Filter Since 5.5.0 Added the `$hook_extra` parameter. uncanny-continuing-education-credits

upgrader_pre_download

Filters whether to return the package. Filters whether to return the package before it is downloaded, allowing early bailouts.

add_filter( 'upgrader_pre_download', $callback, 10, 4 );

Description

Control the package download process before it happens. This filter allows developers to decide whether to skip returning the package based on custom logic. Developers can bail out of the download by returning `true` for `$reply`, preventing the package from being processed further.

Usage

add_filter( 'upgrader_pre_download', 'your_function_name', 10, 4 );

Parameters

$reply (bool)
Whether to bail without returning the package. Default false.
$package (string)
The package file name.
$this (WP_Upgrader)
The WP_Upgrader instance.
$hook_extra (array)
Extra arguments passed to hooked filters.

Return Value

The filtered value.

Examples

// Prevent the download of a specific plugin package based on its URL.
add_filter( 'upgrader_pre_download', 'my_custom_prevent_plugin_download', 10, 4 );

/**
 * Prevents the download of a specific plugin package if its URL contains a forbidden string.
 *
 * @param bool        $reply      Whether to bail without returning the package. Default false.
 * @param string      $package    The package file name (URL or local path).
 * @param WP_Upgrader $upgrader   The WP_Upgrader instance.
 * @param array       $hook_extra Extra arguments passed to hooked filters.
 *
 * @return mixed The package URL if allowed, or a WP_Error object if denied.
 */
function my_custom_prevent_plugin_download( $reply, $package, $upgrader, $hook_extra ) {
	// Define a forbidden URL segment.
	$forbidden_url_segment = 'premium-plugin-source.com';

	// Check if the package is a URL and contains the forbidden segment.
	if ( is_string( $package ) && strpos( $package, $forbidden_url_segment ) !== false ) {
		// Return a WP_Error to halt the download and inform the user.
		return new WP_Error(
			'forbidden_download',
			sprintf(
				__( 'Downloading from %s is not allowed. Please contact support if you believe this is an error.', 'my-text-domain' ),
				esc_html( $forbidden_url_segment )
			)
		);
	}

	// If the package is not forbidden, allow the download to proceed by returning false.
	return false;
}

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/install-automator/vendor/uncanny-one-click-installer/includes/PluginSilentUpgrader.php:276

public function download_package( $package, $check_signatures = false, $hook_extra = array() ) {

		/**
		 * Filters whether to return the package.
		 *
		 * @param bool        $reply      Whether to bail without returning the package.
		 *                                Default false.
		 * @param string      $package    The package file name.
		 * @param WP_Upgrader $this       The WP_Upgrader instance.
		 * @param array       $hook_extra Extra arguments passed to hooked filters.
		 *
		 * @since 3.7.0
		 * @since 5.5.0 Added the `$hook_extra` parameter.
		 *
		 */
		$reply = apply_filters( 'upgrader_pre_download', false, $package, $this, $hook_extra );
		if ( false !== $reply ) {
			return $reply;
		}

		if ( ! preg_match( '!^(http|https|ftp)://!i', $package ) && file_exists( $package ) ) { // Local file or remote?
			return $package;
			// Must be a local file.
		}

		if ( empty( $package ) ) {
			return new WP_Error( 'no_package', $this->strings['no_package'] );
		}

		$download_file = download_url( $package, 300, $check_signatures );

		if ( is_wp_error( $download_file ) && ! $download_file->get_error_data( 'softfail-filename' ) ) {
			return new WP_Error( 'download_failed', $this->strings['download_failed'], $download_file->get_error_message() );
		}

		return $download_file;
	}
Scroll to Top