本文整理汇总了PHP中validate_file函数的典型用法代码示例。如果您正苦于以下问题:PHP validate_file函数的具体用法?PHP validate_file怎么用?PHP validate_file使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了validate_file函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: preview_theme
/**
* Replaces core function to start preview theme output buffer.
*/
static function preview_theme()
{
// are we previewing?
if (!isset($_GET['template']) || !wp_verify_nonce($_GET['preview_ctc'])) {
return;
}
// can user preview?
if (!current_user_can('switch_themes')) {
return;
}
// hide admin bar in preview
if (isset($_GET['preview_iframe'])) {
show_admin_bar(false);
}
// sanitize template param
$_GET['template'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['template']);
// check for manipulations
if (validate_file($_GET['template'])) {
return;
}
// replace future get_template calls with preview template
add_filter('template', 'ChildThemeConfiguratorPreview::preview_theme_template_filter');
if (isset($_GET['stylesheet'])) {
// sanitize stylesheet param
$_GET['stylesheet'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['stylesheet']);
// check for manipulations
if (validate_file($_GET['stylesheet'])) {
return;
}
// replace future get_stylesheet calls with preview stylesheet
add_filter('stylesheet', 'ChildThemeConfiguratorPreview::preview_theme_stylesheet_filter');
}
// swap out theme mods with preview theme mods
add_filter('pre_option_theme_mods_' . get_option('stylesheet'), 'ChildThemeConfiguratorPreview::preview_mods');
}
开发者ID:BastienMottier,项目名称:teknologeek,代码行数:38,代码来源:class-ctc-preview.php
示例2: get_ignored_words
/**
* Get the ignored words
*
* @param string $lang
*
* @return array
*/
private function get_ignored_words($lang)
{
if (null == $this->ignored_words) {
// Require the lang file
$relative_path = '/ignored-words/' . $lang . '.php';
// Validate the file path to prevent traversal attacks
if (0 !== validate_file($relative_path)) {
return array();
}
$filename = dirname(__FILE__) . $relative_path;
// Check if file exists
if (!file_exists($filename)) {
return array();
}
// Require the file
$ignored_words = (require $filename);
// Check if the the $ignored_words are set
if (is_null($ignored_words) || !is_array($ignored_words)) {
return array();
}
// add extra ignored words (setting)
$ignored_words = array_merge($ignored_words, $this->get_extra_ignored_words());
// Words to ignore
$this->ignored_words = apply_filters('rp4wp_ignored_words', $ignored_words);
}
return $this->ignored_words;
}
开发者ID:amprog,项目名称:relatedpostsforwp,代码行数:34,代码来源:class-related-word-manager.php
示例3: ctfw_force_download
/**
* Force download of certain file types via ?download=path/filename.type
*
* This prompts "Save As" -- handy for MP3, PDF, etc. Only works on local files.
*
* This information was useful: http://wordpress.stackexchange.com/questions/3480/how-can-i-force-a-file-download-in-the-wordpress-backend
*
* Use add_theme_support( 'ctfw_force_downloads' );
*
* @since 0.9
* @global object $wp_query
* @global object $wp_filesystem;
*/
function ctfw_force_download()
{
global $wp_query, $wp_filesystem;
// Theme supports this?
if (!current_theme_supports('ctfw-force-downloads')) {
return;
}
// Check if this URL is a request for file download
if (is_front_page() && !empty($_GET['download'])) {
// relative file path
$relative_file_path = ltrim($_GET['download'], '/');
// remove preceding slash, if any
// check for directory traversal attack
if (!validate_file($relative_file_path)) {
// false means it passed validation
// path to file in uploads folder (only those can be downloaded)
$upload_dir = wp_upload_dir();
$upload_file_path = $upload_dir['basedir'] . '/' . $relative_file_path;
// file exists in uploads folder?
if (file_exists($upload_file_path)) {
// make sure file valid as upload (valid type, extension, etc.)
$validate = wp_check_filetype_and_ext($upload_file_path, basename($upload_file_path));
if ($validate['type'] && $validate['ext']) {
// empty if type not in upload_mimes, doesn't exist, etc.
