/** * Collects the necessary information to return for a site's response. * * @return (array) */ public function build_current_site_response() { global $wpdb, $wp_version; $response_format = self::$site_format; $is_user_logged_in = is_user_logged_in(); $visible = array(); if ($is_user_logged_in) { $current_user = wp_get_current_user(); $visible = get_user_meta($current_user->ID, 'blog_visibility', true); if (!is_array($visible)) { $visible = array(); } } $blog_id = (int) $this->api->get_blog_id_for_output(); /** This filter is documented in class.json-api-endpoints.php */ $is_jetpack = true === apply_filters('is_jetpack_site', false, $blog_id); $site_url = get_option('siteurl'); if ($is_jetpack) { remove_filter('option_stylesheet', 'fix_theme_location'); if ('https' !== parse_url($site_url, PHP_URL_SCHEME)) { add_filter('set_url_scheme', array($this, 'force_http'), 10, 3); } } foreach (array_keys($response_format) as $key) { switch ($key) { case 'ID': $response[$key] = $blog_id; break; case 'name': $response[$key] = (string) htmlspecialchars_decode(get_bloginfo('name'), ENT_QUOTES); break; case 'description': $response[$key] = (string) htmlspecialchars_decode(get_bloginfo('description'), ENT_QUOTES); break; case 'URL': $response[$key] = (string) home_url(); break; case 'jetpack': $response[$key] = $is_jetpack; // jetpack magic affects this value break; case 'is_private': if (defined('IS_WPCOM') && IS_WPCOM) { $public_setting = get_option('blog_public'); if (-1 == $public_setting) { $response[$key] = true; } else { $response[$key] = false; } } else { $response[$key] = false; // magic } break; case 'visible': if ($is_user_logged_in) { $is_visible = true; if (isset($visible[$blog_id])) { $is_visible = (bool) $visible[$blog_id]; } // null and true are visible $response[$key] = $is_visible; } break; case 'post_count': if ($is_user_logged_in) { $response[$key] = (int) $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->posts} WHERE post_status = 'publish'"); } break; case 'lang': if ($is_user_logged_in) { $response[$key] = (string) get_bloginfo('language'); } break; case 'icon': if (function_exists('blavatar_domain') && function_exists('blavatar_exists') && function_exists('blavatar_url')) { $domain = blavatar_domain(home_url()); if (blavatar_exists($domain)) { $response[$key] = array('img' => (string) remove_query_arg('s', blavatar_url($domain, 'img')), 'ico' => (string) remove_query_arg('s', blavatar_url($domain, 'ico'))); } else { // This is done so that we can access the updated blavatar on .com via the /me/sites endpoint if (is_jetpack_site()) { $site_icon_url = get_option('jetpack_site_icon_url'); if ($site_icon_url) { $response[$key] = array('img' => (string) jetpack_photon_url($site_icon_url, array(), 'https'), 'ico' => (string) jetpack_photon_url($site_icon_url, array('w' => 16), 'https')); } } } } elseif (function_exists('jetpack_site_icon_url') && function_exists('jetpack_photon_url')) { $response[$key] = array('img' => (string) jetpack_photon_url(jetpack_site_icon_url(get_current_blog_id(), 80), array('w' => 80), 'https'), 'ico' => (string) jetpack_photon_url(jetpack_site_icon_url(get_current_blog_id(), 16), array('w' => 16), 'https')); } break; case 'logo': // Set an empty response array. $response[$key] = array('id' => (int) 0, 'sizes' => array(), 'url' => ''); // Get current site logo values. $logo = get_option('site_logo'); // Update the response array if there's a site logo currenty active. if ($logo && 0 != $logo['id']) { $response[$key]['id'] = $logo['id']; $response[$key]['url'] = $logo['url']; foreach ($logo['sizes'] as $size => $properties) { $response[$key]['sizes'][$size] = $properties; } } break; case 'subscribers_count': if (function_exists('wpcom_subs_total_wpcom_subscribers')) { $total_wpcom_subs = wpcom_subs_total_wpcom_subscribers(array('blog_id' => $blog_id)); $response[$key] = $total_wpcom_subs; } else { $response[$key] = 0; // magic } break; case 'is_following': $response[$key] = (bool) $this->api->is_following($blog_id); break; case 'options': // Figure out if the blog supports VideoPress, have to do some extra checking for JP blogs $has_videopress = false; if (get_option('video_upgrade') == '1') { $has_videopress = true; } else { if (class_exists('Jetpack_Options')) { $videopress = Jetpack_Options::get_option('videopress', array()); if (isset($videopress['blog_id']) && $videopress['blog_id'] > 0) { $has_videopress = true; } } } // deprecated - see separate endpoint. get a list of supported post formats $all_formats = get_post_format_strings(); $supported = get_theme_support('post-formats'); $supported_formats = array(); if (isset($supported[0])) { foreach ($supported[0] as $format) { $supported_formats[$format] = $all_formats[$format]; } } // determine if sharing buttons should be visible by default $default_sharing_status = false; if (class_exists('Sharing_Service')) { $ss = new Sharing_Service(); $blog_services = $ss->get_blog_services(); $default_sharing_status = !empty($blog_services['visible']); } $is_mapped_domain = false; if (function_exists('get_primary_redirect')) { $primary_redirect = strtolower(get_primary_redirect()); if (false === strpos($primary_redirect, '.wordpress.com')) { $is_mapped_domain = true; } } $is_redirect = false; if (function_exists('get_primary_domain_mapping_record')) { if (get_primary_domain_mapping_record()->type == 1) { $is_redirect = true; } } if (function_exists('get_mime_types')) { $allowed_file_types = get_mime_types(); } else { // http://codex.wordpress.org/Uploading_Files $mime_types = get_allowed_mime_types(); foreach ($mime_types as $type => $mime_type) { $extras = explode('|', $type); foreach ($extras as $extra) { $allowed_file_types[] = $extra; } } } if (function_exists('get_blog_details')) { $blog_details = get_blog_details(); if (!empty($blog_details->registered)) { $registered_date = $blog_details->registered; } } $upgraded_filetypes_enabled = false; if ($is_jetpack || get_option('use_upgraded_upload_filetypes')) { $upgraded_filetypes_enabled = true; } $wordads = false; if (function_exists('has_any_blog_stickers')) { $wordads = has_any_blog_stickers(array('wordads-approved', 'wordads-approved-misfits'), $blog_id); } $response[$key] = array('timezone' => (string) get_option('timezone_string'), 'gmt_offset' => (double) get_option('gmt_offset'), 'videopress_enabled' => $has_videopress, 'upgraded_filetypes_enabled' => $upgraded_filetypes_enabled, 'login_url' => wp_login_url(), 'admin_url' => get_admin_url(), 'is_mapped_domain' => $is_mapped_domain, 'is_redirect' => $is_redirect, 'unmapped_url' => get_site_url($blog_id), 'featured_images_enabled' => current_theme_supports('post-thumbnails'), 'theme_slug' => get_option('stylesheet'), 'header_image' => get_theme_mod('header_image_data'), 'background_color' => get_theme_mod('background_color'), 'image_default_link_type' => get_option('image_default_link_type'), 'image_thumbnail_width' => (int) get_option('thumbnail_size_w'), 'image_thumbnail_height' => (int) get_option('thumbnail_size_h'), 'image_thumbnail_crop' => get_option('thumbnail_crop'), 'image_medium_width' => (int) get_option('medium_size_w'), 'image_medium_height' => (int) get_option('medium_size_h'), 'image_large_width' => (int) get_option('large_size_w'), 'image_large_height' => (int) get_option('large_size_h'), 'permalink_structure' => get_option('permalink_structure'), 'post_formats' => $supported_formats, 'default_post_format' => get_option('default_post_format'), 'default_category' => (int) get_option('default_category'), 'allowed_file_types' => $allowed_file_types, 