WordPress用户上传没有扩展名的照片 [英] WordPress user uploading photos without extensions
问题描述
我在这里遇到最奇怪的问题.我的网站上有一位作家使用WordPress 4.2.2(但这种情况发生了几个月),一直上传带有())
,00
之类名称的照片,甚至没有扩展名,并且由于某些黑暗的原因,这些图像绕过了WordPress上传过滤器并获得诸如jpg
或jpg4
之类的疯狂名称.
当我们使用图像调整大小系统结束创建以jpg12-250x100.
(请注意尾随点)之类的名称的图像时,混乱会更大.
因此,我们的CloudFlare缓存中断了,内部缓存中断了,并且为了结束这个少年的卧室,我无法通过超级用户访问来重现此错误,甚至 .我已经检查了他的用户,而他没有unfiltered_upload
的角色.
我什至都不知道该如何开始调查,因为我无法使用自己的帐户进行调查.在WordPress的上传系统上是否有任何过滤器,我可以在所有插件中进行搜索以隔离可疑代码?我现在完全瞎了.
谢谢, 维尼修斯.
您可以检查wp_check_filetype_and_ext
来检查文件类型和正确的扩展名.
参考: https://codex.wordpress.org/Function_Reference/wp_check_filetype_and_ext >
您可以使用wp_handle_upload
钩子来处理上传的文件,类似于:
https://wordpress.stackexchange.com/a/38585
I am with the strangest issue here. There is a writer here on my website, using WordPress 4.2.2 (but it happens for months) that keeps uploading photos with names such as ())
, 00
without even an extension and for some dark reason, these images bypass the WordPress upload filter and get crazy names such as simply jpg
or jpg4
.
The mess is even bigger when we use our image resize system that ends creating images with names such as jpg12-250x100.
(note the trailing dot).
So our CloudFlare cache breaks, the internal cache breaks and to finish up this teenager's bedroom, I am not able to reproduce this error even with superuser access. I already checked his user and he doesn't have the role to unfiltered_upload
.
I don't know even how to start this investigation because I can't do it with my account. Is there any filter at the WordPress' upload system that I can search across my plugins to isolate the suspect code? I am totally blind right now.
Thanks, Vinicius.
You can check wp_check_filetype_and_ext
to check the filetype and proper extension.
Reference: https://codex.wordpress.org/Function_Reference/wp_check_filetype_and_ext
You can use wp_handle_upload
hook to process uploaded file, similar to:
https://wordpress.stackexchange.com/a/38585
这篇关于WordPress用户上传没有扩展名的照片的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!