mirror_php/wordpress
1
0
Fork 0
mirror of git://develop.git.wordpress.org/ synced 2025-02-25 00:52:55 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

Tighten allowed upload file types.

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@25317 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2013-09-10 18:03:26 +00:00
parent 2c0b23557a
commit 31482a7968
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/wp-includes/functions.php
View File

@ -2023,10 +2023,18 @@ function wp_get_mime_types() {
* @uses apply_filters() Calls 'upload_mimes' on returned array * @uses apply_filters() Calls 'upload_mimes' on returned array
* @uses wp_get_upload_mime_types() to fetch the list of mime types * @uses wp_get_upload_mime_types() to fetch the list of mime types
* *
* @param int|WP_User $user Optional. User to check. Defaults to current user.
* @return array Array of mime types keyed by the file extension regex corresponding to those types. * @return array Array of mime types keyed by the file extension regex corresponding to those types.
*/ */
function get_allowed_mime_types() { function get_allowed_mime_types( $user = null ) {
return apply_filters( 'upload_mimes', wp_get_mime_types() ); $t = wp_get_mime_types();
unset( $t['swf'], $t['exe'] );
$unfiltered = $user ? user_can( $user, 'unfiltered_html' ) : current_user_can( 'unfiltered_html' );
if ( ! $unfiltered )
unset( $t['htm|html'] );
return apply_filters( 'upload_mimes', $t, $user );
} }
/** /**