| 11 | | define( 'SHORTINIT', true ); |
| 12 | | require_once( dirname( dirname( __FILE__) ) . '/wp-load.php' ); // absolute includes are faster |
| 13 | | require_once( WP_CONTENT_DIR . '/blogs.php' ); |
| 14 | | exit(); |
| | 11 | define( 'SHORTLOAD', true ); |
| | 12 | require_once( dirname( dirname( __FILE__) ) . '/wp-load.php' ); |
| | 13 | |
| | 14 | // Allow wp-content/blogs.php to be used. |
| | 15 | if ( file_exists( WP_CONTENT_DIR . '/blogs.php' ) ) { |
| | 16 | require_once( WP_CONTENT_DIR . '/blogs.php' ); |
| | 17 | exit; |
| | 18 | } |
| | 19 | |
| | 20 | if ( $current_blog->archived == '1' || $current_blog->spam == '1' || $current_blog->deleted == '1' ) { |
| | 21 | status_header( 404 ); |
| | 22 | die('404 — File not found.'); |
| | 23 | } |
| | 24 | |
| | 25 | if ( !function_exists('wp_check_filetype') ) : |
| | 26 | function wp_check_filetype($filename, $mimes = null) { |
| | 27 | // Accepted MIME types are set here as PCRE unless provided. |
| | 28 | $mimes = is_array($mimes) ? $mimes : array ( |
| | 29 | 'jpg|jpeg|jpe' => 'image/jpeg', |
| | 30 | 'gif' => 'image/gif', |
| | 31 | 'png' => 'image/png', |
| | 32 | 'bmp' => 'image/bmp', |
| | 33 | 'tif|tiff' => 'image/tiff', |
| | 34 | 'ico' => 'image/x-icon', |
| | 35 | 'asf|asx|wax|wmv|wmx' => 'video/asf', |
| | 36 | 'avi' => 'video/avi', |
| | 37 | 'mov|qt' => 'video/quicktime', |
| | 38 | 'mpeg|mpg|mpe' => 'video/mpeg', |
| | 39 | 'txt|c|cc|h' => 'text/plain', |
| | 40 | 'rtx' => 'text/richtext', |
| | 41 | 'css' => 'text/css', |
| | 42 | 'htm|html' => 'text/html', |
| | 43 | 'mp3|mp4' => 'audio/mpeg', |
| | 44 | 'ra|ram' => 'audio/x-realaudio', |
| | 45 | 'wav' => 'audio/wav', |
| | 46 | 'ogg' => 'audio/ogg', |
| | 47 | 'mid|midi' => 'audio/midi', |
| | 48 | 'wma' => 'audio/wma', |
| | 49 | 'rtf' => 'application/rtf', |
| | 50 | 'js' => 'application/javascript', |
| | 51 | 'pdf' => 'application/pdf', |
| | 52 | 'doc' => 'application/msword', |
| | 53 | 'pot|pps|ppt' => 'application/vnd.ms-powerpoint', |
| | 54 | 'wri' => 'application/vnd.ms-write', |
| | 55 | 'xla|xls|xlt|xlw' => 'application/vnd.ms-excel', |
| | 56 | 'mdb' => 'application/vnd.ms-access', |
| | 57 | 'mpp' => 'application/vnd.ms-project', |
| | 58 | 'swf' => 'application/x-shockwave-flash', |
| | 59 | 'class' => 'application/java', |
| | 60 | 'tar' => 'application/x-tar', |
| | 61 | 'zip' => 'application/zip', |
| | 62 | 'gz|gzip' => 'application/x-gzip', |
| | 63 | 'exe' => 'application/x-msdownload' |
| | 64 | ); |
| | 65 | |
| | 66 | $type = false; |
| | 67 | $ext = false; |
| | 68 | |
| | 69 | foreach ( (array)$mimes as $ext_preg => $mime_match ) { |
| | 70 | $ext_preg = '!\.(' . $ext_preg . ')$!i'; |
| | 71 | if ( preg_match($ext_preg, $filename, $ext_matches) ) { |
| | 72 | $type = $mime_match; |
| | 73 | $ext = $ext_matches[1]; |
| | 74 | break; |
| | 75 | } |
| | 76 | } |
| | 77 | |
| | 78 | return compact('ext', 'type'); |
