Edit File by line

<?php

[0] Fix | Delete

/**

[1] Fix | Delete

* Multisite upload handler.

[2] Fix | Delete

[3] Fix | Delete

* @since 3.0.0

[4] Fix | Delete

[5] Fix | Delete

* @package WordPress

[6] Fix | Delete

* @subpackage Multisite

[7] Fix | Delete

[8] Fix | Delete

[9] Fix | Delete

define( 'SHORTINIT', true );

[10] Fix | Delete

require_once dirname( __DIR__ ) . '/wp-load.php';

[11] Fix | Delete

[12] Fix | Delete

if ( ! is_multisite() ) {

[13] Fix | Delete

die( 'Multisite support not enabled' );

[14] Fix | Delete

}

[15] Fix | Delete

[16] Fix | Delete

ms_file_constants();

[17] Fix | Delete

[18] Fix | Delete

error_reporting( 0 );

[19] Fix | Delete

[20] Fix | Delete

if ( '1' == $current_blog->archived || '1' == $current_blog->spam || '1' == $current_blog->deleted ) {

[21] Fix | Delete

status_header( 404 );

[22] Fix | Delete

die( '404 — File not found.' );

[23] Fix | Delete

}

[24] Fix | Delete

[25] Fix | Delete

$file = rtrim( BLOGUPLOADDIR, '/' ) . '/' . str_replace( '..', '', $_GET['file'] );

[26] Fix | Delete

if ( ! is_file( $file ) ) {

[27] Fix | Delete

status_header( 404 );

[28] Fix | Delete

die( '404 — File not found.' );

[29] Fix | Delete

}

[30] Fix | Delete

[31] Fix | Delete

$mime = wp_check_filetype( $file );

[32] Fix | Delete

if ( false === $mime['type'] && function_exists( 'mime_content_type' ) ) {

[33] Fix | Delete

$mime['type'] = mime_content_type( $file );

[34] Fix | Delete

}

[35] Fix | Delete

[36] Fix | Delete

if ( $mime['type'] ) {

[37] Fix | Delete

$mimetype = $mime['type'];

[38] Fix | Delete

} else {

[39] Fix | Delete

$mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 );

[40] Fix | Delete

}

[41] Fix | Delete

[42] Fix | Delete

header( 'Content-Type: ' . $mimetype ); // Always send this.

[43] Fix | Delete

if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) ) {

[44] Fix | Delete

header( 'Content-Length: ' . filesize( $file ) );

[45] Fix | Delete

}

[46] Fix | Delete

[47] Fix | Delete

// Optional support for X-Sendfile and X-Accel-Redirect.

[48] Fix | Delete

if ( WPMU_ACCEL_REDIRECT ) {

[49] Fix | Delete

header( 'X-Accel-Redirect: ' . str_replace( WP_CONTENT_DIR, '', $file ) );

[50] Fix | Delete

exit;

[51] Fix | Delete

} elseif ( WPMU_SENDFILE ) {

[52] Fix | Delete

header( 'X-Sendfile: ' . $file );

[53] Fix | Delete

exit;

[54] Fix | Delete

}

[55] Fix | Delete

[56] Fix | Delete

$last_modified = gmdate( 'D, d M Y H:i:s', filemtime( $file ) );

[57] Fix | Delete

$etag = '"' . md5( $last_modified ) . '"';

[58] Fix | Delete

header( "Last-Modified: $last_modified GMT" );

[59] Fix | Delete

header( 'ETag: ' . $etag );

[60] Fix | Delete

header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + 100000000 ) . ' GMT' );

[61] Fix | Delete

[62] Fix | Delete

// Support for conditional GET - use stripslashes() to avoid formatting.php dependency.

[63] Fix | Delete

$client_etag = isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ? stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) : false;

[64] Fix | Delete

[65] Fix | Delete

if ( ! isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {

[66] Fix | Delete

$_SERVER['HTTP_IF_MODIFIED_SINCE'] = false;

[67] Fix | Delete

}

[68] Fix | Delete

[69] Fix | Delete

$client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] );

[70] Fix | Delete

// If string is empty, return 0. If not, attempt to parse into a timestamp.

[71] Fix | Delete

$client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0;

[72] Fix | Delete

[73] Fix | Delete

// Make a timestamp for our most recent modification...

[74] Fix | Delete

$modified_timestamp = strtotime( $last_modified );

[75] Fix | Delete

[76] Fix | Delete

if ( ( $client_last_modified && $client_etag )

[77] Fix | Delete

? ( ( $client_modified_timestamp >= $modified_timestamp ) && ( $client_etag == $etag ) )

[78] Fix | Delete

: ( ( $client_modified_timestamp >= $modified_timestamp ) || ( $client_etag == $etag ) )

[79] Fix | Delete

) {

[80] Fix | Delete

status_header( 304 );

[81] Fix | Delete

exit;

[82] Fix | Delete

}

[83] Fix | Delete

[84] Fix | Delete

// If we made it this far, just serve the file.

[85] Fix | Delete

readfile( $file );

[86] Fix | Delete

flush();

[87] Fix | Delete

[88] Fix | Delete