Requests for URLs that contain ".php" aren't routed to WPMU

[wpmuguru]

MU Trac Ticket: ​http://trac.mu.wordpress.org/ticket/1167

Using WPMU 2.8.6, I have just noticed a problem with WPMU's mod_rewrite rules.

With WPMU installed at domain.com, I've noticed that a request for ​http://domain.com/file.php produces a standard 404 error (from apache), instead of a WordPress?-powered 404 error page.

If I try and load ​http://domain.com/filephp instead, the request is routed to WPMU (as expected).

The contents of our .htaccess file is as follows:

RewriteEngine On
RewriteBase /


#uploaded files
RewriteRule ^(.*/)?files/$ index.php [L]
RewriteCond %{REQUEST_URI} !.*wp-content/plugins.*
RewriteRule ^(.*/)?files/(.*) wp-content/blogs.php?file=$2 [L]

# add a trailing slash to /wp-admin
RewriteCond %{REQUEST_URI} ^.*/wp-admin$
RewriteRule ^(.+)$ $1/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule . - [L]
RewriteRule  ^([_0-9a-zA-Z-]+/)?(wp-.*) $2 [L]
RewriteRule  ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

<IfModule mod_security.c>
<Files async-upload.php>
SecFilterEngine Off
SecFilterScanPOST Off
</Files>
</IfModule>

It looks like the second-last RewriteRule? might be causing the problem?

A request for /anyfile.php on a standard WP site is routed correctly to WP, so it looks like an MU-specific problem.

Standard WP uses rewrite rules like the following:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

So I'm not sure why WPMU has those other lines in there.

[wpmuguru]

See #11994

[dd32]

if anyone comes here based on this commit: dd32 * r14127 /trunk/wp-admin/ (includes/plugin.php menu.php menu-header.php): Escape/texturize Admin menu titles. Fixes page titles such as "Foo & Bar" not being entity encoded. Also includes some basic whitespace/standards cleanup to a related function. Fixes #12039

Head over to #13039