'show_on_front' => get_option('show_on_front'), 'default_likes_enabled' => (bool) apply_filters('wpl_is_enabled_sitewide', !get_option('disabled_likes')), 'default_sharing_status' => (bool) $default_sharing_status, 'default_comment_status' => 'closed' == get_option('default_comment_status') ? false : true, 'default_ping_status' => 'closed' == get_option('default_ping_status') ? false : true, 'software_version' => $wp_version, 'created_at' => !empty($registered_date) ? $this->format_date($registered_date) : '0000-00-00T00:00:00+00:00', 'wordads' => $wordads); if ('page' === get_option('show_on_front')) { $response['options']['page_on_front'] = (int) get_option('page_on_front'); $response['options']['page_for_posts'] = (int) get_option('page_for_posts'); } if ($is_jetpack) { $response['options']['jetpack_version'] = get_option('jetpack_version'); if (get_option('jetpack_main_network_site')) { $response['options']['main_network_site'] = (string) rtrim(get_option('jetpack_main_network_site'), '/'); } if (is_array(Jetpack_Options::get_option('active_modules'))) { $response['options']['active_modules'] = (array) array_values(Jetpack_Options::get_option('active_modules')); } if ($jetpack_wp_version = get_option('jetpack_wp_version')) { $response['options']['software_version'] = (string) $jetpack_wp_version; } else { if ($jetpack_update = get_option('jetpack_updates')) { if (is_array($jetpack_update) && isset($jetpack_update['wp_version'])) { $response['options']['software_version'] = (string) $jetpack_update['wp_version']; } else { $response['options']['software_version'] = null; } } else { $response['options']['software_version'] = null; } } $response['options']['max_upload_size'] = get_option('jetpack_max_upload_size', false); // Sites have to prove that they are not main_network site. // If the sync happends right then we should be able to see that we are not dealing with a network site $response['options']['is_multi_network'] = (bool) get_option('jetpack_is_main_network', true); $response['options']['is_multi_site'] = (bool) get_option('jetpack_is_multi_site', true); } if (!current_user_can('edit_posts')) { unset($response[$key]); } break; case 'meta': /** * Filters the URL scheme used when querying your site's REST API endpoint. * * @module json-api * * @since 3.2.0 * * @param string parse_url( get_option( 'home' ), PHP_URL_SCHEME ) URL scheme parsed from home URL. */ $xmlrpc_scheme = apply_filters('wpcom_json_api_xmlrpc_scheme', parse_url(get_option('home'), PHP_URL_SCHEME)); $xmlrpc_url = site_url('xmlrpc.php', $xmlrpc_scheme); $response[$key] = (object) array('links' => (object) array('self' => (string) $this->get_site_link($blog_id), 'help' => (string) $this->get_site_link($blog_id, 'help'), 'posts' => (string) $this->get_site_link($blog_id, 'posts/'), 'comments' => (string) $this->get_site_link($blog_id, 'comments/'), 'xmlrpc' => (string) $xmlrpc_url)); break; } } if ($is_jetpack) { // Add the updates only make them visible if the user has manage options permission. $jetpack_update = (array) get_option('jetpack_updates'); if (!empty($jetpack_update) && current_user_can('manage_options')) { if (isset($jetpack_update['wp_version'])) { // In previous version of Jetpack 3.4, 3.5, 3.6 we synced the wp_version into to jetpack_updates unset($jetpack_update['wp_version']); } if (isset($jetpack_update['site_is_version_controlled'])) { // In previous version of Jetpack 3.4, 3.5, 3.6 we synced the site_is_version_controlled into to jetpack_updates unset($jetpack_update['site_is_version_controlled']); } $response['updates'] = (array) $jetpack_update; } add_filter('option_stylesheet', 'fix_theme_location'); if ('https' !== parse_url($site_url, PHP_URL_SCHEME)) { remove_filter('set_url_scheme', array($this, 'force_http'), 10, 3); } } return $response; }
