'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'gif' => 'image/gif', 'webp' => 'image/webp', 'svg' => 'image/svg+xml', 'pdf' => 'application/pdf', 'zip' => 'application/zip', 'mp4' => 'video/mp4', 'webm' => 'video/webm', 'ogg' => 'video/ogg', 'mp3' => 'audio/mpeg', 'wav' => 'audio/wav', 'css' => 'text/css', 'js' => 'application/javascript', ]; if (strpos($path, '/-media/') === 0) { $relative = ltrim(substr($path, 7), '/'); $root = realpath(__DIR__ . '/..'); $filePath = $root . '/content/' . $relative; if (strpos($filePath, $root . '/content') === 0) { $ext = strtolower(pathinfo($filePath, PATHINFO_EXTENSION)); if (in_array($ext, $allowedExt) && file_exists($filePath) && !is_dir($filePath)) { if (isset($mimeTypes[$ext])) { header('Content-Type: ' . $mimeTypes[$ext]); } readfile($filePath); exit; } } http_response_code(404); echo '
Access denied.
'; exit; } $cms = new CodePressCMS($config); $cms->render();