function identify_protected_attachments($attachment_id = 0, $guid = '', $cols = '', $args = array()) { if ($guid && empty($args['guid'])) { $args = array_merge($args, array('guid' => $guid)); } return ScoperAnalyst::identify_protected_posts($attachment_id, true, $cols, $args); }
function &build_blog_file_rules() { $new_rules = ''; require_once dirname(__FILE__) . '/analyst_rs.php'; if (!($attachment_results = ScoperAnalyst::identify_protected_attachments())) { return $new_rules; } global $wpdb; require_once dirname(__FILE__) . '/uploads_rs.php'; $home_root = parse_url(get_option('home')); $home_root = trailingslashit($home_root['path']); $uploads = scoper_get_upload_info(); $baseurl = trailingslashit($uploads['baseurl']); $arr_url = parse_url($baseurl); $rewrite_base = $arr_url['path']; $file_keys = array(); $has_postmeta = array(); if ($key_results = scoper_get_results("SELECT pm.meta_value, p.guid, p.ID FROM {$wpdb->postmeta} AS pm INNER JOIN {$wpdb->posts} AS p ON p.ID = pm.post_id WHERE pm.meta_key = '_rs_file_key'")) { foreach ($key_results as $row) { $file_keys[$row->guid] = $row->meta_value; $has_postmeta[$row->ID] = $row->meta_value; } } $new_rules = "<IfModule mod_rewrite.c>\n"; $new_rules .= "RewriteEngine On\n"; $new_rules .= "RewriteBase {$rewrite_base}\n\n"; $main_rewrite_rule = "RewriteRule ^(.*) {$home_root}index.php?attachment=\$1&rs_rewrite=1 [NC,L]\n"; $htaccess_urls = array(); foreach ($attachment_results as $row) { if (false !== strpos($row->guid, $baseurl)) { // no need to include any attachments which are not in the uploads folder if (!empty($file_keys[$row->guid])) { $key = $file_keys[$row->guid]; } else { $key = urlencode(str_replace('.', '', uniqid(strval(rand()), true))); $file_keys[$row->guid] = $key; } if (!isset($has_postmeta[$row->ID]) || $key != $has_postmeta[$row->ID]) { update_post_meta($row->ID, "_rs_file_key", $key); } if (isset($htaccess_urls[$row->guid])) { // if a file is attached to multiple protected posts, use a single rewrite rule for it continue; } $htaccess_urls[$row->guid] = true; $rel_path = str_replace($baseurl, '', $row->guid); // escape spaces $file_path = str_replace(' ', '\\s', $rel_path); // escape horiz tabs (yes, at least one user has them in filenames) $file_path = str_replace(chr(9), '\\t', $file_path); // strip out all other nonprintable characters. Affected files will not be filtered, but we avoid 500 error. Possible TODO: advisory in file attachment utility $file_path = preg_replace('/[\\x00-\\x1f\\x7f]/', '', $file_path); // escape all other regular expression operator characters $file_path = preg_replace('/[\\^\\$\\.\\+\\[\\]\\(\\)\\{\\}]/', '\\\\$0', $file_path); $new_rules .= "RewriteCond %{REQUEST_URI} ^(.*)/{$file_path}" . "\$ [NC]\n"; $new_rules .= "RewriteCond %{QUERY_STRING} !^(.*)rs_file_key={$key}(.*)\n"; $new_rules .= $main_rewrite_rule; if ($pos_ext = strrpos($file_path, '\\.')) { $thumb_path = substr($file_path, 0, $pos_ext); $ext = substr($file_path, $pos_ext + 2); $new_rules .= "RewriteCond %{REQUEST_URI} ^(.*)/{$thumb_path}" . '-[0-9]{2,4}x[0-9]{2,4}\\.' . $ext . "\$ [NC]\n"; $new_rules .= "RewriteCond %{QUERY_STRING} !^(.*)rs_file_key={$key}(.*)\n"; $new_rules .= $main_rewrite_rule; // if resized image file(s) exist, include rules for them $guid_pos_ext = strrpos($rel_path, '.'); $pattern = $uploads['path'] . '/' . substr($rel_path, 0, $guid_pos_ext) . '-??????????????' . substr($rel_path, $guid_pos_ext); if (glob($pattern)) { $new_rules .= "RewriteCond %{REQUEST_URI} ^(.*)/{$thumb_path}" . '-[0-9,a-f]{14}\\.' . $ext . "\$ [NC]\n"; $new_rules .= "RewriteCond %{QUERY_STRING} !^(.*)rs_file_key={$key}(.*)\n"; $new_rules .= $main_rewrite_rule; } } } } // end foreach protected attachment if (IS_MU_RS) { global $blog_id; $file_filtered_sites = (array) get_site_option('scoper_file_filtered_sites'); if (!in_array($blog_id, $file_filtered_sites)) { // this site needs a file redirect rule in root .htaccess scoper_flush_site_rules(); } if (defined('SCOPER_MU_FILE_PROCESSING')) { // unless SCOPER_MU_FILE_PROCESSING is defined (indicating blogs.php has been modified for compatibility), blogs.php processing will be bypassed for all files $content_path = trailingslashit(str_replace($strip_path, '', str_replace('\\', '/', WP_CONTENT_DIR))); $new_rules .= "\n# Default WordPress cache handling\n"; $new_rules .= "RewriteRule ^(.*) {$content_path}blogs.php?file=\$1 [L]\n"; } } $new_rules .= "</IfModule>\n"; return $new_rules; }
function build_blog_file_redirects() { global $wpdb, $blog_id, $base; if (!ScoperRewrite::site_config_supports_rewrite()) { return ''; } $new_rules = ''; $orig_blog_id = $blog_id; $strip_path = str_replace('\\', '/', trailingslashit(ABSPATH)); require_once dirname(__FILE__) . '/analyst_rs.php'; $new_rules .= "\n#Run file requests through blog-specific .htaccess to support filtering. Files that pass through filtering will be redirected by default WP rules.\n"; $file_filtered_sites = array(); $results = scoper_get_results("SELECT blog_id, path FROM {$wpdb->blogs} ORDER BY blog_id"); foreach ($results as $row) { switch_to_blog($row->blog_id); if ($results = ScoperAnalyst::identify_protected_attachments()) { $file_filtered_sites[] = $row->blog_id; // WP-mu content rules are only inserted if defined uploads path matches this default structure $dir = ABSPATH . UPLOADBLOGSDIR . "/{$row->blog_id}/files/"; $url = trailingslashit($siteurl) . UPLOADBLOGSDIR . "/{$row->blog_id}/files/"; $uploads = apply_filters('upload_dir', array('path' => $dir, 'url' => $url, 'subdir' => '', 'basedir' => $dir, 'baseurl' => $url, 'error' => false)); $content_base = str_replace($strip_path, '', str_replace('\\', '/', $uploads['basedir'])); $path = trailingslashit($row->path); if ($base && '/' != $base) { if (0 === strpos($path, $base)) { $path = substr($path, strlen($base)); } } // If a filter has changed basedir, don't filter file attachments for this blog if (strpos($content_base, "/blogs.dir/{$row->blog_id}/files/")) { $new_rules .= "RewriteRule ^{$path}files/(.*) {$content_base}\$1 [L]\n"; } //RewriteRule ^blog1/files/(.*) wp-content/blogs.dir/2/files/$1 [L] } } update_site_option('scoper_file_filtered_sites', $file_filtered_sites); switch_to_blog($orig_blog_id); return $new_rules; }