WordPress用户上传没有扩展名的照片 [英] WordPress user uploading photos without extensions

问题描述

我在这里遇到最奇怪的问题.我的网站上有一位作家使用WordPress 4.2.2(但这种情况发生了几个月)，一直上传带有())，00之类名称的照片，甚至没有扩展名，并且由于某些黑暗的原因，这些图像绕过了WordPress上传过滤器并获得诸如jpg或jpg4之类的疯狂名称.

当我们使用图像调整大小系统结束创建以jpg12-250x100. (请注意尾随点)之类的名称的图像时，混乱会更大.

因此，我们的CloudFlare缓存中断了，内部缓存中断了，并且为了结束这个少年的卧室，我无法通过超级用户访问来重现此错误，甚至 .我已经检查了他的用户，而他没有unfiltered_upload的角色.

我什至都不知道该如何开始调查，因为我无法使用自己的帐户进行调查.在WordPress的上传系统上是否有任何过滤器，我可以在所有插件中进行搜索以隔离可疑代码?我现在完全瞎了.

谢谢， 维尼修斯.

解决方案

您可以检查wp_check_filetype_and_ext来检查文件类型和正确的扩展名.

参考: https://codex.wordpress.org/Function_Reference/wp_check_filetype_and_ext

您可以使用wp_handle_upload钩子来处理上传的文件，类似于: https://wordpress.stackexchange.com/a/38585

I am with the strangest issue here. There is a writer here on my website, using WordPress 4.2.2 (but it happens for months) that keeps uploading photos with names such as ()), 00 without even an extension and for some dark reason, these images bypass the WordPress upload filter and get crazy names such as simply jpg or jpg4.

The mess is even bigger when we use our image resize system that ends creating images with names such as jpg12-250x100. (note the trailing dot).

So our CloudFlare cache breaks, the internal cache breaks and to finish up this teenager's bedroom, I am not able to reproduce this error even with superuser access. I already checked his user and he doesn't have the role to unfiltered_upload.

I don't know even how to start this investigation because I can't do it with my account. Is there any filter at the WordPress' upload system that I can search across my plugins to isolate the suspect code? I am totally blind right now.

Thanks, Vinicius.

解决方案

You can check wp_check_filetype_and_ext to check the filetype and proper extension.

Reference: https://codex.wordpress.org/Function_Reference/wp_check_filetype_and_ext

You can use wp_handle_upload hook to process uploaded file, similar to: https://wordpress.stackexchange.com/a/38585

这篇关于WordPress用户上传没有扩展名的照片的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！