WordPress.org

Make WordPress Core

Ticket #21767: 21767.17.diff

File 21767.17.diff, 5.9 KB (added by nacin, 5 years ago)

Clean up wp_reset_vars() calls. Quite a bit of cruft that can be traced back to b2. Still to do: Use the referer API in user-edit, instead of manual global vars.

  • wp-admin/options-head.php

     
    22/**
    33 * WordPress Options Header.
    44 *
    5  * Resets variables: 'action', 'standalone', and 'option_group_id'. Displays
    6  * updated message, if updated variable is part of the URL query.
     5 * Displays updated message, if updated variable is part of the URL query.
    76 *
    87 * @package WordPress
    98 * @subpackage Administration
    109 */
    1110
    12 wp_reset_vars(array('action', 'standalone', 'option_group_id'));
     11wp_reset_vars( array( 'action' ) );
    1312
    1413if ( isset( $_GET['updated'] ) && isset( $_GET['page'] ) ) {
    1514        // For backwards compat with plugins that don't use the Settings API and just set updated=1 in the redirect
  • wp-admin/includes/bookmark.php

     
    5555function get_default_link_to_edit() {
    5656        $link = new stdClass;
    5757        if ( isset( $_GET['linkurl'] ) )
    58                 $link->link_url = esc_url( $_GET['linkurl'] );
     58                $link->link_url = esc_url( wp_unslash( $_GET['linkurl'] ) );
    5959        else
    6060                $link->link_url = '';
    6161
    6262        if ( isset( $_GET['name'] ) )
    63                 $link->link_name = esc_attr( $_GET['name'] );
     63                $link->link_name = esc_attr( wp_unslash( $_GET['name'] ) );
    6464        else
    6565                $link->link_name = '';
    6666
  • wp-admin/includes/class-wp-links-list-table.php

     
    2323        function prepare_items() {
    2424                global $cat_id, $s, $orderby, $order;
    2525
    26                 wp_reset_vars( array( 'action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'orderby', 'order', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]', 's' ) );
     26                wp_reset_vars( array( 'action', 'cat_id', 'link_id', 'orderby', 'order', 's' ) );
    2727
    2828                $args = array( 'hide_invisible' => 0, 'hide_empty' => 0 );
    2929
  • wp-admin/post.php

     
    1 <?php
     1s<?php
    22/**
    33 * Edit post administration panel.
    44 *
     
    1414$parent_file = 'edit.php';
    1515$submenu_file = 'edit.php';
    1616
    17 wp_reset_vars(array('action', 'safe_mode', 'withcomments', 'posts', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder'));
     17wp_reset_vars( array( 'action' ) );
    1818
    1919if ( isset( $_GET['post'] ) )
    2020        $post_id = $post_ID = (int) $_GET['post'];
  • wp-admin/admin.php

     
    7777$date_format = get_option('date_format');
    7878$time_format = get_option('time_format');
    7979
    80 wp_reset_vars(array('profile', 'redirect', 'redirect_url', 'a', 'text', 'trackback', 'pingback'));
    81 
    8280wp_enqueue_script( 'common' );
    8381
    8482$editing = false;
  • wp-admin/edit-link-form.php

     
    126126if ( $link_id ) : ?>
    127127<input type="hidden" name="action" value="save" />
    128128<input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
    129 <input type="hidden" name="order_by" value="<?php echo esc_attr($order_by); ?>" />
    130129<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
    131130<?php else: ?>
    132131<input type="hidden" name="action" value="add" />
  • wp-admin/link-add.php

     
    1515$title = __('Add New Link');
    1616$parent_file = 'link-manager.php';
    1717
    18 wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image',
    19         'description', 'visible', 'target', 'category', 'link_id',
    20         'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
    21         'notes', 'linkcheck[]'));
     18wp_reset_vars( array('action', 'cat_id', 'link_id' ) );
    2219
    2320wp_enqueue_script('link');
    2421wp_enqueue_script('xfn');
  • wp-admin/link.php

     
    1212/** Load WordPress Administration Bootstrap */
    1313require_once ('admin.php');
    1414
    15 wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
     15wp_reset_vars( array( 'action', 'cat_id', 'link_id' ) );
    1616
    1717if ( ! current_user_can('manage_links') )
    1818        wp_link_manager_disabled_message();
  • wp-admin/user-edit.php

     
    99/** WordPress Administration Bootstrap */
    1010require_once('./admin.php');
    1111
    12 wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
     12wp_reset_vars( array( 'action', 'user_id', 'wp_http_referer' ) );
    1313
    1414$user_id = (int) $user_id;
    1515$current_user = wp_get_current_user();
     
    5454    '<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
    5555);
    5656
    57 $wp_http_referer = remove_query_arg(array('update', 'delete_count'), wp_unslash( $wp_http_referer ) );
     57$wp_http_referer = remove_query_arg(array('update', 'delete_count'), $wp_http_referer );
    5858
    5959$user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' );
    6060