WordPress.org

Make WordPress Core

Ticket #21767: 21767.17.diff

File 21767.17.diff, 5.9 KB (added by nacin, 17 months ago)

Clean up wp_reset_vars() calls. Quite a bit of cruft that can be traced back to b2. Still to do: Use the referer API in user-edit, instead of manual global vars.

  • wp-admin/options-head.php

     
    22/** 
    33 * WordPress Options Header. 
    44 * 
    5  * Resets variables: 'action', 'standalone', and 'option_group_id'. Displays 
    6  * updated message, if updated variable is part of the URL query. 
     5 * Displays updated message, if updated variable is part of the URL query. 
    76 * 
    87 * @package WordPress 
    98 * @subpackage Administration 
    109 */ 
    1110 
    12 wp_reset_vars(array('action', 'standalone', 'option_group_id')); 
     11wp_reset_vars( array( 'action' ) ); 
    1312 
    1413if ( isset( $_GET['updated'] ) && isset( $_GET['page'] ) ) { 
    1514        // For backwards compat with plugins that don't use the Settings API and just set updated=1 in the redirect 
  • wp-admin/includes/bookmark.php

     
    5555function get_default_link_to_edit() { 
    5656        $link = new stdClass; 
    5757        if ( isset( $_GET['linkurl'] ) ) 
    58                 $link->link_url = esc_url( $_GET['linkurl'] ); 
     58                $link->link_url = esc_url( wp_unslash( $_GET['linkurl'] ) ); 
    5959        else 
    6060                $link->link_url = ''; 
    6161 
    6262        if ( isset( $_GET['name'] ) ) 
    63                 $link->link_name = esc_attr( $_GET['name'] ); 
     63                $link->link_name = esc_attr( wp_unslash( $_GET['name'] ) ); 
    6464        else 
    6565                $link->link_name = ''; 
    6666 
  • wp-admin/includes/class-wp-links-list-table.php

     
    2323        function prepare_items() { 
    2424                global $cat_id, $s, $orderby, $order; 
    2525 
    26                 wp_reset_vars( array( 'action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'orderby', 'order', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]', 's' ) ); 
     26                wp_reset_vars( array( 'action', 'cat_id', 'link_id', 'orderby', 'order', 's' ) ); 
    2727 
    2828                $args = array( 'hide_invisible' => 0, 'hide_empty' => 0 ); 
    2929 
  • wp-admin/post.php

     
    1 <?php 
     1s<?php 
    22/** 
    33 * Edit post administration panel. 
    44 * 
     
    1414$parent_file = 'edit.php'; 
    1515$submenu_file = 'edit.php'; 
    1616 
    17 wp_reset_vars(array('action', 'safe_mode', 'withcomments', 'posts', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder')); 
     17wp_reset_vars( array( 'action' ) ); 
    1818 
    1919if ( isset( $_GET['post'] ) ) 
    2020        $post_id = $post_ID = (int) $_GET['post']; 
  • wp-admin/admin.php

     
    7777$date_format = get_option('date_format'); 
    7878$time_format = get_option('time_format'); 
    7979 
    80 wp_reset_vars(array('profile', 'redirect', 'redirect_url', 'a', 'text', 'trackback', 'pingback')); 
    81  
    8280wp_enqueue_script( 'common' ); 
    8381 
    8482$editing = false; 
  • wp-admin/edit-link-form.php

     
    126126if ( $link_id ) : ?> 
    127127<input type="hidden" name="action" value="save" /> 
    128128<input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" /> 
    129 <input type="hidden" name="order_by" value="<?php echo esc_attr($order_by); ?>" /> 
    130129<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" /> 
    131130<?php else: ?> 
    132131<input type="hidden" name="action" value="add" /> 
  • wp-admin/link-add.php

     
    1515$title = __('Add New Link'); 
    1616$parent_file = 'link-manager.php'; 
    1717 
    18 wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 
    19         'description', 'visible', 'target', 'category', 'link_id', 
    20         'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 
    21         'notes', 'linkcheck[]')); 
     18wp_reset_vars( array('action', 'cat_id', 'link_id' ) ); 
    2219 
    2320wp_enqueue_script('link'); 
    2421wp_enqueue_script('xfn'); 
  • wp-admin/link.php

     
    1212/** Load WordPress Administration Bootstrap */ 
    1313require_once ('admin.php'); 
    1414 
    15 wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]')); 
     15wp_reset_vars( array( 'action', 'cat_id', 'link_id' ) ); 
    1616 
    1717if ( ! current_user_can('manage_links') ) 
    1818        wp_link_manager_disabled_message(); 
  • wp-admin/user-edit.php

     
    99/** WordPress Administration Bootstrap */ 
    1010require_once('./admin.php'); 
    1111 
    12 wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer')); 
     12wp_reset_vars( array( 'action', 'user_id', 'wp_http_referer' ) ); 
    1313 
    1414$user_id = (int) $user_id; 
    1515$current_user = wp_get_current_user(); 
     
    5454    '<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>' 
    5555); 
    5656 
    57 $wp_http_referer = remove_query_arg(array('update', 'delete_count'), wp_unslash( $wp_http_referer ) ); 
     57$wp_http_referer = remove_query_arg(array('update', 'delete_count'), $wp_http_referer ); 
    5858 
    5959$user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' ); 
    6060