// headers to prompt "save as"
$filename = basename($upload_file_path);
$filesize = filesize($upload_file_path);
header('Content-Type: application/octet-stream', true, 200);
// replace WordPress 404 Not Found with 200 Okay
header('Content-Disposition: attachment; filename=' . $filename);
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . $filesize);
// clear buffering just in case
@ob_end_clean();
flush();
// Prepare to use WP_Filesystem
/* See comments below
if ( ! class_exists( 'WP_Filesystem_Base') ) {
require_once ABSPATH . 'wp-admin/includes/file.php';
}
WP_Filesystem();
*/
// Output file contents using Direct method
// readfile more efficient; WP_Filesystem security used, causes Theme Check warning
//echo $wp_filesystem->get_contents( $upload_file_path );
@readfile($upload_file_path);
// we're done, stop further execution
exit;
}
}
}
// failure of any type results in 404 file not found
$wp_query->set_404();
status_header(404);
}
}
开发者ID:pemiu01,项目名称:church-theme-framework,代码行数:71,代码来源:downloads.php
示例4: voce_theme_customizer_init
function voce_theme_customizer_init()
{
if (class_exists('WP_Customize_Control')) {
$files = glob(__DIR__ . '/controls/*.php');
foreach ($files as $file) {
$class = basename($file);
if (!class_exists($class) && 0 === validate_file($file)) {
require_once $file;
}
}
Voce_Customize_Image_Control::init();
Voce_Customize_PSU_Control::init();
}
}
开发者ID:voceconnect,项目名称:voce-theme-customizer,代码行数:14,代码来源:voce-theme-customizer.php
示例5: amp_render
function amp_render()
{
$__DIR__ = dirname(__FILE__);
require $__DIR__ . '/includes/amp-template-actions.php';
$post_id = get_queried_object_id();
do_action('pre_amp_render', $post_id);
$amp_post = new AMP_Post($post_id);
$default_template = $__DIR__ . '/templates/amp-index.php';
$template = apply_filters('amp_template_file', $default_template);
if (0 !== validate_file($template)) {
_doing_it_wrong(__FUNCTION__, __('Path validation for `amp_template_file` failed.'), '0.1');
$template = $default_template;
}
include $template;
exit;
}
开发者ID:kantan2015,项目名称:amp-wp,代码行数:16,代码来源:amp.php
示例6: validate_file_to_edit
function validate_file_to_edit($file, $allowed_files = '')
{
$file = stripslashes($file);
$code = validate_file($file, $allowed_files);
if (!$code) {
return $file;
}
switch ($code) {
case 1:
wp_die(__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
case 2:
wp_die(__('Sorry, can’t call files with their real path.'));
case 3:
wp_die(__('Sorry, that file cannot be edited.'));
}
}
开发者ID:helmonaut,项目名称:owb-mirror,代码行数:16,代码来源:file.php
示例7: wp_get_active_network_plugins
/**
* Returns array of network plugin files to be included in global scope.
*
* The default directory is wp-content/plugins. To change the default directory
* manually, define <code>WP_PLUGIN_DIR</code> and <code>WP_PLUGIN_URL</code>
* in wp-config.php.
*
* @access private
* @since 3.1.0
* @return array Files to include
*/
function wp_get_active_network_plugins()
{
$active_plugins = (array) get_site_option('active_sitewide_plugins', array());
if (empty($active_plugins)) {
return array();
}
$plugins = array();
$active_plugins = array_keys($active_plugins);
sort($active_plugins);
foreach ($active_plugins as $plugin) {
if (!validate_file($plugin) && '.php' == substr($plugin, -4) && file_exists(WP_PLUGIN_DIR . '/' . $plugin)) {
$plugins[] = WP_PLUGIN_DIR . '/' . $plugin;
}
}
return $plugins;
}
开发者ID:jcsilkey,项目名称:CodeReviewSecurityRepo,代码行数:27,代码来源:ms-load.php
示例8: GetPostTemplate
protected function GetPostTemplate($post)
{
$id = $post->ID;
$template = get_page_template_slug($id);
$pagename = $post->post_name;
$templates = array();
if ($template && 0 === validate_file($template)) {
$templates[] = $template;
}
if ($pagename) {
$templates[] = "page-{$pagename}.php";
}
if ($id) {
$templates[] = "page-{$id}.php";
}
$templates[] = 'page.php';
return get_query_template('page', $templates);
}
开发者ID:Anciela,项目名称:anciela.info,代码行数:18,代码来源:Content.php
示例9: get_file
function get_file($path, $args = [])
{
// Initial tests and path assignment; note that `validate_file()` is a core WP function
if (empty($path) || !is_string($path) || validate_file($path) > 0 || !file_exists($path)) {
return;
}
// Attempt to fetch file contents
