Changeset 3343244
- Timestamp:
- 08/12/2025 03:34:33 AM (7 months ago)
- Location:
- mxp-dev-tools
- Files:
-
- 10 edited
- 1 copied
-
tags/3.3.6 (copied) (copied from mxp-dev-tools/trunk)
-
tags/3.3.6/index.php (modified) (2 diffs)
-
tags/3.3.6/mxp-login-path.php (modified) (1 diff)
-
tags/3.3.6/mxp-site-manager.php (modified) (2 diffs)
-
tags/3.3.6/mxp-snippets.php (modified) (6 diffs)
-
tags/3.3.6/readme.txt (modified) (2 diffs)
-
trunk/index.php (modified) (2 diffs)
-
trunk/mxp-login-path.php (modified) (1 diff)
-
trunk/mxp-site-manager.php (modified) (2 diffs)
-
trunk/mxp-snippets.php (modified) (6 diffs)
-
trunk/readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
mxp-dev-tools/tags/3.3.6/index.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ … … 39 39 use SearchReplace; 40 40 use Utility; 41 static $VERSION = '3.3. 5';41 static $VERSION = '3.3.6'; 42 42 private $themeforest_api_base_url = 'https://api.envato.com/v3'; 43 43 protected static $instance = null; -
mxp-dev-tools/tags/3.3.6/mxp-login-path.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ -
mxp-dev-tools/tags/3.3.6/mxp-site-manager.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ … … 39 39 class MDTSiteManager { 40 40 public $plugin_slug = 'mdt-site-manager'; 41 public static $VERSION = '3.3. 5';41 public static $VERSION = '3.3.6'; 42 42 43 43 public function __construct() { -
mxp-dev-tools/tags/3.3.6/mxp-snippets.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ … … 114 114 // 單獨給指定的管理員開啟後台檔案形式操作,陣列指定管理員ID 115 115 if (!defined('MDT_DISALLOW_FILE_MODS_ADMINS')) { 116 define('MDT_DISALLOW_FILE_MODS_ADMINS', array(1)); 116 // 沒指定的話,預設先抓當前所有管理員 117 global $wpdb; 118 119 $admin_ids = []; 120 121 // 當前站點的 capabilities meta_key 122 $cap_meta_key = $wpdb->get_blog_prefix() . 'capabilities'; 123 124 // 取得當前站點 Administrator ID 125 $site_admin_ids = $wpdb->get_col($wpdb->prepare( 126 "SELECT user_id 127 FROM {$wpdb->usermeta} 128 WHERE meta_key = %s 129 AND meta_value LIKE %s", 130 $cap_meta_key, 131 '%\"administrator\"%' 132 )); 133 $admin_ids = array_merge($admin_ids, array_map('intval', $site_admin_ids)); 134 135 // 如果是 Multisite,抓取 Super Admin 136 if (is_multisite()) { 137 // 取得 super admin 帳號名稱 138 $super_admins = maybe_unserialize($wpdb->get_var($wpdb->prepare( 139 "SELECT meta_value FROM {$wpdb->sitemeta} WHERE meta_key = %s", 140 'site_admins' 141 ))); 142 143 if (is_array($super_admins) && $super_admins) { 144 // 轉換 super admin 帳號名稱為 ID 145 $placeholders = implode(',', array_fill(0, count($super_admins), '%s')); 146 $sql = "SELECT ID FROM {$wpdb->users} WHERE user_login IN ($placeholders)"; 147 $super_admin_ids = $wpdb->get_col($wpdb->prepare($sql, ...