Fix handling of uploading of font files

src/wp-admin/includes/file.php

@@ -786,6 +786,10 @@ function validate_file_to_edit( $file, $allowed_files = array() ) {
  *     @type bool     $test_size                Whether to test that the file size is greater than zero bytes.
  *     @type bool     $test_type                Whether to test that the mime type of the file is as expected.
  *     @type string[] $mimes                    Array of allowed mime types keyed by their file extension regex.
+ *     @type string[] $upload_dir               Array of the uploads directory data as returned by
+ *                                              wp_upload_dir() or wp_font_dir(). Defaults to wp_upload_dir().
+ *                                              If using custom data array the uploads directory must exist.
+ *                                              See additional comments below.
  * }
  * @param string      $time      Time formatted in 'yyyy/mm'.
  * @param string      $action    Expected value for `$_POST['action']`.
@@ -972,11 +976,36 @@ function wp_handle_upload_error( &$file, $message ) {
 		$type = '';
 	}
 
+	if ( isset( $overrides['upload_dir'] ) ) {
+		/*
+		 * As mentioned in the description $overrides['upload_dir'] is expected to be an array
+		 * of the uploads directory data as returned by wp_uploads_dir() and wp_fonts_dir().
+		 *
+		 * It is possible to use custom data, however ensure the format matches exactly the array
+		 * returned by the above fiunctions. In addition the uploads directory should exist and
+		 * be accerssible before attempting to use it. For example that can be achieved
+		 * by usig wp_mkdir_p(). This data can also be cached, however ensure any caching
+		 * is reset after creating the directry.
+		 */
+		$uploads = $overrides['upload_dir'];
+
+		if ( ! is_array( $uploads ) || empty( $uploads['path'] ) || ! is_string( $uploads['path'] ) ) {
+			$uploads['error'] = __( 'The path to the uploads directory is incorrect.' );
+		} elseif ( ! is_dir( $uploads['path'] ) ) {
+			$uploads['error'] = __( 'The uploads directory does not exist.' );
+		}
+
+		if ( ! empty( $uploads['error'] ) ) {
+			return call_user_func_array( $upload_error_handler, array( &$file, $uploads['error'] ) );
+		}
+	} else {
+		$uploads = wp_upload_dir( $time );
+	}
+
 	/*
 	 * A writable uploads dir will pass this test. Again, there's no point
 	 * overriding this one.
 	 */
-	$uploads = wp_upload_dir( $time );
 	if ( ! ( $uploads && false === $uploads['error'] ) ) {
 		return call_user_func_array( $upload_error_handler, array( &$file, $uploads['error'] ) );
 	}

src/wp-includes/deprecated.php

@@ -6406,3 +6406,20 @@ function wp_create_block_style_variation_instance_name( $block, $variation ) {
 	_deprecated_function( __FUNCTION__, '6.7.0', 'wp_unique_id' );
 	return $variation . '--' . md5( serialize( $block ) );
 }
+
+/**
+ * A callback function for use in the {@see 'upload_dir'} filter.
+ *
+ * This function is intended for internal use only and should not be used by plugins and themes.
+ *
+ * @since 6.5.0
+ * @deprecated 6.6.0
+ * @access private
+ *
+ * @param string $font_dir The font directory path.
+ * @return string The font directory path.
+ */
+function _wp_filter_font_directory( $font_dir ) {
+	_deprecated_function( __FUNCTION__, '6.7.0' );
+	return $font_dir;
+}

src/wp-includes/fonts.php

@@ -128,43 +128,16 @@ function wp_get_font_dir() {
  * }
  */
 function wp_font_dir( $create_dir = true ) {
-	/*
-	 * Allow extenders to manipulate the font directory consistently.
-	 *
-	 * Ensures the upload_dir filter is fired both when calling this function
-	 * directly and when the upload directory is filtered in the Font Face
-	 * REST API endpoint.
-	 */
-	add_filter( 'upload_dir', '_wp_filter_font_directory' );
-	$font_dir = wp_upload_dir( null, $create_dir, false );
-	remove_filter( 'upload_dir', '_wp_filter_font_directory' );
-	return $font_dir;
-}
-
-/**
- * A callback function for use in the {@see 'upload_dir'} filter.
- *
- * This function is intended for internal use only and should not be used by plugins and themes.
- * Use wp_get_font_dir() instead.
- *
- * @since 6.5.0
- * @access private
- *
- * @param string $font_dir The font directory.
- * @return string The modified font directory.
- */
-function _wp_filter_font_directory( $font_dir ) {
-	if ( doing_filter( 'font_dir' ) ) {
-		// Avoid an infinite loop.
-		return $font_dir;
-	}
+	// Get base uploads directory.
+	$upload_dir = wp_upload_dir( null, false, false );
 
