Make WordPress Core

Changes between Initial Version and Version 23 of Ticket #3882


Ignore:
Timestamp:
03/28/2007 12:37:01 AM (18 years ago)
Author:
foolswisdom
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #3882

    • Property Priority changed from low to normal
    • Property Owner changed from anonymous to ryan
    • Property Version changed from 2.1.1 to 2.1.2
    • Property Milestone changed from to 2.1.3
    • Property Keywords needs-patch added
  • Ticket #3882 – Description

    initial v23  
    44
    55I hope this report is usefull for every wordpress user and as a suggestion I think that in future releases of this gorgeus blog software it could be appear in the administration panel a checkbox in Options->Write with the subject "buggy realpath function". If you check this option wordpress will use an alternative function.
    6 
    7 I do not how to attach a file, but if you want the original write a email.
    8 
    9 
    10 {{{
    11 <?php
    12 /**
    13  * $RCSfile: tiny_mce_gzip.php,v $
    14  * $Revision: $
    15  * $Date: $
    16  *
    17  * @version 1.08
    18  * @author Moxiecode
    19  * @copyright Copyright  2005-2006, Moxiecode Systems AB, All rights reserved.
    20  *
    21  * This file compresses the TinyMCE JavaScript using GZip and
    22  * enables the browser to do two requests instead of one for each .js file.
    23  * Notice: This script defaults the button_tile_map option to true for extra performance.
    24  */
    25 
    26 @require_once('../../../wp-config.php');
    27 
    28 // gzip_compression();
    29 
    30 // New realpath function.
    31 {
    32    if ($path == "")
    33    {
    34        return false;
    35    }
    36 
    37    $path = trim(preg_replace("/\\\\/", "/", (string)$path));
    38 
    39    if (!preg_match("/(\.\w{1,4})$/", $path)  &&
    40        !preg_match("/\?[^\\/]+$/", $path)  &&
    41        !preg_match("/\\/$/", $path))
    42    {
    43        $path .= '/';
    44    }
    45 
    46    $pattern = "/^(\\/|\w:\\/|https?:\\/\\/[^\\/]+\\/)?(.*)$/i";
    47 
    48    preg_match_all($pattern, $path, $matches, PREG_SET_ORDER);
    49 
    50    $path_tok_1 = $matches[0][1];
    51    $path_tok_2 = $matches[0][2];
    52 
    53    $path_tok_2 = preg_replace(
    54                    array("/^\\/+/", "/\\/+/"),
    55                    array("", "/"),
    56                    $path_tok_2);
    57 
    58    $path_parts = explode("/", $path_tok_2);
    59    $real_path_parts = array();
    60 
    61    for ($i = 0, $real_path_parts = array(); $i < count($path_parts); $i++)
    62    {
    63        if ($path_parts[$i] == '.')
    64        {
    65            continue;
    66        }
    67        else if ($path_parts[$i] == '..')
    68        {
    69            if (  (isset($real_path_parts[0])  &&  $real_path_parts[0] != '..')
    70                || ($path_tok_1 != "")  )
    71            {
    72                array_pop($real_path_parts);
    73                continue;
    74            }
    75        }
    76 
    77        array_push($real_path_parts, $path_parts[$i]);
    78    }
    79 
    80    return $path_tok_1 . implode('/', $real_path_parts);
    81 }
    82 
    83 // End of real_path function
    84 
    85 function wp_tinymce_lang($path) {
    86         global $language;
    87 
    88         $text = '';
    89 
    90         // Look for xx_YY.js, xx_yy.js, xx.js
    91         $file = real_path(sprintf($path, $language));
    92         if ( file_exists($file) )
    93                 $text = file_get_contents($file);
    94         $file = real_path(sprintf($path, strtolower($language)));
    95         if ( file_exists($file) )
    96                 $text = file_get_contents($file);
    97         $file = real_path(sprintf($path, substr($language, 0, 2)));
    98         if ( file_exists($file) )
    99                 $text = file_get_contents($file);
    100 
    101 
    102         // Fall back on en.js
    103         $file = real_path(sprintf($path, 'en'));
    104         if ( empty($text) && file_exists($file) )
    105                 $text = file_get_contents($file);
    106 
    107         // Send lang file through gettext
    108         if ( function_exists('__') && strtolower(substr($language, 0, 2)) != 'en' ) {
    109                 $search1 = "/^tinyMCELang\\[(['\"])(.*)\\1\]( ?= ?)(['\"])(.*)\\4/Uem";
    110                 $replace1 = "'tinyMCELang[\\1\\2\\1]\\3'.stripslashes('\\4').__('\\5').stripslashes('\\4')";
    111 
    112                 $search2 = "/\\s:\\s(['\"])(.*)\\1(,|\\s*})/Uem";
    113                 $replace2 = "' : '.stripslashes('\\1').__('\\2').stripslashes('\\1').'\\3'";
    114 
    115                 $search = array($search1, $search2);
    116                 $replace = array($replace1, $replace2);
    117 
    118                 $text = preg_replace($search, $replace, $text);
    119 
    120                 return $text;
    121         }
    122 
    123         return $text;
    124 }
    125 
    126 function wp_compact_tinymce_js($text) {
    127         // This function was custom-made for TinyMCE 2.0, not expected to work with any other JS.
