Edit File by line
/home/barbar84/www/wp-inclu...
File: ms-files.php
<?php
[0] Fix | Delete
/**
[1] Fix | Delete
* Multisite upload handler.
[2] Fix | Delete
*
[3] Fix | Delete
* @since 3.0.0
[4] Fix | Delete
*
[5] Fix | Delete
* @package WordPress
[6] Fix | Delete
* @subpackage Multisite
[7] Fix | Delete
*/
[8] Fix | Delete
[9] Fix | Delete
define( 'SHORTINIT', true );
[10] Fix | Delete
require_once dirname( __DIR__ ) . '/wp-load.php';
[11] Fix | Delete
[12] Fix | Delete
if ( ! is_multisite() ) {
[13] Fix | Delete
die( 'Multisite support not enabled' );
[14] Fix | Delete
}
[15] Fix | Delete
[16] Fix | Delete
ms_file_constants();
[17] Fix | Delete
[18] Fix | Delete
error_reporting( 0 );
[19] Fix | Delete
[20] Fix | Delete
if ( '1' == $current_blog->archived || '1' == $current_blog->spam || '1' == $current_blog->deleted ) {
[21] Fix | Delete
status_header( 404 );
[22] Fix | Delete
die( '404 &#8212; File not found.' );
[23] Fix | Delete
}
[24] Fix | Delete
[25] Fix | Delete
$file = rtrim( BLOGUPLOADDIR, '/' ) . '/' . str_replace( '..', '', $_GET['file'] );
[26] Fix | Delete
if ( ! is_file( $file ) ) {
[27] Fix | Delete
status_header( 404 );
[28] Fix | Delete
die( '404 &#8212; File not found.' );
[29] Fix | Delete
}
[30] Fix | Delete
[31] Fix | Delete
$mime = wp_check_filetype( $file );
[32] Fix | Delete
if ( false === $mime['type'] && function_exists( 'mime_content_type' ) ) {
[33] Fix | Delete
$mime['type'] = mime_content_type( $file );
[34] Fix | Delete
}
[35] Fix | Delete
[36] Fix | Delete
if ( $mime['type'] ) {
[37] Fix | Delete
$mimetype = $mime['type'];
[38] Fix | Delete
} else {
[39] Fix | Delete
$mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 );
[40] Fix | Delete
}
[41] Fix | Delete
[42] Fix | Delete
header( 'Content-Type: ' . $mimetype ); // Always send this.
[43] Fix | Delete
if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) ) {
[44] Fix | Delete
header( 'Content-Length: ' . filesize( $file ) );
[45] Fix | Delete
}
[46] Fix | Delete
[47] Fix | Delete
// Optional support for X-Sendfile and X-Accel-Redirect.
[48] Fix | Delete
if ( WPMU_ACCEL_REDIRECT ) {
[49] Fix | Delete
header( 'X-Accel-Redirect: ' . str_replace( WP_CONTENT_DIR, '', $file ) );
[50] Fix | Delete
exit;
[51] Fix | Delete
} elseif ( WPMU_SENDFILE ) {
[52] Fix | Delete
header( 'X-Sendfile: ' . $file );
[53] Fix | Delete
exit;
[54] Fix | Delete
}
[55] Fix | Delete
[56] Fix | Delete
$last_modified = gmdate( 'D, d M Y H:i:s', filemtime( $file ) );
[57] Fix | Delete
$etag = '"' . md5( $last_modified ) . '"';
[58] Fix | Delete
header( "Last-Modified: $last_modified GMT" );
[59] Fix | Delete
header( 'ETag: ' . $etag );
[60] Fix | Delete
header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + 100000000 ) . ' GMT' );
[61] Fix | Delete
[62] Fix | Delete
// Support for conditional GET - use stripslashes() to avoid formatting.php dependency.
[63] Fix | Delete
$client_etag = isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ? stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) : false;
[64] Fix | Delete
[65] Fix | Delete
if ( ! isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
[66] Fix | Delete
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = false;
[67] Fix | Delete
}
[68] Fix | Delete
[69] Fix | Delete
$client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
[70] Fix | Delete
// If string is empty, return 0. If not, attempt to parse into a timestamp.
[71] Fix | Delete
$client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0;
[72] Fix | Delete
[73] Fix | Delete
// Make a timestamp for our most recent modification...
[74] Fix | Delete
$modified_timestamp = strtotime( $last_modified );
[75] Fix | Delete
[76] Fix | Delete
if ( ( $client_last_modified && $client_etag )
[77] Fix | Delete
? ( ( $client_modified_timestamp >= $modified_timestamp ) && ( $client_etag == $etag ) )
[78] Fix | Delete
: ( ( $client_modified_timestamp >= $modified_timestamp ) || ( $client_etag == $etag ) )
[79] Fix | Delete
) {
[80] Fix | Delete
status_header( 304 );
[81] Fix | Delete
exit;
[82] Fix | Delete
}
[83] Fix | Delete
[84] Fix | Delete
// If we made it this far, just serve the file.
[85] Fix | Delete
readfile( $file );
[86] Fix | Delete
flush();
[87] Fix | Delete
[88] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function