installing a package. Default empty array.
* @type string $source Required path to the package source. Default empty.
* @type string $destination Required path to a folder to install the package in.
* @type bool $clear_destination Whether to delete any files already in the destination
* @type bool $clear_working Whether to delete the files from the working directory
* after copying them to the destination. Default false.
* @type bool $abort_if_destination_exists Whether to abort the installation if
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