    128 
    129         // Strip comments
    130         $text = preg_replace("!(^|\s+)//.*$!m", '', $text);
    131         $text = preg_replace("!/\*.*?\*/!s", '', $text);
    132 
    133         // Strip leading tabs, carriage returns and unnecessary line breaks.
    134         $text = preg_replace("!^\t+!m", '', $text);
    135         $text = str_replace("\r", '', $text);
    136         $text = preg_replace("!(^|{|}|;|:|\))\n!m", '\\1', $text);
    137 
    138         return "$text\n";
    139 }
    140 
    141 
    142 // General options
    143 $suffix = "";                                                   // Set to "_src" to use source version
    144 $expiresOffset = 3600 * 24 * 10;                // 10 days util client cache expires
    145 $diskCache = false;                                             // If you enable this option gzip files will be cached on disk.
    146 $cacheDir = real_path(".");                             // Absolute directory path to where cached gz files will be stored
    147 $debug = false;                                                 // Enable this option if you need debuging info
    148 
    149 // Headers
    150 header("Content-Type: text/javascript; charset=" . get_bloginfo('charset'));
    151 // header("Cache-Control: must-revalidate");
    152 header("Vary: Accept-Encoding"); // Handle proxies
    153 header("Expires: " . gmdate("D, d M Y H:i:s", time() + $expiresOffset) . " GMT");
    154 
    155 // Get data to load
    156 $theme = isset($_GET['theme']) ? TinyMCE_cleanInput($_GET['theme']) : "";
    157 $language = isset($_GET['language']) ? TinyMCE_cleanInput($_GET['language']) : "";
    158 $plugins = isset($_GET['plugins']) ? TinyMCE_cleanInput($_GET['plugins']) : "";
    159 $lang = isset($_GET['lang']) ? TinyMCE_cleanInput($_GET['lang']) : "en";
    160 $index = isset($_GET['index']) ? TinyMCE_cleanInput($_GET['index']) : -1;
    161 $cacheKey = md5($theme . $language . $plugins . $lang . $index . $debug);
    162 $cacheFile = $cacheDir == "" ? "" : $cacheDir . "/" . "tinymce_" .  $cacheKey . ".gz";
    163 $cacheData = "";
    164 
    165 // Patch older versions of PHP < 4.3.0
    166 if (!function_exists('file_get_contents')) {
    167         function file_get_contents($filename) {
    168                 $fd = fopen($filename, 'rb');
    169                 $content = fread($fd, filesize($filename));
    170                 fclose($fd);
    171                 return $content;
    172         }
    173 }
    174 
    175 // Security check function, can only contain a-z 0-9 , _ - and whitespace.
