Ticket #6933: allow-config-file-outside-of-webroot.patch
| File allow-config-file-outside-of-webroot.patch, 15.4 kB (added by sambauers, 7 months ago) |
|---|
-
wp-pass.php
old new 1 1 <?php 2 require( dirname(__FILE__) . '/wp- config.php');2 require( dirname(__FILE__) . '/wp-load.php'); 3 3 4 4 if ( get_magic_quotes_gpc() ) 5 5 $_POST['post_password'] = stripslashes($_POST['post_password']); -
wp-rss.php
old new 1 1 <?php 2 2 3 3 if (empty($wp)) { 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 wp('feed=rss'); 6 6 } 7 7 -
wp-comments-post.php
old new 5 5 header('Content-Type: text/plain'); 6 6 exit; 7 7 } 8 require( dirname(__FILE__) . '/wp- config.php' );8 require( dirname(__FILE__) . '/wp-load.php' ); 9 9 10 10 nocache_headers(); 11 11 -
wp-login.php
old new 1 1 <?php 2 require( dirname(__FILE__) . '/wp- config.php' );2 require( dirname(__FILE__) . '/wp-load.php' ); 3 3 4 4 // Rather than duplicating this HTML all over the place, we'll stick it in function 5 5 function login_header($title = 'Login', $message = '', $wp_error = '') { -
wp-blog-header.php
old new 1 1 <?php 2 2 3 if (! isset($wp_did_header)): 4 if ( !file_exists( dirname(__FILE__) . '/wp-config.php') ) { 5 if (strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false) $path = ''; 6 else $path = 'wp-admin/'; 3 if ( !isset($wp_did_header) ) { 7 4 8 require_once( dirname(__FILE__) . '/wp-includes/classes.php'); 9 require_once( dirname(__FILE__) . '/wp-includes/functions.php'); 10 require_once( dirname(__FILE__) . '/wp-includes/plugin.php'); 11 wp_die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Editing_wp-config.php'>We got it</a>. You can create a <code>wp-config.php</code> file through a web interface, but this doesn't work for all server setups. The safest way is to manually create the file.</p><p><a href='{$path}setup-config.php' class='button'>Create a Configuration File</a>", "WordPress › Error"); 12 } 5 $wp_did_header = true; 13 6 14 $wp_did_header = true;7 require_once( dirname(__FILE__) . '/wp-load.php' ); 15 8 16 require_once( dirname(__FILE__) . '/wp-config.php');9 wp(); 17 10 18 wp();11 require_once( ABSPATH . WPINC . '/template-loader.php' ); 19 12 20 require_once(ABSPATH . WPINC . '/template-loader.php'); 13 } 21 14 22 endif;23 24 15 ?> -
wp-rdf.php
old new 1 1 <?php /* RDF 1.0 generator, original version by garym@teledyn.com */ 2 2 3 3 if (empty($wp)) { 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 wp('feed=rdf'); 6 6 } 7 7 -
wp-load.php
old new 1 <?php 2 3 // Define ABSPATH as this files directory 4 define( 'ABSPATH', dirname(__FILE__) . '/' ); 5 6 if ( file_exists( ABSPATH . 'wp-config.php') ) { 7 8 // The config file resides in ABSPATH 9 require_once( ABSPATH . 'wp-config.php' ); 10 11 } elseif ( file_exists( dirname(ABSPATH) . '/wp-config.php' ) ) { 12 13 // The config file resides one level below ABSPATH 14 require_once( dirname(ABSPATH) . '/wp-config.php' ); 15 16 } else { 17 18 // A config file doesn't exist 19 20 // Set a path for the link to the installer 21 if (strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false) $path = ''; 22 else $path = 'wp-admin/'; 23 24 // Die with an error message 25 require_once( ABSPATH . '/wp-includes/classes.php' ); 26 require_once( ABSPATH . '/wp-includes/functions.php' ); 27 require_once( ABSPATH . '/wp-includes/plugin.php' ); 28 wp_die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Editing_wp-config.php'>We got it</a>. You can create a <code>wp-config.php</code> file through a web interface, but this doesn't work for all server setups. The safest way is to manually create the file.</p><p><a href='{$path}setup-config.php' class='button'>Create a Configuration File</a>", "WordPress › Error"); 29 30 } 31 32 ?> -
