kharissulistiyo · November 28, 2024 12:58
diff --git a/bad-code-sample-arbitrary-file-download.php b/bad-code-sample-arbitrary-file-download.php
 <?php

  public function file_download() {
          if ( !is_admin() || !is_user_logged_in() )
                  return;

          if ( isset($_GET['page']) && isset($_GET['download']) ) {
                  if ( $_GET['page'] !== $this->menu_base )
                          return;

                  if ($this->wp_version_check('2.5') && function_exists('check_admin_referer'))
                          check_admin_referer('backup', self::NONCE_NAME);

                  $getdata = $this->get_real_get_data();

                  if (($file = realpath($getdata['download'])) !== FALSE) {

                          if( strtolower( substr( $file, -4 ) ) == ".log" ) {
                                  header("Content-Type: text/plain;");
                          } else {
                                  header("Content-Type: application/octet-stream;");
                          }
                          header("Content-Disposition: attachment; filename=".urlencode(basename($file)));

                  }

          }
  }
	<?php

	public function file_download() {
	if ( !is_admin() \|\| !is_user_logged_in() )
	return;

	if ( isset($_GET['page']) && isset($_GET['download']) ) {
	if ( $_GET['page'] !== $this->menu_base )
	return;

	if ($this->wp_version_check('2.5') && function_exists('check_admin_referer'))
	check_admin_referer('backup', self::NONCE_NAME);

	$getdata = $this->get_real_get_data();

	if (($file = realpath($getdata['download'])) !== FALSE) {

	if( strtolower( substr( $file, -4 ) ) == ".log" ) {
	header("Content-Type: text/plain;");
	} else {
	header("Content-Type: application/octet-stream;");
	}
	header("Content-Disposition: attachment; filename=".urlencode(basename($file)));

	}

	}
	}