$super_admins)); 148 $admin_ids = array_merge($admin_ids, array_map('intval', $super_admin_ids)); 149 } 150 } 151 152 // 去重 153 $admin_ids = array_values(array_unique($admin_ids)); 154 define('MDT_DISALLOW_FILE_MODS_ADMINS', $admin_ids); 117 155 } 118 156 // 顯示後台內容的系統編號 … … 212 250 define('MDT_BASIC_AUTH_BYPASS_IN_SECONDS', MONTH_IN_SECONDS); 213 251 } 214 252 // 解除授權管理員的上傳限制(媒體類型、媒體大小) 253 if (!defined("MDT_ENABLE_ADMIN_FILE_UPLOAD_UNLIMITED")) { 254 define('MDT_ENABLE_ADMIN_FILE_UPLOAD_UNLIMITED', true); 255 } 215 256 class MDTSnippets { 216 257 public function __construct() { … … 401 442 add_filter('map_meta_cap', array($this, 'restrict_user_editing'), 99999, 4); 402 443 add_filter('pre_count_users', array($this, 'filter_user_counts'), 99999, 3); 444 // 預設管理員都打開最完整的上傳媒體與容量限制(除了伺服器外的設定) 445 if (MDT_ENABLE_ADMIN_FILE_UPLOAD_UNLIMITED) { 446 /** 447 * 允許指定使用者上傳任意副檔名 448 */ 449 add_filter('upload_mimes', array($this, 'mxp_upload_mimes'), 99999, 2); 450 /** 451 * 移除檔案大小限制 452 */ 453 add_filter('upload_size_limit', array($this, 'mxp_upload_size_limit'), 99999, 3); 454 /** 455 * 覆寫 WordPress 的檔案類型檢查,保留真實 MIME 456 */ 457 add_filter('wp_check_filetype_and_ext', array($this, 'mxp_wp_check_filetype_and_ext'), 99999, 4); 458 } 403 459 } 404 460 if (MDT_ENABLE_OVERWRITE_I18N_MO_FILE) { … … 423 479 } 424 480 add_filter('mxp_dev_basic_auth_bypass_check', array($this, 'mxp_dev_basic_auth_bypass_filter')); 481 425 482 } 426 483 … … 1307 1364 } 1308 1365 1366 public function mxp_upload_mimes($mimes, $user) { 1367 if (in_array(get_current_user_id(), MDT_DISALLOW_FILE_MODS_ADMINS)) { 1368 // 允許所有副檔名 1369 $mimes['*'] = 'application/octet-stream'; 1370 } 1371 return $mimes; 1372 } 1373 1374 public function mxp_upload_size_limit($size, $u_bytes, $p_bytes) { 1375 if (in_array(get_current_user_id(), MDT_DISALLOW_FILE_MODS_ADMINS)) { 1376 return PHP_INT_MAX; // 幾乎無限制 1377 } 1378 return $size; 1379 } 1380 public function mxp_wp_check_filetype_and_ext($data, $file, $filename, $mimes) { 1381 if (in_array(get_current_user_id(), MDT_DISALLOW_FILE_MODS_ADMINS)) { 1382 $ext = pathinfo($filename, PATHINFO_EXTENSION); 1383 1384 // 使用 PHP 的 Fileinfo 來偵測真實 MIME 類型 1385 if (function_exists('finfo_open')) { 1386 $finfo = finfo_open(FILEINFO_MIME_TYPE); 1387 $mime_type = finfo_file($finfo, $file); 1388 finfo_close($finfo); 1389 } elseif (function_exists('mime_content_type')) { 1390 $mime_type = mime_content_type($file); 1391 } else { 1392 $mime_type = 'application/octet-stream'; 1393 } 1394 1395 $data['ext'] = strtolower($ext); 1396 $data['type'] = $mime_type ?: 'application/octet-stream'; 1397 $data['proper_filename'] = $filename; 1398 } 1399 return $data; 1400 } 1309 1401 public function filter_user_query_qrgs($args) { 1310 1402 //Exclude superusers if the current user is not a superuser. -
mxp-dev-tools/tags/3.3.6/readme.txt