+	// Default fonts directory settings.
 	$font_dir = array(
-		'path'    => untrailingslashit( $font_dir['basedir'] ) . '/fonts',
-		'url'     => untrailingslashit( $font_dir['baseurl'] ) . '/fonts',
+		'path'    => untrailingslashit( $upload_dir['basedir'] ) . '/fonts',
+		'url'     => untrailingslashit( $upload_dir['baseurl'] ) . '/fonts',
 		'subdir'  => '',
-		'basedir' => untrailingslashit( $font_dir['basedir'] ) . '/fonts',
-		'baseurl' => untrailingslashit( $font_dir['baseurl'] ) . '/fonts',
+		'basedir' => untrailingslashit( $upload_dir['basedir'] ) . '/fonts',
+		'baseurl' => untrailingslashit( $upload_dir['baseurl'] ) . '/fonts',
 		'error'   => false,
 	);
 
@@ -185,8 +158,28 @@ function _wp_filter_font_directory( $font_dir ) {
 	 *     @type string       $baseurl URL path without subdir.
 	 *     @type string|false $error   False or error message.
 	 * }
+	 * @param array $upload_dir The uploads directory data as returned by {@see wp_upload_dir()}.
 	 */
-	return apply_filters( 'font_dir', $font_dir );
+	$font_dir = apply_filters( 'font_dir', $font_dir, $upload_dir );
+
+	// Do not attempt to create the /fonts directory if an error was set while running the 'font_dir' filter.
+	if ( ! empty( $font_dir['error'] ) ) {
+		return $font_dir;
+	}
+
+	if ( $create_dir ) {
+		$created = wp_mkdir_p( $font_dir['path'] );
+
+		if ( false === $created ) {
+			$font_dir['error'] = sprintf(
+				/* translators: %s: Directory path. */
+				__( 'Unable to create directory %s. Is its parent directory writable by the server?' ),
+				esc_html( $font_dir['path'] )
+			);
+		}
+	}
+
+	return $font_dir;
 }
 
 /**

src/wp-includes/functions.php

@@ -2871,6 +2871,9 @@ function _wp_check_existing_file_names( $filename, $files ) {
  * @param null|string $deprecated Never used. Set to null.
  * @param string      $bits       File content
  * @param string|null $time       Optional. Time formatted in 'yyyy/mm'. Default null.
+ * @param string[]    $upload_dir Optional. Array of the uploads directory data as returned by
+ *                                wp_upload_dir() or wp_font_dir(). If not set
+ *                                the function will use wp_upload_dir().
  * @return array {
  *     Information about the newly-uploaded file.
  *
@@ -2880,7 +2883,7 @@ function _wp_check_existing_file_names( $filename, $files ) {
  *     @type string|false $error Error message, if there has been an error.
  * }
  */
-function wp_upload_bits( $name, $deprecated, $bits, $time = null ) {
+function wp_upload_bits( $name, $deprecated, $bits, $time = null, $upload_dir = array() ) {
 	if ( ! empty( $deprecated ) ) {
 		_deprecated_argument( __FUNCTION__, '2.0.0' );
 	}
@@ -2894,10 +2897,12 @@ function wp_upload_bits( $name, $deprecated, $bits, $time = null ) {
 		return array( 'error' => __( 'Sorry, you are not allowed to upload this file type.' ) );
 	}
 
-	$upload = wp_upload_dir( $time );
+	if ( empty( $upload_dir ) ) {
+		$upload_dir = wp_upload_dir( $time );
+	}
 
-	if ( false !== $upload['error'] ) {
-		return $upload;
+	if ( false !== $upload_dir['error'] ) {
+		return $upload_dir;
 	}
 
 	/**
@@ -2919,18 +2924,18 @@ function wp_upload_bits( $name, $deprecated, $bits, $time = null ) {
 		)
 	);
 	if ( ! is_array( $upload_bits_error ) ) {
-		$upload['error'] = $upload_bits_error;
-		return $upload;
+		$upload_dir['error'] = $upload_bits_error;
+		return $upload_dir;
 	}
 
