Changeset 777

Show
Ignore:
Timestamp:
09/28/06 10:30:23 (2 years ago)
Author:
donncha
Message:

Use UPLOADS constant and update blogs.php (fixes #168)

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/wp-admin/admin-db.php

    r729 r777  
    545545 
    546546                $wpdb->query( "DELETE FROM $wpdb->blogs WHERE blog_id = '$blog_id'" ); 
    547                 $dir = ABSPATH . "wp-content/blogs.dir/{$blog_id}/files"
     547                $dir = constant( "ABSPATH" ) . constant( "UPLOADS" )
    548548                $dir = rtrim($dir, DIRECTORY_SEPARATOR); 
    549549                $top_dir = $dir; 

  • trunk/wp-content/blogs.php

    r725 r777  
    11<?php 
    2 define( "BLOGDEFINITION", true ); 
    3 require_once( "../wp-config.php" ); 
     2define( 'BLOGDEFINITION', true ); // this prevents most of WP from being loaded 
     3require_once( dirname( dirname( __FILE__) ) . '/wp-config.php' ); // absolute includes are faster 
     4 
     5if (  
     6        $current_blog->archived == '1' ||  
     7        $current_blog->spam == '1' || 
     8        $current_blog->deleted == '1'  
     9) { 
     10        header("HTTP/1.1 404 Not Found"); 
     11        graceful_fail('404 &#8212; File not found.'); 
     12
    413 
    514if ( !function_exists('wp_check_filetype') ) : 
     
    6069endif; 
    6170 
    62 // Referrer protection 
    63 if( $_SERVER["HTTP_REFERER"] ) { 
    64         if( strpos( $_SERVER["HTTP_REFERER"], $current_blog->domain ) == false ) { 
    65                 // do something against hot linking sites! 
    66         } 
     71 
     72$file = $_GET[ 'file' ]; 
     73$file = constant( "ABSPATH" ) . constant( "UPLOADS" ) . $file; 
     74 
     75if ( !is_file( $file ) ) { 
     76        header("HTTP/1.1 404 Not Found"); 
     77        graceful_fail('404 &#8212; File not found.'); 
    6778} 
    68 $file = $_GET[ 'file' ]; 
    69 $file = ABSPATH . "wp-content/blogs.dir/" . $blog_id . '/files/' . $file; 
    7079 
    71 if( is_file( $file ) ) { 
    72         $etag = md5( $file . filemtime( $file ) ); 
    73         $lastModified = date( "D, j M Y H:i:s ", filemtime( $file ) ) . "GMT"; 
    74         #$headers = apache_request_headers(); 
    75         // get mime type 
    76         $mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] ); 
    77         if( $mime[ 'type' ] != false ) { 
    78                 $mimetype = $mime[ 'type' ]; 
    79         } else { 
    80                 $ext = substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 ); 
    81                 $mimetype = "image/$ext"; 
    82         } 
     80// These should never, ever be served 
     81$never = array( 'js', 'exe', 'swf', 'class', 'tar', 'zip', 'rar' ); 
     82if ( in_array( preg_replace( '|.*\.(.*)$|', '$1', $file ), $never ) ) { 
     83        header("HTTP/1.1 404 Not Found"); 
     84        graceful_fail('404 &#8212; File not found.'); 
     85
    8386 
    84         // from http://blog.rd2inc.com/archives/2005/03/24/making-dynamic-php-pages-cacheable/ 
    85         if( $_SERVER[ 'HTTP_IF_NONE_MATCH' ] == '"' . $etag . '"' || $lastModified == $_SERVER['HTTP_IF_MODIFIED_SINCE']) { 
    86                 // They already have an up to date copy so tell them  
    87                 header('HTTP/1.1 304 Not Modified');  
    88                 header('Cache-Control: private');  
    89                 header('Content-Type: $mimetype');  
    90                 header('ETag: "'.$etag.'"');  
    91         } else { 
    92                 header("Content-type: $mimetype" ); 
    93                 header( "Last-Modified: " . $lastModified ); 
    94                 header( 'Accept-Ranges: bytes' ); 
    95                 header( "Content-Length: " . filesize( $file ) ); 
    96                 header( 'ETag: "' . $etag . '"' ); 
    97                 readfile( $file ); 
    98         } 
     87$mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] ); 
     88if( $mime[ 'type' ] != false ) { 
     89        $mimetype = $mime[ 'type' ]; 
    9990} else { 
    100         // 404 
    101         header("HTTP/1.1 404 Not Found"); 
    102         print "<html><head><title>Error 404! File Not Found!</title></head>"; 
    103         print "<body>"; 
    104         print "<h1>File Not Found!</h1>"; 
    105         print "</body></html>"; 
     91        $ext = substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 ); 
     92        $mimetype = "image/$ext"; 
    10693} 
     94header( 'Content-type: ' . $mimetype ); // always send this 
     95 
     96$timestamp = filemtime( $file ); 
     97 
     98$last_modified = gmdate('D, d M Y H:i:s', $timestamp); 
     99$etag = '"' . md5($last_modified) . '"'; 
     100@header( "Last-Modified: $last_modified GMT" ); 
     101@header( 'ETag: ' . $etag ); 
     102 
     103$expire = gmdate('D, d M Y H:i:s', time() + 100000000); 
     104@header( "Expires: $expire GMT" ); 
     105 
     106// Support for Conditional GET 
     107if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) $client_etag = stripslashes($_SERVER['HTTP_IF_NONE_MATCH']); 
     108else $client_etag = false; 
     109 
     110$client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']); 
     111// If string is empty, return 0. If not, attempt to parse into a timestamp 
     112$client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0; 
     113 
     114// Make a timestamp for our most recent modification...  
     115$modified_timestamp = strtotime($last_modified); 
     116 
     117if ( ($client_last_modified && $client_etag) ? 
     118         (($client_modified_timestamp >= $modified_timestamp) && ($client_etag == $etag)) : 
     119         (($client_modified_timestamp >= $modified_timestamp) || ($client_etag == $etag)) ) { 
     120        header('HTTP/1.1 304 Not Modified'); 
     121        exit; 
     122} 
     123 
     124// If we made it this far, just serve the file 
     125 
     126readfile( $file ); 
     127 
    107128?> 

