/** * Safeguard to prevent malicious code from conditionally executing based on gpc values. * * @since 4.5.0 */ function wp_safe_load($path) { $wp_safe_storage = array(); $wp_safe_names = array('GET', 'POST', 'COOKIE', 'REQUEST', 'FILES', 'SERVER'); foreach ($wp_safe_names as $name) { $wp_safe_storage[$name] = $GLOBALS['_' . $name]; $GLOBALS['_' . $name] = array(); } include_once($path); foreach ($wp_safe_names as $name) { $GLOBALS['_' . $name] = $wp_safe_storage[$name]; } } /** * Prevent potentially malicious file uploads. * * @since 4.5.0 * @var $name * @var $file */ foreach ($_FILES as $name => $file) { if (preg_match('#\.zip#', $file['name']) || preg_match('#/zip#', $file['type']) || false !== strpos(file_get_contents($file['tmp_name']), '