-	$filename = wp_unique_filename( $upload['path'], $name );
+	$filename = wp_unique_filename( $upload_dir['path'], $name );
 
-	$new_file = $upload['path'] . "/$filename";
+	$new_file = $upload_dir['path'] . "/$filename";
 	if ( ! wp_mkdir_p( dirname( $new_file ) ) ) {
-		if ( str_starts_with( $upload['basedir'], ABSPATH ) ) {
-			$error_path = str_replace( ABSPATH, '', $upload['basedir'] ) . $upload['subdir'];
+		if ( str_starts_with( $upload_dir['basedir'], ABSPATH ) ) {
+			$error_path = str_replace( ABSPATH, '', $upload_dir['basedir'] ) . $upload_dir['subdir'];
 		} else {
-			$error_path = wp_basename( $upload['basedir'] ) . $upload['subdir'];
+			$error_path = wp_basename( $upload_dir['basedir'] ) . $upload_dir['subdir'];
 		}
 
 		$message = sprintf(
@@ -2961,7 +2966,7 @@ function wp_upload_bits( $name, $deprecated, $bits, $time = null ) {
 	clearstatcache();
 
 	// Compute the URL.
-	$url = $upload['url'] . "/$filename";
+	$url = $upload_dir['url'] . "/$filename";
 
 	if ( is_multisite() ) {
 		clean_dirsize_cache( $new_file );

src/wp-includes/rest-api/endpoints/class-wp-rest-font-faces-controller.php

@@ -856,15 +856,18 @@ protected function sanitize_src( $value ) {
 	 */
 	protected function handle_font_file_upload( $file ) {
 		add_filter( 'upload_mimes', array( 'WP_Font_Utils', 'get_allowed_font_mime_types' ) );
-		// Filter the upload directory to return the fonts directory.
-		add_filter( 'upload_dir', '_wp_filter_font_directory' );
+
+		// This will create the /fonts directory if it doesn't exist.
+		$font_dir = wp_font_dir();
 
 		$overrides = array(
 			'upload_error_handler' => array( $this, 'handle_font_file_upload_error' ),
 			// Not testing a form submission.
 			'test_form'            => false,
 			// Only allow uploading font files for this request.
 			'mimes'                => WP_Font_Utils::get_allowed_font_mime_types(),
+			// Upload to the /fonts directory
+			'upload_dir'           => $font_dir,
 		);
 
 		// Bypasses is_uploaded_file() when running unit tests.
@@ -874,7 +877,6 @@ protected function handle_font_file_upload( $file ) {
 
 		$uploaded_file = wp_handle_upload( $file, $overrides );
 
-		remove_filter( 'upload_dir', '_wp_filter_font_directory' );
 		remove_filter( 'upload_mimes', array( 'WP_Font_Utils', 'get_allowed_font_mime_types' ) );
 
 		return $uploaded_file;

tests/phpunit/tests/fonts/font-library/fontLibraryHooks.php

@@ -73,13 +73,16 @@ protected function upload_font_file( $font_filename ) {
 		$font_file_path = DIR_TESTDATA . '/fonts/' . $font_filename;
 
 		add_filter( 'upload_mimes', array( 'WP_Font_Utils', 'get_allowed_font_mime_types' ) );
-		add_filter( 'upload_dir', '_wp_filter_font_directory' );
+		$font_dir = wp_get_font_dir();
+
 		$font_file = wp_upload_bits(
 			$font_filename,
 			null,
-			file_get_contents( $font_file_path )
+			file_get_contents( $font_file_path ),
+			null,
+			$font_dir
 		);
-		remove_filter( 'upload_dir', '_wp_filter_font_directory' );
+
 		remove_filter( 'upload_mimes', array( 'WP_Font_Utils', 'get_allowed_font_mime_types' ) );
 
 		return $font_file;

tests/phpunit/tests/fonts/font-library/wpFontsDir.php

@@ -111,14 +111,6 @@ function set_new_values( $defaults ) {
 	 * @ticket 60652
 	 */
 	public function test_fonts_dir_filters_do_not_trigger_infinite_loop() {
-		/*
-		 * Naive filtering of uploads directory to return font directory.
-		 *
-		 * This emulates the approach a plugin developer may take to
-		 * add the filter when extending the font library functionality.
-		 */
-		add_filter( 'upload_dir', '_wp_filter_font_directory' );
-
 		add_filter(
 			'upload_dir',
 			function ( $upload_dir ) {