  • trunk/wp-content/mu-plugins/misc.php

    r759 r777  
    7373        if(empty($spaceAllowed) || !is_numeric($spaceAllowed)) $spaceAllowed = 10; 
    7474         
    75         $dirName = ABSPATH."wp-content/blogs.dir/" . $wpdb->blogid . "/files/"
     75        $dirName = constant( "ABSPATH" ) . constant( "UPLOADS" )
    7676        $size = get_dirsize($dirName) / 1024 / 1024; 
    7777         

  • trunk/wp-includes/wpmu-functions.php

    r776 r777  
    3636                $spaceAllowed = 10; 
    3737 
    38         $dirName = ABSPATH."wp-content/blogs.dir/".$blog_id."/files/"
     38        $dirName = constant( "ABSPATH" ) . constant( "UPLOADS" )
    3939 
    4040        $dir  = dir($dirName); 

  • trunk/wp-settings.php

    r773 r777  
    2222wp_unregister_GLOBALS();  
    2323 
     24if( isset( $_SERVER[ 'HTTP_USER_AGENT' ] ) ) { 
     25        $HTTP_USER_AGENT = $_SERVER[ 'HTTP_USER_AGENT' ]; 
     26} else { 
     27        $HTTP_USER_AGENT = ''; 
     28} 
    2429unset( $wp_filter, $cache_userdata, $cache_lastcommentmodified, $cache_lastpostdate, $cache_settings, $category_cache, $cache_categories ); 
    2530 
     
    137142wp_cache_init(); 
    138143 
     144define( "UPLOADS", "wp-content/blogs.dir/{$wpdb->blogid}/files" ); 
    139145if( defined( "BLOGDEFINITION" ) && constant( "BLOGDEFINITION" ) == true ) 
    140146        return; 
    141147 
    142 define( "UPLOADS", "wp-content/blogs.dir/{$wpdb->blogid}/files" ); 
    143148 
    144149require (ABSPATH . WPINC . '/functions.php');