    176 function TinyMCE_cleanInput($str) {
    177         return preg_replace("/[^0-9a-z\-_,]+/i", "", $str); // Remove anything but 0-9,a-z,-_
    178 }
    179 
    180 function TinyMCE_echo($str) {
    181         global $cacheData, $diskCache;
    182 
    183         if ($diskCache)
    184                 $cacheData .= $str;
    185         else
    186                 echo $str;
    187 }
    188 
    189 // Only gzip the contents if clients and server support it
    190 $encodings = array();
    191 
    192 if (isset($_SERVER['HTTP_ACCEPT_ENCODING']))
    193         $encodings = explode(',', strtolower(preg_replace("/\s+/", "", $_SERVER['HTTP_ACCEPT_ENCODING'])));
    194 
    195 // Check for gzip header or northon internet securities
    196 if ((in_array('gzip', $encodings) || in_array('x-gzip', $encodings) || isset($_SERVER['---------------'])) && function_exists('ob_gzhandler') && !ini_get('zlib.output_compression')) {
    197         $enc = in_array('x-gzip', $encodings) ? "x-gzip" : "gzip";
    198 
    199         // Use cached file if it exists but not in debug mode
    200         if (file_exists($cacheFile) && !$debug) {
    201                 header("Content-Encoding: " . $enc);
    202                 echo file_get_contents($cacheFile);
    203                 die;
    204         }
    205 
    206         if (!$diskCache)
    207                 ob_start("ob_gzhandler");
    208 } else
    209         $diskCache = false;
    210 
    211 
    212 if ($index > -1) {
    213         // Write main script and patch some things
    214         if ($index == 0) {
    215                 TinyMCE_echo(wp_compact_tinymce_js(file_get_contents(real_path("tiny_mce" . $suffix . ".js")))); // WP
    216                 TinyMCE_echo('TinyMCE.prototype.orgLoadScript = TinyMCE.prototype.loadScript;');
    217                 TinyMCE_echo('TinyMCE.prototype.loadScript = function() {};var realTinyMCE = tinyMCE;');
    218         } else
    219                 TinyMCE_echo('tinyMCE = realTinyMCE;');
    220 
    221         // Do init based on index
    222         TinyMCE_echo("tinyMCE.init(tinyMCECompressed.configs[" . $index . "]);");
    223 
    224         // Load external plugins
    225         if ($index == 0)
    226                 TinyMCE_echo("tinyMCECompressed.loadPlugins();");
    227 
    228         // Load theme, language pack and theme language packs
    229         if ($theme) {
    230                 TinyMCE_echo(wp_compact_tinymce_js(file_get_contents(real_path("themes/" . $theme . "/editor_template" . $suffix . ".js")))); // WP
    231                 TinyMCE_echo(wp_tinymce_lang("themes/" . $theme . "/langs/%s.js")); // WP
    232         }
    233 
    234         /* WP if ($language) WP */
    235                 TinyMCE_echo(wp_tinymce_lang("langs/%s.js")); // WP
    236 
    237         // Load all plugins and their language packs
    238         $plugins = explode(",", $plugins);
    239         foreach ($plugins as $plugin) {
    240                 $pluginFile = real_path("plugins/" . $plugin . "/editor_plugin" . $suffix . ".js");
    241                 /* WP $languageFile = realpath("plugins/" . $plugin . "/langs/" . $lang . ".js"); WP */
    242 
    243                 if ($pluginFile)
    244                         TinyMCE_echo(file_get_contents($pluginFile));
    245 
    246                 /* WP if ($languageFile) WP */
    247                         TinyMCE_echo(wp_tinymce_lang("plugins/" . $plugin . "/langs/%s.js")); // WP
    248         }
    249 
    250         // Reset tinyMCE compressor engine
    251         TinyMCE_echo("tinyMCE = tinyMCECompressed;");
    252 
    253         // Write to cache
    254         if ($diskCache) {
    255                 // Calculate compression ratio and debug target output path
    256                 if ($debug) {
    257                         $ratio = round(100 - strlen(gzencode($cacheData, 9, FORCE_GZIP)) / strlen($cacheData) * 100.0);
    258                         TinyMCE_echo("alert('TinyMCE was compressed by " . $ratio . "%.\\nOutput cache file: " . $cacheFile . "');");
    259                 }
    260 
    261                 $cacheData = gzencode($cacheData, 9, FORCE_GZIP);
    262 
    263                 // Write to file if possible
    264                 $fp = @fopen($cacheFile, "wb");
    265                 if ($fp) {
    266                         fwrite($fp, $cacheData);
    267                         fclose($fp);
    268                 }
    269 
    270                 // Output
    271                 header("Content-Encoding: " . $enc);
    272                 echo $cacheData;
    273         }
    274 
    275         die;
    276 }
    277 ?>
    278 
    279 function TinyMCECompressed() {
    280         this.configs = new Array();
    281         this.loadedFiles = new Array();
    282         this.externalPlugins = new Array();
