Ticket #5427: 5427.2.diff
| File 5427.2.diff, 1.5 KB (added by DD32, 4 years ago) |
|---|
-
wp-admin/admin.php
49 49 50 50 do_action($page_hook); 51 51 } else { 52 if ( validate_file($plugin_page) ) {52 if ( validate_file($plugin_page) ) 53 53 wp_die(__('Invalid plugin page')); 54 }55 54 55 if( ! validate_plugin_page($plugin_page) ) 56 wp_die(__('Invalid plugin page')); 57 56 58 if (! file_exists(ABSPATH . PLUGINDIR . "/$plugin_page")) 57 59 wp_die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page))); 58 60 -
wp-admin/includes/file.php
78 78 } 79 79 } 80 80 81 //Checks to see if the given plugin page is registered as a Menu or Submenu. 82 function validate_plugin_page($plugin_page){ 83 global $menu, $submenu, $pagenow; 84 85 //Check top-level menu's 86 foreach( $menu as $page) 87 if( $plugin_page == $page[2]) 88 return true; 89 90 //Check sub-menu's 91 foreach( $submenu[ $pagenow ] as $page) 92 if( $plugin_page == $page[2]) 93 return true; 94 95 //The given file has not been loaded as a plugin page. 96 return false; 97 } 98 81 99 // array wp_handle_upload ( array &file [, array overrides] ) 82 100 // file: reference to a single element of $_FILES. Call the function once for each uploaded file. 83 101 // overrides: an associative array of names=>values to override default variables with extract( $overrides, EXTR_OVERWRITE ).