wp-app.php
old new 9 9 10 10 define('APP_REQUEST', true); 11 11 12 require_once('./wp- config.php');12 require_once('./wp-load.php'); 13 13 require_once(ABSPATH . WPINC . '/post-template.php'); 14 14 require_once(ABSPATH . WPINC . '/atomlib.php'); 15 15 require_once(ABSPATH . WPINC . '/feed.php'); -
wp-includes/js/tinymce/tiny_mce_config.php
old new 4 4 * $Id: tiny_mce_gzip.php 315 2007-10-25 14:03:43Z spocke $ 5 5 * 6 6 * @author Moxiecode 7 * @copyright Copyright �2005-2006, Moxiecode Systems AB, All rights reserved.7 * @copyright Copyright © 2005-2006, Moxiecode Systems AB, All rights reserved. 8 8 * 9 9 * This file compresses the TinyMCE JavaScript using GZip. 10 10 **/ … … 12 12 // Discard any buffers 13 13 while ( @ob_end_clean() ); 14 14 15 @ require('../../../wp- config.php');15 @ require('../../../wp-load.php'); 16 16 17 17 function getFileContents($path) { 18 18 -
wp-includes/js/tinymce/wp-mce-help.php
old new 1 <?php require_once('../../../wp- config.php');1 <?php require_once('../../../wp-load.php'); 2 2 header('Content-Type: text/html; charset=' . get_bloginfo('charset')); 3 3 ?> 4 4 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -
xmlrpc.php
old new 15 15 if ( isset($HTTP_RAW_POST_DATA) ) 16 16 $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); 17 17 18 include('./wp- config.php');18 include('./wp-load.php'); 19 19 20 20 if ( isset( $_GET['rsd'] ) ) { // http://archipelago.phrasewise.com/rsd 21 21 header('Content-Type: text/xml; charset=' . get_option('blog_charset'), true); -
wp-mail.php
old new 1 1 <?php 2 require(dirname(__FILE__) . '/wp- config.php');2 require(dirname(__FILE__) . '/wp-load.php'); 3 3 4 4 require_once(ABSPATH.WPINC.'/class-pop3.php'); 5 5 -
wp-register.php
old new 3 3 # This file is deprecated, but you shouldn't have been linking to it directly anyway :P 4 4 # Use wp_register() to create a registration link instead, it's much better ;) 5 5 6 require('./wp- config.php');6 require('./wp-load.php'); 7 7 wp_redirect('wp-login.php?action=register'); 8 8 9 9 ?> -
wp-config-sample.php
old new 23 23 24 24 /* That's all, stop editing! Happy blogging. */ 25 25 26 define('ABSPATH', dirname(__FILE__).'/'); 27 require_once(ABSPATH.'wp-settings.php'); 26 if ( !defined('ABSPATH') ) 27 define('ABSPATH', dirname(__FILE__) . '/'); 28 require_once(ABSPATH . 'wp-settings.php'); 28 29 ?> -
wp-links-opml.php
old new 1 1 <?php 2 2 3 3 if (empty($wp)) { 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 wp(); 6 6 } 7 7 -
wp-trackback.php
old new 1 1 <?php 2 2 3 3 if (empty($wp)) { 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 wp('tb=1'); 6 6 } 7 7 -
wp-rss2.php
old new 1 1 <?php 2 2 3 3 if (empty($wp)) { 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 wp('feed=rss2'); 6 6 } 7 7 -
wp-commentsrss2.php
old new 1 1 <?php 2 2 3 3 if (empty($wp)) { 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 wp('feed=rss2&withcomments=1'); 6 6 } 7 7 -
wp-atom.php
old new 1 1 <?php 2 2 3 3 if (empty($wp)) { 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 wp('feed=atom'); 6 6 } 7 7 -
wp-cron.php
old new 1 1 <?php 2 2 ignore_user_abort(true); 3 3 define('DOING_CRON', TRUE); 4 require_once('./wp- config.php');4 require_once('./wp-load.php'); 5 5 6 6 if ( $_GET['check'] != wp_hash('187425') ) 7 7 exit; -
wp-admin/update-links.php
old new 1 1 <?php 2 require_once('../wp- config.php');2 require_once('../wp-load.php'); 3 3 require_once( ABSPATH . 'wp-includes/class-snoopy.php'); 4 4 5 5 if ( !get_option('use_linksupdate') ) -
wp-admin/admin-ajax.php
