תוכנית שטיפה וצילום

function handle_secure_excel_download() { if ( !isset($_GET['attachment_id']) ) { wp_die('No file specified.'); } $attachment_id = intval($_GET['attachment_id']); $file_path = get_attached_file($attachment_id); if ( $file_path && file_exists($file_path) ) { // Strip any dangerous suffixes $clean_filename = basename($file_path); $clean_filename = str_replace('.html', '', $clean_filename); // Clear absolutely all buffers to prevent background HTML leakage while ( ob_get_level() ) { ob_end_clean(); } // Deliver pure binary instructions directly to the browser/mobile device header('Content-Description: File Transfer'); header('Content-Type: application/vnd.ms-excel.sheet.macroEnabled.12'); header('Content-Disposition: attachment; filename="' . $clean_filename . '"'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file_path)); readfile($file_path); exit; } wp_die('File not found.'); } // Hook for logged-in users add_action('wp_ajax_secure_download', 'handle_secure_excel_download'); // Hook for public visitors add_action('wp_ajax_nopriv_secure_download', 'handle_secure_excel_download'); function handle_secure_excel_download() { if ( !isset($_GET['attachment_id']) ) { wp_die('No file specified.'); } $attachment_id = intval($_GET['attachment_id']); $file_path = get_attached_file($attachment_id); if ( $file_path && file_exists($file_path) ) { // Strip any dangerous suffixes $clean_filename = basename($file_path); $clean_filename = str_replace('.html', '', $clean_filename); // Clear absolutely all buffers to prevent background HTML leakage while ( ob_get_level() ) { ob_end_clean(); } // Deliver pure binary instructions directly to the browser/mobile device header('Content-Description: File Transfer'); header('Content-Type: application/vnd.ms-excel.sheet.macroEnabled.12'); header('Content-Disposition: attachment; filename="' . $clean_filename . '"'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file_path)); readfile($file_path); exit; } wp_die('File not found.'); } // Hook for logged-in users add_action('wp_ajax_secure_download', 'handle_secure_excel_download'); // Hook for public visitors add_action('wp_ajax_nopriv_secure_download', 'handle_secure_excel_download'); function handle_secure_excel_download() { if ( !isset($_GET['attachment_id']) ) { wp_die('No file specified.'); } $attachment_id = intval($_GET['attachment_id']); $file_path = get_attached_file($attachment_id); if ( $file_path && file_exists($file_path) ) { // Strip any dangerous suffixes $clean_filename = basename($file_path); $clean_filename = str_replace('.html', '', $clean_filename); // Clear absolutely all buffers to prevent background HTML leakage while ( ob_get_level() ) { ob_end_clean(); } // Deliver pure binary instructions directly to the browser/mobile device header('Content-Description: File Transfer'); header('Content-Type: application/vnd.ms-excel.sheet.macroEnabled.12'); header('Content-Disposition: attachment; filename="' . $clean_filename . '"'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file_path)); readfile($file_path); exit; } wp_die('File not found.'); } // Hook for logged-in users add_action('wp_ajax_secure_download', 'handle_secure_excel_download'); // Hook for public visitors add_action('wp_ajax_nopriv_secure_download', 'handle_secure_excel_download'); function handle_secure_excel_download() { if ( !isset($_GET['attachment_id']) ) { wp_die('No file specified.'); } $attachment_id = intval($_GET['attachment_id']); $file_path = get_attached_file($attachment_id); if ( $file_path && file_exists($file_path) ) { // Strip any dangerous suffixes $clean_filename = basename($file_path); $clean_filename = str_replace('.html', '', $clean_filename); // Clear absolutely all buffers to prevent background HTML leakage while ( ob_get_level() ) { ob_end_clean(); } // Deliver pure binary instructions directly to the browser/mobile device header('Content-Description: File Transfer'); header('Content-Type: application/vnd.ms-excel.sheet.macroEnabled.12'); header('Content-Disposition: attachment; filename="' . $clean_filename . '"'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file_path)); readfile($file_path); exit; } wp_die('File not found.'); } // Hook for logged-in users add_action('wp_ajax_secure_download', 'handle_secure_excel_download'); // Hook for public visitors add_action('wp_ajax_nopriv_secure_download', 'handle_secure_excel_download');