function load_file($f) { $v = file_get_contents($f); header('Content-Type: ' . get_mime_types($f)); echo $v; exit; }
/** * Get the mime type based on the filename * * @param $filename * @return mixed|string */ function getFileContentTypeByFilename($filename) { $mime_types = get_mime_types(); $exp = explode('.', $filename); $ext = strtolower(array_pop($exp)); if (array_key_exists($ext, $mime_types)) { return $mime_types[$ext]; } elseif (function_exists('finfo_open')) { $finfo = finfo_open(FILEINFO_MIME); $mimetype = finfo_file($finfo, $filename); finfo_close($finfo); return $mimetype; } else { return 'application/octet-stream'; } }
/** * Collects the necessary information to return for a site's response. * * @return (array) */ public function build_current_site_response() { global $wpdb, $wp_version; $response_format = self::$site_format; $is_user_logged_in = is_user_logged_in(); $visible = array(); if ($is_user_logged_in) { $current_user = wp_get_current_user(); $visible = get_user_meta($current_user->ID, 'blog_visibility', true); if (!is_array($visible)) { $visible = array(); } } $blog_id = (int) $this->api->get_blog_id_for_output(); $is_jetpack = true === apply_filters('is_jetpack_site', false, $blog_id); $site_url = get_option('siteurl'); if ($is_jetpack) { remove_filter('option_stylesheet', 'fix_theme_location'); if ('https' !== parse_url($site_url, PHP_URL_SCHEME)) { add_filter('set_url_scheme', array($this, 'force_http'), 10, 3); } } foreach (array_keys($response_format) as $key) { switch ($key) { case 'ID': $response[$key] = $blog_id; break; case 'name': $response[$key] = (string) htmlspecialchars_decode(get_bloginfo('name'), ENT_QUOTES); break; case 'description': $response[$key] = (string) htmlspecialchars_decode(get_bloginfo('description'), ENT_QUOTES); break; case 'URL': $response[$key] = (string) home_url(); break; case 'jetpack': $response[$key] = $is_jetpack; // jetpack magic affects this value break; case 'is_private': if (defined('IS_WPCOM') && IS_WPCOM) { $public_setting = get_option('blog_public'); if (-1 == $public_setting) { $response[$key] = true; } else { $response[$key] = false; } } else { $response[$key] = false; // magic } break; case 'visible': if ($is_user_logged_in) { $is_visible = true; if (isset($visible[$blog_id])) { $is_visible = $visible[$blog_id]; } // null and true are visible $response[$key] = $is_visible; } break; case 'post_count': if ($is_user_logged_in) { $response[$key] = (int) $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->posts} WHERE post_status = 'publish'"); } break; case 'lang': if ($is_user_logged_in) { $response[$key] = (string) get_bloginfo('language'); } break; case 'icon': if (function_exists('blavatar_domain') && function_exists('blavatar_exists') && function_exists('blavatar_url')) { $domain = blavatar_domain(home_url()); if (blavatar_exists($domain)) { $response[$key] = array('img' => (string) remove_query_arg('s', blavatar_url($domain, 'img')), 'ico' => (string) remove_query_arg('s', blavatar_url($domain, 'ico'))); } } elseif (function_exists('jetpack_site_icon_url') && function_exists('jetpack_photon_url')) { $response[$key] = array('img' => (string) jetpack_photon_url(jetpack_site_icon_url(get_current_blog_id(), 80), array('w' => 80), 'https'), 'ico' => (string) jetpack_photon_url(jetpack_site_icon_url(get_current_blog_id(), 16), array('w' => 16), 'https')); } break; case 'logo': // Set an empty response array. $response[$key] = array('id' => (int) 0, 'sizes' => array(), 'url' => ''); // Get current site logo values. $logo = get_option('site_logo'); // Update the response array if there's a site logo currenty active. if ($logo && 0 != $logo['id']) { $response[$key]['id'] = $logo['id']; $response[$key]['url'] = $logo['url']; foreach ($logo['sizes'] as $size => $properties) { $response[$key]['sizes'][$size] = $properties; } } break; case 'subscribers_count': if (function_exists('wpcom_subs_total_wpcom_subscribers')) { $total_wpcom_subs = wpcom_subs_total_wpcom_subscribers(array('blog_id' => $blog_id)); $response[$key] = $total_wpcom_subs; } else { $response[$key] = 0; // magic } break; case 'is_following': $response[$key] = (bool) $this->api->is_following($blog_id); break; case 'options': // Figure out if the blog supports VideoPress, have to do some extra checking for JP blogs $has_videopress = false; if (get_option('video_upgrade') == '1') { $has_videopress = true; } else { if (class_exists('Jetpack_Options')) { $videopress = Jetpack_Options::get_option('videopress', array()); if ($videopress['blog_id'] > 0) { $has_videopress = true; } } } // deprecated - see separate endpoint. get a list of supported post formats $all_formats = get_post_format_strings(); $supported = get_theme_support('post-formats'); $supported_formats = array(); if (isset($supported[0])) { foreach ($supported[0] as $format) { $supported_formats[$format] = $all_formats[$format]; } } // determine if sharing buttons should be visible by default $default_sharing_status = false; if (class_exists('Sharing_Service')) { $ss = new Sharing_Service(); $blog_services = $ss->get_blog_services(); $default_sharing_status = !empty($blog_services['visible']); } $is_mapped_domain = false; if (function_exists('get_primary_redirect')) { $primary_redirect = strtolower(get_primary_redirect()); if (false === strpos($primary_redirect, '.wordpress.com')) { $is_mapped_domain = true; } } if (function_exists('get_mime_types')) { $allowed_file_types = get_mime_types(); } else { // http://codex.wordpress.org/Uploading_Files $mime_types = get_allowed_mime_types(); foreach ($mime_types as $type => $mime_type) { $extras = explode('|', $type); foreach ($extras as $extra) { $allowed_file_types[] = $extra; } } } $response[$key] = array('timezone' => (string) get_option('timezone_string'), 'gmt_offset' => (double) get_option('gmt_offset'), 'videopress_enabled' => $has_videopress, 'login_url' => wp_login_url(), 'admin_url' => get_admin_url(), 'is_mapped_domain' => $is_mapped_domain, 'unmapped_url' => get_site_url($blog_id), 'featured_images_enabled' => current_theme_supports('post-thumbnails'), 'header_image' => get_theme_mod('header_image_data'), 'background_color' => get_theme_mod('background_color'), 'image_default_link_type' => get_option('image_default_link_type'), 'image_thumbnail_width' => (int) get_option('thumbnail_size_w'), 'image_thumbnail_height' => (int) get_option('thumbnail_size_h'), 'image_thumbnail_crop' => get_option('thumbnail_crop'), 'image_medium_width' => (int) get_option('medium_size_w'), 'image_medium_height' => (int) get_option('medium_size_h'), 'image_large_width' => (int) get_option('large_size_w'), 'image_large_height' => (int) get_option('large_size_h'), 'post_formats' => $supported_formats, 'allowed_file_types' => $allowed_file_types, 'default_likes_enabled' => (bool) apply_filters('wpl_is_enabled_sitewide', !get_option('disabled_likes')), 'default_sharing_status' => (bool) $default_sharing_status, 'default_comment_status' => 'closed' == get_option('default_comment_status') ? false : true, 'default_ping_status' => 'closed' == get_option('default_ping_status') ? false : true, 'software_version' => $wp_version); if (!current_user_can('edit_posts')) { unset($response[$key]); } break; case 'meta': $xmlrpc_scheme = apply_filters('wpcom_json_api_xmlrpc_scheme', parse_url(get_option('home'), PHP_URL_SCHEME)); $xmlrpc_url = site_url('xmlrpc.php', $xmlrpc_scheme); $response[$key] = (object) array('links' => (object) array('self' => (string) $this->get_site_link($blog_id), 'help' => (string) $this->get_site_link($blog_id, 'help'), 'posts' => (string) $this->get_site_link($blog_id, 'posts/'), 'comments' => (string) $this->get_site_link($blog_id, 'comments/'), 'xmlrpc' => (string) $xmlrpc_url)); break; } } if ($is_jetpack) { add_filter('option_stylesheet', 'fix_theme_location'); if ('https' !== parse_url($site_url, PHP_URL_SCHEME)) { remove_filter('set_url_scheme', array($this, 'force_http'), 10, 3); } } return $response; }
