WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Restrict wp_remote_fopen to remote files. 

git-svn-id: http://svn.automattic.com/wordpress/trunk@4752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2007-01-16 18:41:05 +00:00
parent 4f2db4c4f3
commit 8f84936e4b
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
wp-includes/functions.php
View File

@ -774,10 +774,21 @@ function add_magic_quotes($array) {
} }
function wp_remote_fopen( $uri ) { function wp_remote_fopen( $uri ) {
$timeout = 10;
$parsed_url = @parse_url($uri);
if ( !$parsed_url || !is_array($parsed_url) )
return false;
if ( !isset($parsed_url['scheme']) || !in_array($parsed_url['scheme'], array('http','https')) )
$uri = 'http://' . $uri;
if ( ini_get('allow_url_fopen') ) { if ( ini_get('allow_url_fopen') ) {
$fp = @fopen( $uri, 'r' ); $fp = @fopen( $uri, 'r' );
if ( !$fp ) if ( !$fp )
return false; return false;
//stream_set_timeout($fp, $timeout); // Requires php 4.3
$linea = ''; $linea = '';
while( $remote_read = fread($fp, 4096) ) while( $remote_read = fread($fp, 4096) )
$linea .= $remote_read; $linea .= $remote_read;
@ -788,6 +799,7 @@ function wp_remote_fopen( $uri ) {
curl_setopt ($handle, CURLOPT_URL, $uri); curl_setopt ($handle, CURLOPT_URL, $uri);
curl_setopt ($handle, CURLOPT_CONNECTTIMEOUT, 1); curl_setopt ($handle, CURLOPT_CONNECTTIMEOUT, 1);
curl_setopt ($handle, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($handle, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($handle, CURLOPT_TIMEOUT, $timeout);
$buffer = curl_exec($handle); $buffer = curl_exec($handle);
curl_close($handle); curl_close($handle);
return $buffer; return $buffer;