if (!($contents = @file_get_contents($path))) {
return;
}
// Process arguments
$args = wp_parse_args($args, ['replace' => []]);
// Optionally strip contents of specified strings
if (is_array($args['replace']) && !empty($args['replace'])) {
$contents = str_replace(array_keys($args['replace']), array_values($args['replace']), $contents);
}
// Return whatever we have
return $contents;
}
开发者ID:synapticism,项目名称:ubik,代码行数:19,代码来源:assets.php
示例10: wp_get_active_and_valid_plugins
function wp_get_active_and_valid_plugins()
{
$plugins = array();
$active_plugins = (array) get_option('active_plugins', array());
// Check for hacks file if the option is enabled
if (get_option('hack_file') && file_exists(ABSPATH . 'my-hacks.php')) {
_deprecated_file('my-hacks.php', '1.5');
array_unshift($plugins, ABSPATH . 'my-hacks.php');
}
if (empty($active_plugins) || wp_installing()) {
return $plugins;
}
$network_plugins = is_multisite() ? wp_get_active_network_plugins() : false;
foreach ($active_plugins as $plugin) {
if (!validate_file($plugin) && '.php' == substr($plugin, -4) && file_exists(WP_PLUGIN_DIR . '/' . $plugin) && (!$network_plugins || !in_array(WP_PLUGIN_DIR . '/' . $plugin, $network_plugins))) {
$plugins[] = WP_PLUGIN_DIR . '/' . $plugin;
}
}
return $plugins;
}
开发者ID:AppItNetwork,项目名称:yii2-wordpress-themes,代码行数:20,代码来源:load.php
示例11: preview_theme
/**
* Replaces core function to start preview theme output buffer.
*/
static function preview_theme()
{
// are we previewing?
if (!isset($_GET['template']) || !wp_verify_nonce($_GET['preview_ctc'])) {
return;
}
// can user preview?
if (!current_user_can('switch_themes')) {
return;
}
// hide admin bar in preview
if (isset($_GET['preview_iframe'])) {
show_admin_bar(false);
}
// sanitize template param
$_GET['template'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['template']);
// check for manipulations
if (validate_file($_GET['template'])) {
return;
}
// replace future get_template calls with preview template
add_filter('template', 'ChildThemeConfiguratorPreview::preview_theme_template_filter');
if (isset($_GET['stylesheet'])) {
// sanitize stylesheet param
$_GET['stylesheet'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['stylesheet']);
// check for manipulations
if (validate_file($_GET['stylesheet'])) {
return;
}
// replace future get_stylesheet calls with preview stylesheet
add_filter('stylesheet', 'ChildThemeConfiguratorPreview::preview_theme_stylesheet_filter');
}
// swap out theme mods with preview theme mods
add_filter('pre_option_theme_mods_' . get_option('stylesheet'), 'ChildThemeConfiguratorPreview::preview_mods');
// impossibly high priority to test for stylesheets loaded after wp_head()
add_action('wp_print_styles', 'ChildThemeConfiguratorPreview::test_css', 999999);
// pass the wp_styles queue back to use for stylesheet handle verification
add_action('wp_footer', 'ChildThemeConfiguratorPreview::parse_stylesheet');
}
开发者ID:sourabh-mehra,项目名称:ASVYS-Charity-Foundation,代码行数:42,代码来源:class-ctc-preview.php
示例12: intercept_page_template_request
public static function intercept_page_template_request($current)
{
// only perform this logic if the current requested assset is a page
if (!is_page()) {
return $current;
}
// get a list of our plugin page templates
$intercept = apply_filters('qsot-templates-page-templates', array());
// find the name of the template requested by this page
$template = get_page_template_slug();
// if the template is on the list of templates inside our plugin, then
if (isset($intercept[$template])) {
$templates = array();
// add our file to a list of files to search for in the plugin template dir
if ($template && 0 === validate_file($template)) {
$templates[] = $template;
}
// find any files that match the filename in the stylesheet dir, then the theme dir, then our plugin dir. if none are found, then use whatever the $current was when the function was called
$current = apply_filters('qsot-locate-template', $current, $templates);
}
return $current;
}
开发者ID:Jayriq,项目名称:opentickets-community,代码行数:22,代码来源:templates.php
示例13: wp_get_active_and_valid_plugins
/**
* Retrieve an array of active and valid plugin files.
*
* While upgrading or installing WordPress, no plugins are returned.