} $file = __DIR__ . $path; // If is an asset if (strpos($path, '/assets/') === 0 && file_exists($file) && is_file($file)) { $mime = get_mime_types(); $ext = pathinfo($file, PATHINFO_EXTENSION); $contentType = $mime[$ext] ?? 'application/octet-stream'; header('Content-Type: ' . $contentType); readfile($file); return; } $file = $_SERVER['DOCUMENT_ROOT'] . $path; if (file_exists($file) && is_file($file)) { $ext = pathinfo($file, PATHINFO_EXTENSION); if (supported_extension($ext)) { return false; } $mime = get_mime_types(); header('Content-Type: ' . $mime[$ext] ?? 'application/octet-stream'); readfile($file); return; } require __DIR__ . '/public/index.php'; function get_mime_types() { return ['apk' => 'application/vnd.android.package-archive', 'txt' => 'text/plain', 'htm' => 'text/html', 'html' => 'text/html', 'php' => 'text/html', 'css' => 'text/css', 'csv' => 'text/csv', 'ics' => 'text/calendar', 'js' => 'application/javascript', 'json' => 'application/json', 'text' => 'application/plain', 'xml' => 'application/xml', 'xsl' => 'text/xsl', 'swf' => 'application/x-shockwave-flash', 'flv' => 'video/x-flv', 'png' => 'image/png', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'gif' => 'image/gif', 'bmp' => 'image/bmp', 'ico' => 'image/vnd.microsoft.icon', 'tiff' => 'image/tiff', 'tif' => 'image/tiff', 'svg' => 'image/svg+xml', 'svgz' => 'image/svg+xml', 'eot' => 'application/vnd.ms-fontobject', 'woff' => 'application/x-font-woff', 'woff2' => 'application/x-font-woff', 'ttf' => 'application/x-font-ttf', 'zip' => 'application/zip', 'rar' => 'application/x-rar-compressed', 'gz' => 'application/x-gzip', 'gzip' => 'application/x-gzip', 'tar' => 'application/x-tar', 'exe' => 'application/x-msdownload', 'msi' => 'application/x-msdownload', 'cab' => 'application/vnd.ms-cab-compressed', 'flac' => 'audio/x-flac', 'm4a' => 'audio/mp4', 'mp3' => 'audio/mpeg3', 'mp4' => 'audio/mp4', 'mpg' => 'audio/mpeg', 'oga' => 'audio/ogg', 'ogg' => 'audio/ogg', 'wav' => 'audio/wav', 'webm' => 'audio/webm', '3gp' => 'video/3gpp', 'avi' => 'video/x-msvideo', 'qt' => 'video/quicktime', 'mov' => 'video/quicktime', 'gt' => 'video/quicktime', 'mpeg' => 'video/mpeg', 'wmv' => 'video/x-ms-wmv', 'ogv' => 'video/ogg', 'pdf' => 'application/pdf', 'psd' => 'image/vnd.adobe.photoshop', 'ai' => 'application/postscript', 'eps' => 'application/postscript', 'ps' => 'application/postscript', 'doc' => 'application/msword', 'pps' => 'application/vnd.ms-powerpoint', 'docx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'pptx' => 'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'xlsx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'rtf' => 'application/rtf', 'xls' => 'application/vnd.ms-excel', 'ppt' => 'application/vnd.ms-powerpoint', 'odp' => 'application/vnd.oasis.opendocument.text', 'odt' => 'application/vnd.oasis.opendocument.text', 'ods' => 'application/vnd.oasis.opendocument.spreadsheet', 'kml' => 'application/vnd.google-earth.kml+xml', 'kmz' => 'application/vnd.google-earth.kmz']; } function supported_extension($ext) { return in_array($ext, ['xml', 'xsl', 'xsd', '3gp', 'apk', 'avi', 'bmp', 'csv', 'doc', 'docx', 'flac', 'gz', 'gzip', 'ics', 'kml', 'kmz', 'm4a', 'mp3', 'mp4', 'mpg', 'mpeg', 'mov', 'odp', 'ods', 'odt', 'oga', 'pdf', 'pptx', 'pps', 'qt', 'swf', 'tar', 'text', 'tif', 'wav', 'wmv', 'xls', 'xlsx', 'zip', 'ogg', 'ogv', 'webm', 'htm', 'svg']); }