[wp-hackers] Virtual Multiblog

Aaron Brazell emmensetech at gmail.com
Mon Nov 26 17:24:47 GMT 2007


Often not available. Dreamhost, for instance, turnd off that setting in PHP which includes remote files. Also a security risk.
(via Blackberry)
Aaron Brazell 
Director of Technology, b5media
"A Global New Media Company" 

web:: www.b5media.com, www.technosailor.com
phone:: 410-608-6620 
skype:: technosailor     

-----Original Message-----
From: "Computer Guru" <computerguru at neosmart.net>

Date: Mon, 26 Nov 2007 19:22:08 
To:wp-hackers at lists.automattic.com
Subject: Re: [wp-hackers] Virtual Multiblog


The easiest way is to include() it via the URI instead of the path.

so include("http://domain.com/sample.php") instead of
include("/path/to/sample.php")


On 11/26/07, Stephen Rider <wp-hackers at striderweb.com> wrote:
>
> Hi all --
>
> RE: the security vulnerability -- I don't think it applies to my
> code, as I replaced all slashes '/' with understroke.  Nonetheless
> I've replaced my "string cleaner" code with the following just to be
> more safe:
>
>
>        $string = preg_replace('/[^a-z0-9_]/', '_', strtolower( $string )
> );
>
> > On Nov 26, 2007 1:46 AM, Computer Guru <computerguru at neosmart.net>
> > wrote:
> >> Well, how do you go about upgrading all those sites?
> >>
>
> On Nov 25, 2007, at 1:32 PM, Max wrote:
> > Yes, just make a script to run them all. It will be ok.
> >
> > Or you can create a html file to put all the upgrade.php link there.
> > It won't take much time if you got 100 sites.
>
>
> Good question, and good suggestion.
>
> So if I were going to make a PHP script to auto-update them all, how
> do I call another file in PHP?  (That is, call it as though a link
> were clicked, not include it.)  Does the fopen() function do this, or
> am I misunderstanding?
>
> (I would like to avoid shell scripts, as this is supposed to be plug
> & play for the lay-user, much like WordPress itself.)
>
> Otherwise I suppose I could auto-produce the HTML file with links,
> but I like the "run a script" solution better, obviously.  :)
>
> > [H]ow is this different from doing something like this in wp-
> > config.php...?
> >
> > $table_prefix = 'wp_' . $_SERVER['HTTP_HOST'] . '_';
>
>
> The VUSER constant is one difference.  Flexibility in having separate
> custom config files for each blog is another.  (Blogs can all use one
> config, or all different configs, or anywhere in between.)  There are
> times you might want to use different databases, or set some of the
> WordPress CONSTANTS in a wp-config file.
>
> Ultimately I would like to include functions for calling blog lists
> and combined pages lists, (though these would only be workable for
> people using the mb_users.php file).
>
> Thanks for the comments. :)
>
> Stephen
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>



-- 
Computer Guru
Director,
NeoSmart Technologies
http://neosmart.net/blog/
_______________________________________________
wp-hackers mailing list
wp-hackers at lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers


More information about the wp-hackers mailing list