| | 79 | } |
| | 80 | endif; |
| | 81 | |
| | 82 | $file = BLOGUPLOADDIR . str_replace( '..', '', $_GET[ 'file' ] ); |
| | 83 | if ( !is_file( $file ) ) { |
| | 84 | status_header( 404 ); |
| | 85 | die('404 — File not found.'); |
| | 86 | } |
| | 87 | |
| | 88 | $mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] ); |
| | 89 | if( $mime[ 'type' ] === false && function_exists( 'mime_content_type' ) ) |
| | 90 | $mime[ 'type' ] = mime_content_type( $file ); |
| | 91 | |
| | 92 | if( $mime[ 'type' ] != false ) { |
| | 93 | $mimetype = $mime[ 'type' ]; |
| | 94 | } else { |
| | 95 | $ext = substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 ); |
| | 96 | $mimetype = "image/$ext"; |
| | 97 | } |
| | 98 | @header( 'Content-type: ' . $mimetype ); // always send this |
| | 99 | if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) ) |
| | 100 | @header( 'Content-Length: ' . filesize( $file ) ); |
| | 101 | |
| | 102 | // Optional support for X-Sendfile and X-Accel-Redirect |
| | 103 | if ( defined('WPMU_ACCEL_REDIRECT') && WPMU_ACCEL_REDIRECT ) { |
| | 104 | @header( 'X-Accel-Redirect: ' . str_replace( WP_CONTENT_DIR, '', $file ) ); |
| | 105 | exit; |
| | 106 | } elseif ( defined('WPMU_SENDFILE') && WPMU_SENDFILE ) { |
| | 107 | @header( 'X-Sendfile: ' . $file ); |
| | 108 | exit; |
| | 109 | } |
| | 110 | |
| | 111 | $last_modified = gmdate('D, d M Y H:i:s', filemtime( $file )); |
| | 112 | $etag = '"' . md5($last_modified) . '"'; |
| | 113 | @header( "Last-Modified: $last_modified GMT" ); |
| | 114 | @header( 'ETag: ' . $etag ); |
| | 115 | @header( 'Expires: ' . gmdate('D, d M Y H:i:s', time() + 100000000) . ' GMT' ); |
| | 116 | |
| | 117 | // Support for Conditional GET |
| | 118 | if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) |
| | 119 | $client_etag = stripslashes($_SERVER['HTTP_IF_NONE_MATCH']); |
| | 120 | else |
| | 121 | $client_etag = false; |
| | 122 | |
| | 123 | if( !isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) |
| | 124 | $_SERVER['HTTP_IF_MODIFIED_SINCE'] = false; |
| | 125 | $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']); |
| | 126 | // If string is empty, return 0. If not, attempt to parse into a timestamp |
| | 127 | $client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0; |
| | 128 | |
| | 129 | // Make a timestamp for our most recent modification... |
| | 130 | $modified_timestamp = strtotime($last_modified); |
| | 131 | |
| | 132 | if ( ($client_last_modified && $client_etag) ? |
| | 133 | (($client_modified_timestamp >= $modified_timestamp) && ($client_etag == $etag)) : |
| | 134 | (($client_modified_timestamp >= $modified_timestamp) || ($client_etag == $etag)) ) { |
| | 135 | status_header( 304 ); |
| | 136 | exit; |
| | 137 | } |
| | 138 | |
| | 139 | // If we made it this far, just serve the file |
| | 140 | |
| | 141 | readfile( $file ); |
| | 142 | |
| | 143 | ?> |
| | 144 | No newline at end of file |