*
* The default directory is wp-content/plugins. To change the default
* directory manually, define `WP_PLUGIN_DIR` and `WP_PLUGIN_URL`
* in wp-config.php.
*
* @since 3.0.0
* @access private
*
* @return array Files.
*/
function wp_get_active_and_valid_plugins()
{
$plugins = array();
$active_plugins = (array) get_option('active_plugins', array());
if (empty($active_plugins) || wp_installing()) {
return $plugins;
}
$network_plugins = is_multisite() ? wp_get_active_network_plugins() : false;
foreach ($active_plugins as $plugin) {
if (!validate_file($plugin) && '.php' == substr($plugin, -4) && file_exists(WP_PLUGIN_DIR . '/' . $plugin) && (!$network_plugins || !in_array(WP_PLUGIN_DIR . '/' . $plugin, $network_plugins))) {
$plugins[] = WP_PLUGIN_DIR . '/' . $plugin;
}
}
return $plugins;
}
开发者ID:hughnet,项目名称:WordPress,代码行数:29,代码来源:load.php
示例14: validate_plugin
/**
* Validate a plugin filename
*
* Checks that the file exists and {@link validate_file() is valid file}. If
* it either condition is not met, returns false and adds an error to the
* {@see MessageHandler} stack.
*
* @since 1.0
*
* @param $filename Path to plugin
* @return bool True if file exists and is valid, otherwise an exception will be thrown
*/
function validate_plugin($filename)
{
switch (validate_file($filename)) {
case 1:
case 2:
throw new Exception(_r('Invalid plugin path.'), Errors::get_code('admin.plugins.invalid_path'));
break;
default:
if (file_exists(get_plugin_dir() . $filename)) {
return true;
} else {
throw new Exception(_r('Plugin file was not found.'), Errors::get_code('admin.plugins.not_found'));
}
}
return false;
}
开发者ID:rmccue,项目名称:Lilina,代码行数:28,代码来源:plugin-functions.php
示例15: preview_theme
/**
* Start preview theme output buffer.
*
* Will only preform task if the user has permissions and template and preview
* query variables exist.
*
* @since 2.6.0
*/
function preview_theme()
{
if (!(isset($_GET['template']) && isset($_GET['preview']))) {
return;
}
if (!current_user_can('switch_themes')) {
return;
}
// Admin Thickbox requests
if (isset($_GET['preview_iframe'])) {
show_admin_bar(false);
}
$_GET['template'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['template']);
if (validate_file($_GET['template'])) {
return;
}
add_filter('template', '_preview_theme_template_filter');
if (isset($_GET['stylesheet'])) {
$_GET['stylesheet'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['stylesheet']);
if (validate_file($_GET['stylesheet'])) {
return;
}
add_filter('stylesheet', '_preview_theme_stylesheet_filter');
}
// Prevent theme mods to current theme being used on theme being previewed
add_filter('pre_option_theme_mods_' . get_option('stylesheet'), '__return_empty_array');
ob_start('preview_theme_ob_filter');
}
开发者ID:radman,项目名称:noobyo-blog,代码行数:36,代码来源:theme.php
示例16: validate_file_to_edit
/**
* Make sure that the file that was requested to edit, is allowed to be edited
*
* Function will die if if you are not allowed to edit the file
*
* @since 1.5.0
*
* @param string $file file the users is attempting to edit
* @param array $allowed_files Array of allowed files to edit, $file must match an entry exactly
* @return string|null
*/
function validate_file_to_edit( $file, $allowed_files = '' ) {
$code = validate_file( $file, $allowed_files );
if (!$code )
return $file;
switch ( $code ) {
case 1 :
wp_die( __( 'Sorry, that file cannot be edited.' ) );
// case 2 :
// wp_die( __('Sorry, can’t call files with their real path.' ));
case 3 :
wp_die( __( 'Sorry, that file cannot be edited.' ) );
}
}
开发者ID:ShankarVellal,项目名称:WordPress,代码行数:28,代码来源:file.php
示例17: elseif
require_once ABSPATH . 'wp-admin/admin-header.php';
}
if (file_exists(WPMU_PLUGIN_DIR . "/{$plugin_page}")) {
include WPMU_PLUGIN_DIR . "/{$plugin_page}";
} else {
include WP_PLUGIN_DIR . "/{$plugin_page}";
}
}
include ABSPATH . 'wp-admin/admin-footer.php';
exit;
} elseif (isset($_GET['import'])) {
$importer = $_GET['import'];
if (!current_user_can('import')) {
wp_die(__('You are not allowed to import.'));
}
if (validate_file($importer)) {
wp_redirect(admin_url('import.php?invalid=' . $importer));
exit;
}
if (!isset($wp_importers[$importer]) || !is_callable($wp_importers[$importer][2])) {
wp_redirect(admin_url('import.php?invalid=' . $importer));
exit;
}
/**
* Fires before an importer screen is loaded.
