X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/699231ae09f7057a4d0000cdf32e50a3df6a04ca..96bc8e88cf39086a9e0a883b8e2c311fe82a5e97:/wp-includes/ms-files.php

diff --git a/wp-includes/ms-files.php b/wp-includes/ms-files.php
index f5af8e03..e7ab0a4c 100644
--- a/wp-includes/ms-files.php
+++ b/wp-includes/ms-files.php
@@ -23,22 +23,22 @@ if ( $current_blog->archived == '1' || $current_blog->spam == '1' || $current_bl
 	die( '404 — File not found.' );
 }
 
-$file = BLOGUPLOADDIR . str_replace( '..', '', $_GET[ 'file' ] );
+$file = rtrim( BLOGUPLOADDIR, '/' ) . '/' . str_replace( '..', '', $_GET[ 'file' ] );
 if ( !is_file( $file ) ) {
 	status_header( 404 );
 	die( '404 — File not found.' );
 }
 
-$mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] );
+$mime = wp_check_filetype( $file );
 if( false === $mime[ 'type' ] && function_exists( 'mime_content_type' ) )
 	$mime[ 'type' ] = mime_content_type( $file );
 
 if( $mime[ 'type' ] )
 	$mimetype = $mime[ 'type' ];
 else
-	$mimetype = 'image/' . substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 );
+	$mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 );
 
-header( 'Content-type: ' . $mimetype ); // always send this
+header( 'Content-Type: ' . $mimetype ); // always send this
 if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) )
 	header( 'Content-Length: ' . filesize( $file ) );