r3285988 r3343244 6 6 Requires PHP: 5.6 7 7 Tested up to: 6.8 8 Stable tag: 3.3. 58 Stable tag: 3.3.6 9 9 License: GPLv2 or later 10 10 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 77 77 78 78 == Changelog == 79 80 = 3.3.6 = 81 82 * 調整授權管理員的上傳為無限制 83 * 預設未指定授權管理員時指定為網站當前的管理員群 79 84 80 85 = 3.3.5 = -
mxp-dev-tools/trunk/index.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ … … 39 39 use SearchReplace; 40 40 use Utility; 41 static $VERSION = '3.3. 5';41 static $VERSION = '3.3.6'; 42 42 private $themeforest_api_base_url = 'https://api.envato.com/v3'; 43 43 protected static $instance = null; -
mxp-dev-tools/trunk/mxp-login-path.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ -
mxp-dev-tools/trunk/mxp-site-manager.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ … … 39 39 class MDTSiteManager { 40 40 public $plugin_slug = 'mdt-site-manager'; 41 public static $VERSION = '3.3. 5';41 public static $VERSION = '3.3.6'; 42 42 43 43 public function __construct() { -
mxp-dev-tools/trunk/mxp-snippets.php
r3285988 r3343244 7 7 * Requires PHP: 5.6 8 8 * Tested up to: 6.8 9 * Stable tag: 3.3. 510 * Version: 3.3. 59 * Stable tag: 3.3.6 10 * Version: 3.3.6 11 11 * Author: Chun 12 12 * Author URI: https://www.mxp.tw/contact/ … … 114 114 // 單獨給指定的管理員開啟後台檔案形式操作,陣列指定管理員ID 115 115 if (!defined('MDT_DISALLOW_FILE_MODS_ADMINS')) { 116 define('MDT_DISALLOW_FILE_MODS_ADMINS', array(1)); 116 // 沒指定的話,預設先抓當前所有管理員 117 global $wpdb; 118 119 $admin_ids = []; 120 121 // 當前站點的 capabilities meta_key 122 $cap_meta_key = $wpdb->get_blog_prefix() . 'capabilities'; 123 124 // 取得當前站點 Administrator ID 125 $site_admin_ids = $wpdb->get_col($wpdb->prepare( 126 "SELECT user_id 127 FROM {$wpdb->usermeta} 128 WHERE meta_key = %s 129 AND meta_value LIKE %s", 130 $cap_meta_key, 131 '%\"administrator\"%' 132 )); 133 $admin_ids = array_merge($admin_ids, array_map('intval', $site_admin_ids)); 134 135 // 如果是 Multisite,抓取 Super Admin 136 if (is_multisite()) { 137 // 取得 super admin 帳號名稱 138 $super_admins = maybe_unserialize($wpdb->get_var($wpdb->prepare( 139 "SELECT meta_value FROM {$wpdb->sitemeta} WHERE meta_key = %s", 140 'site_admins' 141 ))); 142 143 if (is_array($super_admins) && $super_admins) { 144 // 轉換 super admin 帳號名稱為 ID 145 $placeholders = implode(',', array_fill(0, count($super_admins), '%s')); 146 $sql = "SELECT ID FROM {$wpdb->users} WHERE user_login IN ($placeholders)"; 147 $super_admin_ids = $wpdb->get_col($wpdb->prepare($sql, ...