ru-se.com

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

ms-files.php (2641B)

      1 <?php
      2 /**
      3  * Multisite upload handler.
      4  *
      5  * @since 3.0.0
      6  *
      7  * @package WordPress
      8  * @subpackage Multisite
      9  */
     10 
     11 define( 'SHORTINIT', true );
     12 require_once dirname( __DIR__ ) . '/wp-load.php';
     13 
     14 if ( ! is_multisite() ) {
     15 	die( 'Multisite support not enabled' );
     16 }
     17 
     18 ms_file_constants();
     19 
     20 error_reporting( 0 );
     21 
     22 if ( '1' == $current_blog->archived || '1' == $current_blog->spam || '1' == $current_blog->deleted ) {
     23 	status_header( 404 );
     24 	die( '404 &#8212; File not found.' );
     25 }
     26 
     27 $file = rtrim( BLOGUPLOADDIR, '/' ) . '/' . str_replace( '..', '', $_GET['file'] );
     28 if ( ! is_file( $file ) ) {
     29 	status_header( 404 );
     30 	die( '404 &#8212; File not found.' );
     31 }
     32 
     33 $mime = wp_check_filetype( $file );
     34 if ( false === $mime['type'] && function_exists( 'mime_content_type' ) ) {
     35 	$mime['type'] = mime_content_type( $file );
     36 }
     37 
     38 if ( $mime['type'] ) {
     39 	$mimetype = $mime['type'];
     40 } else {
     41 	$mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 );
     42 }
     43 
     44 header( 'Content-Type: ' . $mimetype ); // Always send this.
     45 if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) ) {
     46 	header( 'Content-Length: ' . filesize( $file ) );
     47 }
     48 
     49 // Optional support for X-Sendfile and X-Accel-Redirect.
     50 if ( WPMU_ACCEL_REDIRECT ) {
     51 	header( 'X-Accel-Redirect: ' . str_replace( WP_CONTENT_DIR, '', $file ) );
     52 	exit;
     53 } elseif ( WPMU_SENDFILE ) {
     54 	header( 'X-Sendfile: ' . $file );
     55 	exit;
     56 }
     57 
     58 $last_modified = gmdate( 'D, d M Y H:i:s', filemtime( $file ) );
     59 $etag          = '"' . md5( $last_modified ) . '"';
     60 header( "Last-Modified: $last_modified GMT" );
     61 header( 'ETag: ' . $etag );
     62 header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + 100000000 ) . ' GMT' );
     63 
     64 // Support for conditional GET - use stripslashes() to avoid formatting.php dependency.
     65 $client_etag = isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ? stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) : false;
     66 
     67 if ( ! isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
     68 	$_SERVER['HTTP_IF_MODIFIED_SINCE'] = false;
     69 }
     70 
     71 $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
     72 // If string is empty, return 0. If not, attempt to parse into a timestamp.
     73 $client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0;
     74 
     75 // Make a timestamp for our most recent modification...
     76 $modified_timestamp = strtotime( $last_modified );
     77 
     78 if ( ( $client_last_modified && $client_etag )
     79 	? ( ( $client_modified_timestamp >= $modified_timestamp ) && ( $client_etag == $etag ) )
     80 	: ( ( $client_modified_timestamp >= $modified_timestamp ) || ( $client_etag == $etag ) )
     81 	) {
     82 	status_header( 304 );
     83 	exit;
     84 }
     85 
     86 // If we made it this far, just serve the file.
     87 readfile( $file );
     88 flush();