    283         this.loadAdded = false;
    284         this.isLoaded = false;
    285 }
    286 
    287 TinyMCECompressed.prototype.init = function(settings) {
    288         var elements = document.getElementsByTagName('script');
    289         var scriptURL = "";
    290 
    291         for (var i=0; i<elements.length; i++) {
    292                 if (elements[i].src && elements[i].src.indexOf("tiny_mce_gzip.php") != -1) {
    293                         scriptURL = elements[i].src;
    294                         break;
    295                 }
    296         }
    297 
    298         settings["theme"] = typeof(settings["theme"]) != "undefined" ? settings["theme"] : "default";
    299         settings["plugins"] = typeof(settings["plugins"]) != "undefined" ? settings["plugins"] : "";
    300         settings["language"] = typeof(settings["language"]) != "undefined" ? settings["language"] : "en";
    301         settings["button_tile_map"] = typeof(settings["button_tile_map"]) != "undefined" ? settings["button_tile_map"] : true;
    302         this.configs[this.configs.length] = settings;
    303         this.settings = settings;
    304 
    305         scriptURL += (scriptURL.indexOf('?') == -1) ? '?' : '&';
    306         scriptURL += "theme=" + escape(this.getOnce(settings["theme"])) + "&language=" + escape(this.getOnce(settings["language"])) + "&plugins=" + escape(this.getOnce(settings["plugins"])) + "&lang=" + settings["language"] + "&index=" + escape(this.configs.length-1);
    307         document.write('<sc'+'ript language="javascript" type="text/javascript" src="' + scriptURL + '"></script>');
    308 
    309         if (!this.loadAdded) {
    310                 tinyMCE.addEvent(window, "DOMContentLoaded", TinyMCECompressed.prototype.onLoad);
    311                 tinyMCE.addEvent(window, "load", TinyMCECompressed.prototype.onLoad);
    312                 this.loadAdded = true;
    313         }
    314 }
    315 
    316 TinyMCECompressed.prototype.onLoad = function() {
    317         if (tinyMCE.isLoaded)
    318                 return true;
    319 
    320         tinyMCE = realTinyMCE;
    321         TinyMCE_Engine.prototype.onLoad();
    322         tinyMCE._addUnloadEvents();
    323 
    324         tinyMCE.isLoaded = true;
    325 }
    326 
    327 TinyMCECompressed.prototype.addEvent = function(o, n, h) {
    328         if (o.attachEvent)
    329                 o.attachEvent("on" + n, h);
    330         else
    331                 o.addEventListener(n, h, false);
    332 }
    333 
    334 TinyMCECompressed.prototype.getOnce = function(str) {
    335         var ar = str.replace(/\s+/g, '').split(',');
    336 
    337         for (var i=0; i<ar.length; i++) {
    338                 if (ar[i] == '' || ar[i].charAt(0) == '-') {
    339                         ar[i] = null;
    340                         continue;
    341                 }
    342 
    343                 // Skip load
    344                 for (var x=0; x<this.loadedFiles.length; x++) {
    345                         if (this.loadedFiles[x] == ar[i])
    346                                 ar[i] = null;
    347                 }
    348 
    349                 this.loadedFiles[this.loadedFiles.length] = ar[i];
    350         }
    351 
    352         // Glue
    353         str = "";
    354         for (var i=0; i<ar.length; i++) {
    355                 if (ar[i] == null)
    356                         continue;
    357 
    358                 str += ar[i];
    359 
    360                 if (i != ar.length-1)
    361                         str += ",";
    362         }
    363 
    364         return str;
    365 };
    366 
    367 TinyMCECompressed.prototype.loadPlugins = function() {
    368         var i, ar;
    369 
    370         TinyMCE.prototype.loadScript = TinyMCE.prototype.orgLoadScript;
    371         tinyMCE = realTinyMCE;
    372 
    373         ar = tinyMCECompressed.externalPlugins;
    374         for (i=0; i<ar.length; i++)
    375                 tinyMCE.loadPlugin(ar[i].name, ar[i].url);
    376 
    377         TinyMCE.prototype.loadScript = function() {};
    378 };
    379 
    380 TinyMCECompressed.prototype.loadPlugin = function(n, u) {
    381         this.externalPlugins[this.externalPlugins.length] = {name : n, url : u};
    382 };
    383 
    384 TinyMCECompressed.prototype.importPluginLanguagePack = function(n, v) {
    385         tinyMCE = realTinyMCE;
    386         TinyMCE.prototype.loadScript = TinyMCE.prototype.orgLoadScript;
    387         tinyMCE.importPluginLanguagePack(n, v);
    388 };
    389 
    390 TinyMCECompressed.prototype.addPlugin = function(n, p) {
    391         tinyMCE = realTinyMCE;
    392         tinyMCE.addPlugin(n, p);
    393 };
    394 
    395 var tinyMCE = new TinyMCECompressed();
    396 var tinyMCECompressed = tinyMCE;
    397 
    398 }}}