11 | | define( 'SHORTINIT', true ); |
12 | | require_once( dirname( dirname( __FILE__) ) . '/wp-load.php' ); // absolute includes are faster |
13 | | require_once( WP_CONTENT_DIR . '/blogs.php' ); |
14 | | exit(); |
| 11 | define( 'SHORTLOAD', true ); |
| 12 | require_once( dirname( dirname( __FILE__) ) . '/wp-load.php' ); |
| 13 | |
| 14 | // Allow wp-content/blogs.php to be used. |
| 15 | if ( file_exists( WP_CONTENT_DIR . '/blogs.php' ) ) { |
| 16 | require_once( WP_CONTENT_DIR . '/blogs.php' ); |
| 17 | exit; |
| 18 | } |
| 19 | |
| 20 | if ( $current_blog->archived == '1' || $current_blog->spam == '1' || $current_blog->deleted == '1' ) { |
| 21 | status_header( 404 ); |
| 22 | die('404 — File not found.'); |
| 23 | } |
| 24 | |
| 25 | if ( !function_exists('wp_check_filetype') ) : |
| 26 | function wp_check_filetype($filename, $mimes = null) { |
| 27 | // Accepted MIME types are set here as PCRE unless provided. |
| 28 | $mimes = is_array($mimes) ? $mimes : array ( |
| 29 | 'jpg|jpeg|jpe' => 'image/jpeg', |
| 30 | 'gif' => 'image/gif', |
| 31 | 'png' => 'image/png', |
| 32 | 'bmp' => 'image/bmp', |
| 33 | 'tif|tiff' => 'image/tiff', |
| 34 | 'ico' => 'image/x-icon', |
| 35 | 'asf|asx|wax|wmv|wmx' => 'video/asf', |
| 36 | 'avi' => 'video/avi', |
| 37 | 'mov|qt' => 'video/quicktime', |
| 38 | 'mpeg|mpg|mpe' => 'video/mpeg', |
| 39 | 'txt|c|cc|h' => 'text/plain', |
| 40 | 'rtx' => 'text/richtext', |
| 41 | 'css' => 'text/css', |
| 42 | 'htm|html' => 'text/html', |
| 43 | 'mp3|mp4' => 'audio/mpeg', |
| 44 | 'ra|ram' => 'audio/x-realaudio', |
| 45 | 'wav' => 'audio/wav', |
| 46 | 'ogg' => 'audio/ogg', |
| 47 | 'mid|midi' => 'audio/midi', |
| 48 | 'wma' => 'audio/wma', |
| 49 | 'rtf' => 'application/rtf', |
| 50 | 'js' => 'application/javascript', |
| 51 | 'pdf' => 'application/pdf', |
| 52 | 'doc' => 'application/msword', |
| 53 | 'pot|pps|ppt' => 'application/vnd.ms-powerpoint', |
| 54 | 'wri' => 'application/vnd.ms-write', |
| 55 | 'xla|xls|xlt|xlw' => 'application/vnd.ms-excel', |
| 56 | 'mdb' => 'application/vnd.ms-access', |
| 57 | 'mpp' => 'application/vnd.ms-project', |
| 58 | 'swf' => 'application/x-shockwave-flash', |
| 59 | 'class' => 'application/java', |
| 60 | 'tar' => 'application/x-tar', |
| 61 | 'zip' => 'application/zip', |
| 62 | 'gz|gzip' => 'application/x-gzip', |
| 63 | 'exe' => 'application/x-msdownload' |
| 64 | ); |
| 65 | |
| 66 | $type = false; |
| 67 | $ext = false; |
| 68 | |
| 69 | foreach ( (array)$mimes as $ext_preg => $mime_match ) { |
| 70 | $ext_preg = '!\.(' . $ext_preg . ')$!i'; |
| 71 | if ( preg_match($ext_preg, $filename, $ext_matches) ) { |
| 72 | $type = $mime_match; |
| 73 | $ext = $ext_matches[1]; |
| 74 | break; |
| 75 | } |
| 76 | } |
| 77 | |
| 78 | return compact('ext', 'type'); |
| 79 | } |
| 80 | endif; |
| 81 | |
| 82 | $file = BLOGUPLOADDIR . str_replace( '..', '', $_GET[ 'file' ] ); |
| 83 | if ( !is_file( $file ) ) { |
| 84 | status_header( 404 ); |
| 85 | die('404 — File not found.'); |
| 86 | } |
| 87 | |
| 88 | $mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] ); |
| 89 | if( $mime[ 'type' ] === false && function_exists( 'mime_content_type' ) ) |
| 90 | $mime[ 'type' ] = mime_content_type( $file ); |
| 91 | |
| 92 | if( $mime[ 'type' ] != false ) { |
| 93 | $mimetype = $mime[ 'type' ]; |
| 94 | } else { |
| 95 | $ext = substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 ); |
| 96 | $mimetype = "image/$ext"; |
| 97 | } |
| 98 | @header( 'Content-type: ' . $mimetype ); // always send this |
| 99 | if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) ) |
| 100 | @header( 'Content-Length: ' . filesize( $file ) ); |
| 101 | |
| 102 | // Optional support for X-Sendfile and X-Accel-Redirect |
| 103 | if ( defined('WPMU_ACCEL_REDIRECT') && WPMU_ACCEL_REDIRECT ) { |
| 104 | @header( 'X-Accel-Redirect: ' . str_replace( WP_CONTENT_DIR, '', $file ) ); |
| 105 | exit; |
| 106 | } elseif ( defined('WPMU_SENDFILE') && WPMU_SENDFILE ) { |
| 107 | @header( 'X-Sendfile: ' . $file ); |
| 108 | exit; |
| 109 | } |
| 110 | |
| 111 | $last_modified = gmdate('D, d M Y H:i:s', filemtime( $file )); |
| 112 | $etag = '"' . md5($last_modified) . '"'; |
| 113 | @header( "Last-Modified: $last_modified GMT" ); |
| 114 | @header( 'ETag: ' . $etag ); |
| 115 | @header( 'Expires: ' . gmdate('D, d M Y H:i:s', time() + 100000000) . ' GMT' ); |
| 116 | |
| 117 | // Support for Conditional GET |
| 118 | if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) |
| 119 | $client_etag = stripslashes($_SERVER['HTTP_IF_NONE_MATCH']); |
| 120 | else |
| 121 | $client_etag = false; |
| 122 | |
| 123 | if( !isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) |
| 124 | $_SERVER['HTTP_IF_MODIFIED_SINCE'] = false; |
| 125 | $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']); |
| 126 | // If string is empty, return 0. If not, attempt to parse into a timestamp |
| 127 | $client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0; |
| 128 | |
| 129 | // Make a timestamp for our most recent modification... |
| 130 | $modified_timestamp = strtotime($last_modified); |
| 131 | |
| 132 | if ( ($client_last_modified && $client_etag) ? |
| 133 | (($client_modified_timestamp >= $modified_timestamp) && ($client_etag == $etag)) : |
| 134 | (($client_modified_timestamp >= $modified_timestamp) || ($client_etag == $etag)) ) { |
| 135 | status_header( 304 ); |
| 136 | exit; |
| 137 | } |
| 138 | |
| 139 | // If we made it this far, just serve the file |
| 140 | |
| 141 | readfile( $file ); |
| 142 | |
| 143 | ?> |
| 144 | No newline at end of file |