old new 1 1 <?php 2 2 define('DOING_AJAX', true); 3 3 4 require_once('../wp- config.php');4 require_once('../wp-load.php'); 5 5 require_once('includes/admin.php'); 6 6 7 7 if ( !is_user_logged_in() ) -
wp-admin/install-helper.php
old new 1 1 <?php 2 require_once(dirname(dirname(__FILE__)).'/wp-config.php'); 2 $wp_only_load_config = true; 3 require_once(dirname(dirname(__FILE__)).'/wp-load.php'); 3 4 $debug = 0; 4 5 5 6 /** -
wp-admin/admin.php
old new 2 2 define('WP_ADMIN', TRUE); 3 3 4 4 if ( defined('ABSPATH') ) 5 require_once( ABSPATH . 'wp-config.php');5 require_once(ABSPATH . 'wp-load.php'); 6 6 else 7 require_once('../wp-config.php');7 require_once('../wp-load.php'); 8 8 9 9 if ( get_option('db_version') != $wp_db_version ) { 10 10 wp_redirect(get_option('siteurl') . '/wp-admin/upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI']))); -
wp-admin/async-upload.php
old new 5 5 */ 6 6 7 7 if ( defined('ABSPATH') ) 8 require_once( ABSPATH . 'wp-config.php');8 require_once(ABSPATH . 'wp-load.php'); 9 9 else 10 require_once('../wp-config.php');10 require_once('../wp-load.php'); 11 11 12 12 // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead 13 13 if ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) -
wp-admin/moderation.php
old new 1 1 <?php 2 require_once('../wp- config.php');2 require_once('../wp-load.php'); 3 3 wp_redirect('edit-comments.php?comment_status=moderated'); 4 4 ?> -
wp-admin/upgrade.php
old new 1 1 <?php 2 2 define('WP_INSTALLING', true); 3 if (!file_exists('../wp-config.php'))4 die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Installing_WordPress#Step_3:_Set_up_wp-config.php'>We got it</a>. You can create a <code>wp-config.php</code> file through a web interface, but this doesn't work for all server setups. The safest way is to manually create the file.</p><p><a href='setup-config.php' class='button'>Create a Configuration File</a>");5 3 6 require('../wp- config.php');4 require('../wp-load.php'); 7 5 timer_start(); 8 6 require_once(ABSPATH . 'wp-admin/includes/upgrade.php'); 9 7 -
wp-admin/setup-config.php
old new 20 20 if (file_exists('../wp-config.php')) 21 21 wp_die("<p>The file 'wp-config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href='install.php'>installing now</a>.</p>"); 22 22 23 // Check if wp-config.php exists above the root directory 24 if (file_exists('../../wp-config.php')) 25 wp_die("<p>The file 'wp-config.php' already exists one level above your WordPress installation. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href='install.php'>installing now</a>.</p>"); 26 23 27 if (isset($_GET['step'])) 24 28 $step = $_GET['step']; 25 29 else -
wp-admin/install.php
old new 1 1 <?php 2 2 define('WP_INSTALLING', true); 3 if (!file_exists('../wp-config.php')) {4 require_once('../wp-includes/compat.php');5 require_once('../wp-includes/functions.php');6 wp_die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Editing_wp-config.php'>We got it</a>. You can create a <code>wp-config.php</code> file through a web interface, but this doesn't work for all server setups. The safest way is to manually create the file.</p><p><a href='setup-config.php' class='button'>Create a Configuration File</a>", "WordPress › Error");7 }8 3 9 require_once('../wp- config.php');4 require_once('../wp-load.php'); 10 5 require_once('./includes/upgrade.php'); 11 6 12 7 if (isset($_GET['step'])) -
wp-admin/link-parse-opml.php
old new 1 1 <?php 2 require_once('../wp- config.php');2 require_once('../wp-load.php'); 3 3 4 4 // columns we wish to find are: link_url, link_name, link_target, link_description 5 5 // we need to map XML attribute names to our columns