*
* The dynamic portion of the hook name, `$importer`, refers to the importer slug.
*
* @since 3.5.0
*/
do_action('load-importer-' . $importer);
开发者ID:yaoyonstudio,项目名称:WordPress,代码行数:31,代码来源:admin.php
示例18: die
require_once '../define.php';
if (!current_user_can('level_8')) {
die("You must be a WordPress Administrator to view the Duplicator logs.");
}
$logs = glob(DUPLICATOR_SSDIR_PATH . '/*.log');
if (count($logs)) {
@chmod(duplicator_safe_path($logs[0]), 0644);
}
if (count($logs)) {
@usort($logs, create_function('$a,$b', 'return filemtime($b) - filemtime($a);'));
}
if (isset($_GET['logname'])) {
$logname = trim($_GET['logname']);
//prevent escaping the folder
$validFiles = array_map('basename', $logs);
if (validate_file($logname, $validFiles) > 0) {
//Invalid filename provided, don't use it
unset($logname);
}
//done with validFiles
unset($validFiles);
}
if (!isset($logname) || !$logname) {
$logname = basename($logs[0]);
}
$logpath = DUPLICATOR_SSDIR_PATH . '/' . $logname;
$logfound = strlen($logname) > 0 ? true : false;
$handle = @fopen($logpath, "c+");
$file = $handle ? fread($handle, filesize($logpath)) : "";
@fclose($handle);
$plugins_url = plugins_url();
开发者ID:kristinakarnitskaya,项目名称:larkyonline,代码行数:31,代码来源:log-read.php
示例19: WP_Widget_Factory
*/
$GLOBALS['wp_widget_factory'] = new WP_Widget_Factory();
/**
* WordPress User Roles
* @global object $wp_roles
* @since 2.0.0
*/
$GLOBALS['wp_roles'] = new WP_Roles();
do_action('setup_theme');
// Define the template related constants.
wp_templating_constants();
// Load the default text localization domain.
load_default_textdomain();
$locale = get_locale();
$locale_file = WP_LANG_DIR . "/{$locale}.php";
if (0 === validate_file($locale) && is_readable($locale_file)) {
require $locale_file;
}
unset($locale_file);
// Pull in locale data after loading text domain.
require_once ABSPATH . WPINC . '/locale.php';
/**
* WordPress Locale object for loading locale domain date and various strings.
* @global object $wp_locale
* @since 2.1.0
*/
$GLOBALS['wp_locale'] = new WP_Locale();
// Load the functions for the active theme, for both parent and child theme if applicable.
if (!defined('WP_INSTALLING') || 'wp-activate.php' === $pagenow) {
if (TEMPLATEPATH !== STYLESHEETPATH && file_exists(STYLESHEETPATH . '/functions.php')) {
include STYLESHEETPATH . '/functions.php';
开发者ID:openify,项目名称:wordpress-composer,代码行数:31,代码来源:wp-settings.php
示例20: render
/**
* Render various admin template files
*
* @param string $view file slug
* @since 0.4
*/
function render($view = '')
{
if (empty($view)) {
return;
}
$this->_set_global_query_for_tables($view);
require_once ABSPATH . '/wp-admin/includes/class-wp-list-table.php';
require_once ABSPATH . '/wp-admin/includes/class-wp-posts-list-table.php';
require_once ABSPATH . '/wp-admin/includes/class-wp-media-list-table.php';
require_once FU_ROOT . '/lib/php/class-frontend-uploader-wp-media-list-table.php';
require_once FU_ROOT . '/lib/php/class-frontend-uploader-wp-posts-list-table.php';
$file = FU_ROOT . "/lib/views/manage-ugc-{$view}.tpl.php";
if (0 === validate_file($file)) {
include_once $file;
}
}
开发者ID:rinatkhaziev,项目名称:wp-frontend-uploader,代码行数:22,代码来源:frontend-uploader.php
注:本文中的validate_file函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论