$super_admins)); 148 $admin_ids = array_merge($admin_ids, array_map('intval', $super_admin_ids)); 149 } 150 } 151 152 // 去重 153 $admin_ids = array_values(array_unique($admin_ids)); 154 define('MDT_DISALLOW_FILE_MODS_ADMINS', $admin_ids); 117 155 } 118 156 // 顯示後台內容的系統編號 … … 212 250 define('MDT_BASIC_AUTH_BYPASS_IN_SECONDS', MONTH_IN_SECONDS); 213 251 } 214 252 // 解除授權管理員的上傳限制(媒體類型、媒體大小) 253 if (!defined("MDT_ENABLE_ADMIN_FILE_UPLOAD_UNLIMITED")) { 254 define('MDT_ENABLE_ADMIN_FILE_UPLOAD_UNLIMITED', true); 255 } 215 256 class MDTSnippets { 216 257 public function __construct() { … … 401 442 add_filter('map_meta_cap', array($this, 'restrict_user_editing'), 99999, 4); 402 443 add_filter('pre_count_users', array($this, 'filter_user_counts'), 99999, 3); 444 // 預設管理員都打開最完整的上傳媒體與容量限制(除了伺服器外的設定) 445 if (MDT_ENABLE_ADMIN_FILE_UPLOAD_UNLIMITED) { 446 /** 447 * 允許指定使用者上傳任意副檔名 448 */ 449 add_filter('upload_mimes', array($this, 'mxp_upload_mimes'), 99999, 2); 450 /** 451 * 移除檔案大小限制 452 */ 453 add_filter('upload_size_limit', array($this, 'mxp_upload_size_limit'), 99999, 3); 454 /** 455 * 覆寫 WordPress 的檔案類型檢查,保留真實 MIME 456 */ 457 add_filter('wp_check_filetype_and_ext', array($this, 'mxp_wp_check_filetype_and_ext'), 99999, 4); 458 } 403 459 } 404 460 if (MDT_ENABLE_OVERWRITE_I18N_MO_FILE) { … … 423 479 } 424 480 add_filter('mxp_dev_basic_auth_bypass_check', array($this, 'mxp_dev_basic_auth_bypass_filter')); 481 425 482 } 426 483 … … 1307 1364 } 1308 1365 1366 public function mxp_upload_mimes($mimes, $user) { 1367 if (in_array(get_current_user_id(), MDT_DISALLOW_FILE_MODS_ADMINS)) { 1368 // 允許所有副檔名 1369 $mimes['*'] = 'application/octet-stream'; 1370 } 1371 return $mimes; 1372 } 1373 1374 public function mxp_upload_size_limit($size, $u_bytes, $p_bytes) { 1375 if (in_array(get_current_user_id(), MDT_DISALLOW_FILE_MODS_ADMINS)) { 1376 return PHP_INT_MAX; // 幾乎無限制 1377 } 1378 return $size; 1379 } 1380 public function mxp_wp_check_filetype_and_ext($data, $file, $filename, $mimes) { 1381 if (in_array(get_current_user_id(), MDT_DISALLOW_FILE_MODS_ADMINS)) { 1382 $ext = pathinfo($filename, PATHINFO_EXTENSION); 1383 1384 // 使用 PHP 的 Fileinfo 來偵測真實 MIME 類型 1385 if (function_exists('finfo_open')) { 1386 $finfo = finfo_open(FILEINFO_MIME_TYPE); 1387 $mime_type = finfo_file($finfo, $file); 1388 finfo_close($finfo); 1389 } elseif (function_exists('mime_content_type')) { 1390 $mime_type = mime_content_type($file); 1391 } else { 1392 $mime_type = 'application/octet-stream'; 1393 } 1394 1395 $data['ext'] = strtolower($ext); 1396 $data['type'] = $mime_type ?: 'application/octet-stream'; 1397 $data['proper_filename'] = $filename; 1398 } 1399 return $data; 1400 } 1309 1401 public function filter_user_query_qrgs($args) { 1310 1402 //Exclude superusers if the current user is not a superuser. -
mxp-dev-tools/trunk/readme.txt
r3285988 r3343244 6 6 Requires PHP: 5.6 7 7 Tested up to: 6.8 8 Stable tag: 3.3. 58 Stable tag: 3.3.6 9 9 License: GPLv2 or later 10 10 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 77 77 78 78 == Changelog == 79 80 = 3.3.6 = 81 82 * 調整授權管理員的上傳為無限制 83 * 預設未指定授權管理員時指定為網站當前的管理員群 79 84 80 85 = 3.3.5 =
Note: See TracChangeset
for help on using the changeset viewer.