WordPress.org
Get WordPress

Make WordPress Core

Changeset 3019


Ignore:
Timestamp:
11/09/2005 02:38:17 AM (20 years ago)
Author:
ryan
Message:

Hide serialized object data in comment blocks within .php files. Props ringmaster. fixes #1857

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-includes/cache.php

    r3018 r3019  
    4545    return $wp_object_cache->set($key, $data, $flag, $expire);
    4646}
     47
     48define('CACHE_SERIAL_HEADER', "<?php\n//");
     49define('CACHE_SERIAL_FOOTER', "\n?".">");
    4750
    4851class WP_Object_Cache {
     
    106109        }
    107110
    108         $cache_file = $this->cache_dir . $this->get_group_dir($group) . "/" . md5($id . DB_PASSWORD);
     111        $cache_file = $this->cache_dir . $this->get_group_dir($group) . "/" . md5($id . DB_PASSWORD) . '.php';
    109112        if (!file_exists($cache_file)) {
    110113            $this->cache_misses += 1;
    111114            return false;
    112115        }
    113         $this->cache[$group][$id] = unserialize(@ file_get_contents($cache_file));
     116        $this->cache[$group][$id] = unserialize(substr(@ file_get_contents($cache_file), strlen(CACHE_SERIAL_HEADER), -strlen(CACHE_SERIAL_FOOTER)));
    114117        if ( false === $this->cache[$group][$id])
    115118            $this->cache[$group][$id] = '';
     
    238241                // TODO:  If the id is no longer in the cache, it was deleted and
    239242                // the file should be removed.
    240                 $cache_file = $group_dir . md5($id . DB_PASSWORD);
     243                $cache_file = $group_dir . md5($id . DB_PASSWORD) . '.php';
    241244                $temp_file = tempnam($group_dir, 'tmp');
    242                 $serial = serialize($this->cache[$group][$id]);
     245                $serial = CACHE_SERIAL_HEADER . serialize($this->cache[$group][$id]) . CACHE_SERIAL_FOOTER;
    243246                $fd = fopen($temp_file, 'w');
    244247                fputs($fd, $serial);
    245                 fclose($fd);
    246                 rename($temp_file, $cache_file);
     248                fclose($fd);               
     249                if (!@rename($temp_file, $cache_file)) {
     250                    if (copy ($temp_file, $cache_file)) {
     251                        unlink($temp_file);
     252                    }
     253                }
    247254            }
    248255        }
Note: See TracChangeset for help on using the changeset viewer.