Hi, I need a solution to request the hidden files from a remote API.
I have a local running fork of it:
class orbisius_wp_media_uploads_protector {
function protect_uploads() {
if ( ! empty( $_REQUEST['orbisius_media_protector'] ) ) {
$req_file = $_REQUEST['orbisius_media_protector'];
$req_file = strip_tags($req_file); // sanitize
$req_file = trim($req_file);
$req_file = preg_replace('#\?.*#si', '', $req_file); // rm any request params
$req_file = substr($req_file, 0, 255);
// Define the bypass token from WordPress config (add this to your wp-config.php)
$bypass_token = defined('ORBISIUS_MEDIA_PROTECTOR_BYPASS_HEADER') ? ORBISIUS_MEDIA_PROTECTOR_BYPASS_HEADER : '';
if ( ! $this->check_file( $req_file ) ) {
wp_die( $req_file . " ... Invalid request.", 'Error' );
}
if ( !empty($bypass_token) && isset($_SERVER['HTTP_X_ORBIUS_MEDIA_PROTECTOR_BYPASS']) && $_SERVER['HTTP_X_ORBIUS_MEDIA_PROTECTOR_BYPASS'] !== $bypass_token ) {
wp_die( "Invalid bypass header.", 'Error' );
}
if ( headers_sent() ) {
wp_die( "Cannot deliver the file. Headers have already been sent.", 'Error' );
}
if ( is_user_logged_in() ||
!empty($bypass_token) && isset($_SERVER['HTTP_X_ORBIUS_MEDIA_PROTECTOR_BYPASS']) && $_SERVER['HTTP_X_ORBIUS_MEDIA_PROTECTOR_BYPASS'] === $bypass_token
) {
…
Hi, I need a solution to request the hidden files from a remote API.
I have a local running fork of it: