Move database directory creation outside of the driver, revamp it

Author: JanJakes

wp-includes/sqlite-ast/class-wp-sqlite-driver.php

@@ -349,10 +349,6 @@ public function __construct( array $options ) {
 			}
 			$path = $options['path'];
 
-			if ( ':memory:' !== $path && ! is_file( $path ) ) {
-				$this->prepare_directory();
-			}
-
 			try {
 				$this->pdo = new PDO( 'sqlite:' . $path );
 			} catch ( PDOException $e ) {
@@ -2321,51 +2317,6 @@ private function quote_mysql_identifier( string $unquoted_identifier ): string {
 		return '`' . str_replace( '`', '``', $unquoted_identifier ) . '`';
 	}
 
-	/**
-	 * This method makes database directory and .htaccess file.
-	 *
-	 * It is executed only once when the installation begins.
-	 */
-	private function prepare_directory() {
-		$u = umask( 0000 );
-		if ( ! is_dir( FQDBDIR ) ) {
-			if ( ! @mkdir( FQDBDIR, 0704, true ) ) {
-				umask( $u );
-				wp_die( 'Unable to create the required directory! Please check your server settings.', 'Error!' );
-			}
-		}
-		if ( ! is_writable( FQDBDIR ) ) {
-			umask( $u );
-			$message = 'Unable to create a file in the directory! Please check your server settings.';
-			wp_die( $message, 'Error!' );
-		}
-		if ( ! is_file( FQDBDIR . '.htaccess' ) ) {
-			$fh = fopen( FQDBDIR . '.htaccess', 'w' );
-			if ( ! $fh ) {
-				umask( $u );
-				echo 'Unable to create a file in the directory! Please check your server settings.';
-
-				return false;
-			}
-			fwrite( $fh, 'DENY FROM ALL' );
-			fclose( $fh );
-		}
-		if ( ! is_file( FQDBDIR . 'index.php' ) ) {
-			$fh = fopen( FQDBDIR . 'index.php', 'w' );
-			if ( ! $fh ) {
-				umask( $u );
-				echo 'Unable to create a file in the directory! Please check your server settings.';
-
-				return false;
-			}
-			fwrite( $fh, '<?php // Silence is gold. ?>' );
-			fclose( $fh );
-		}
-		umask( $u );
-
-		return true;
-	}
-
 	/**
 	 * Method to clear previous data.
 	 */

wp-includes/sqlite/class-wp-sqlite-db.php

@@ -240,6 +240,7 @@ public function db_connect( $allow_bail = true ) {
 			require_once __DIR__ . '/../../wp-includes/sqlite-ast/class-wp-sqlite-driver.php';
 			require_once __DIR__ . '/../../wp-includes/sqlite-ast/class-wp-sqlite-driver-exception.php';
 			require_once __DIR__ . '/../../wp-includes/sqlite-ast/class-wp-sqlite-information-schema-builder.php';
+			$this->ensure_database_directory( FQDB );
 			$this->dbh = new WP_SQLite_Driver(
 				array(
 					'connection'          => $pdo,
@@ -442,4 +443,51 @@ public function db_version() {
 	public function db_server_info() {
 		return $this->dbh->get_sqlite_version();
 	}
+
+	/**
+	 * Make sure the SQLite database directory exists and is writable.
+	 * Create .htaccess and index.php files to prevent direct access.
+	 *
+	 * @param string $database_path The path to the SQLite database file.
+	 */
+	private function ensure_database_directory( string $database_path ) {
+		$dir = dirname( $database_path );
+
+		// Set the umask to 0000 to apply permissions exactly as specified.
+		// A non-zero umask affects new file and directory permissions.
+		$umask = umask( 0 );
+
+		// Ensure database directory.
+		if ( ! is_dir( $dir ) ) {
+			if ( ! @mkdir( $dir, 0700, true ) ) {
+				wp_die( sprintf( 'Failed to create database directory: %s', $dir ), 'Error!' );
+			}
+		}
+		if ( ! is_writable( $dir ) ) {
+			wp_die( sprintf( 'Database directory is not writable: %s', $dir ), 'Error!' );
+		}
+
+		// Ensure .htaccess file to prevent direct access.
+		$path = $dir . DIRECTORY_SEPARATOR . '.htaccess';
+		if ( ! is_file( $path ) ) {
+			$result = file_put_contents( $path, 'DENY FROM ALL', LOCK_EX );
+			if ( false === $result ) {
+				wp_die( sprintf( 'Failed to create file: %s', $path ), 'Error!' );
+			}
+			chmod( $path, 0600 );
+		}
+
+		// Ensure index.php file to prevent direct access.
+		$path = $dir . DIRECTORY_SEPARATOR . 'index.php';
+		if ( ! is_file( $path ) ) {
+			$result = file_put_contents( $path, '<?php // Silence is gold. ?>', LOCK_EX );
+			if ( false === $result ) {
+				wp_die( sprintf( 'Failed to create file: %s', $path ), 'Error!' );
+			}
+			chmod( $path, 0600 );
+		}
+
+		// Restore the original umask value.
+		umask( $umask );
+	}
 }