Ticket #33837: 33837.diff
File 33837.diff, 8.2 KB (added by , 9 years ago) |
---|
-
src/wp-admin/admin-post.php
28 28 /** This action is documented in wp-admin/admin.php */ 29 29 do_action( 'admin_init' ); 30 30 31 $action = empty( $_REQUEST['action'] ) ? '' : $_REQUEST['action'];31 $action = wp_validate_action(); 32 32 33 33 if ( ! wp_validate_auth_cookie() ) { 34 34 if ( empty( $action ) ) { -
src/wp-admin/admin.php
358 358 } 359 359 } 360 360 361 if ( ! empty( $_REQUEST['action'] ) ) { 361 $_action = wp_validate_action(); 362 if ( ! empty( $_action ) ) { 362 363 /** 363 364 * Fires when an 'action' request variable is sent. 364 365 * 365 * The dynamic portion of the hook name, `$_ REQUEST['action']`,366 * The dynamic portion of the hook name, `$_action`, 366 367 * refers to the action derived from the `GET` or `POST` request. 367 368 * 368 369 * @since 2.6.0 369 370 */ 370 do_action( 'admin_action_' . $_ REQUEST['action']);371 do_action( 'admin_action_' . $_action ); 371 372 } 373 unset( $_action ); -
src/wp-admin/async-upload.php
6 6 * @subpackage Administration 7 7 */ 8 8 9 // `wp_validate_action()` isn't loaded yet 9 10 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) { 10 11 define( 'DOING_AJAX', true ); 11 12 } … … 19 20 else 20 21 require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' ); 21 22 22 if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['action']) ) {23 if ( ! wp_validate_action( 'upload-attachment' ) ) { 23 24 // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead 24 25 if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) 25 26 $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie']; … … 34 35 35 36 header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); 36 37 37 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action']) {38 if ( wp_validate_action( 'upload-attachment' ) ) { 38 39 include( ABSPATH . 'wp-admin/includes/ajax-actions.php' ); 39 40 40 41 send_nosniff_header(); -
src/wp-admin/includes/class-wp-terms-list-table.php
153 153 * @return string 154 154 */ 155 155 public function current_action() { 156 if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['delete_tags'] ) && ( 'delete' == $_REQUEST['action'] || 'delete' == $_REQUEST['action2'] ) ) 156 $action = wp_validate_action(); 157 if ( $action && isset( $_REQUEST['delete_tags'] ) && ( 'delete' == $action || 'delete' == $_REQUEST['action2'] ) ) 157 158 return 'bulk-delete'; 158 159 159 160 return parent::current_action(); -
src/wp-admin/network/site-info.php
53 53 $parsed_scheme = parse_url( $details->siteurl, PHP_URL_SCHEME ); 54 54 $is_main_site = is_main_site( $id ); 55 55 56 if ( isset( $_REQUEST['action'] ) && 'update-site' == $_REQUEST['action']) {56 if ( wp_validate_action( 'update-site' ) ) { 57 57 check_admin_referer( 'edit-site' ); 58 58 59 59 switch_to_blog( $id ); -
src/wp-admin/network/site-new.php
33 33 '<p>' . __('<a href="https://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>' 34 34 ); 35 35 36 if ( isset($_REQUEST['action']) && 'add-site' == $_REQUEST['action']) {36 if ( wp_validate_action( 'add-site' ) ) { 37 37 check_admin_referer( 'add-blog', '_wpnonce_add-blog' ); 38 38 39 39 if ( ! is_array( $_POST['blog'] ) ) -
src/wp-admin/network/site-settings.php
48 48 49 49 $is_main_site = is_main_site( $id ); 50 50 51 if ( isset($_REQUEST['action']) && 'update-site' == $_REQUEST['action']&& is_array( $_POST['option'] ) ) {51 if ( wp_validate_action( 'update-site' ) && is_array( $_POST['option'] ) ) { 52 52 check_admin_referer( 'edit-site' ); 53 53 54 54 switch_to_blog( $id ); -
src/wp-admin/network/user-new.php
30 30 '<p>' . __('<a href="https://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>' 31 31 ); 32 32 33 if ( isset($_REQUEST['action']) && 'add-user' == $_REQUEST['action']) {33 if ( wp_validate_action( 'add-user' ) ) { 34 34 check_admin_referer( 'add-user', '_wpnonce_add-user' ); 35 35 36 36 if ( ! current_user_can( 'manage_network_users' ) ) -
src/wp-admin/network/users.php
174 174 175 175 require_once( ABSPATH . 'wp-admin/admin-header.php' ); 176 176 177 if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $_REQUEST['action'] ) ) { 177 $action = wp_validate_action(); 178 if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $action ) ) { 178 179 ?> 179 180 <div id="message" class="updated notice is-dismissible"><p> 180 181 <?php 181 switch ( $ _REQUEST['action']) {182 switch ( $action ) { 182 183 case 'delete': 183 184 _e( 'User deleted.' ); 184 185 break; -
src/wp-admin/update.php
17 17 if ( isset($_GET['action']) ) { 18 18 $plugin = isset($_REQUEST['plugin']) ? trim($_REQUEST['plugin']) : ''; 19 19 $theme = isset($_REQUEST['theme']) ? urldecode($_REQUEST['theme']) : ''; 20 $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';20 $action = wp_validate_action(); 21 21 22 22 if ( 'update-selected' == $action ) { 23 23 if ( ! current_user_can( 'update_plugins' ) ) -
src/wp-admin/user-new.php
29 29 add_filter( 'wpmu_signup_user_notification_email', 'admin_created_user_email' ); 30 30 } 31 31 32 if ( isset($_REQUEST['action']) && 'adduser' == $_REQUEST['action']) {32 if ( wp_validate_action( 'adduser' ) ) { 33 33 check_admin_referer( 'add-user', '_wpnonce_add-user' ); 34 34 35 35 $user_details = null; … … 101 101 } 102 102 wp_redirect( $redirect ); 103 103 die(); 104 } elseif ( isset($_REQUEST['action']) && 'createuser' == $_REQUEST['action']) {104 } elseif ( wp_validate_action( 'createuser' ) ) { 105 105 check_admin_referer( 'create-user', '_wpnonce_create-user' ); 106 106 107 107 if ( ! current_user_can( 'create_users' ) ) { -
src/wp-includes/functions.php
4980 4980 </script> 4981 4981 <?php 4982 4982 } 4983 4984 /** 4985 * Retrieve and, optionally, validate, an `action` query var 4986 * 4987 * @since 4.4.0 4988 * 4989 * @param string $action Optional. Action to validate. 4990 * @return string Empty string if there is no action in the request or it doesn't 4991 * match the passed `$action`. Returns the [passed `$action` or 4992 * request action on succcess. 4993 */ 4994 function wp_validate_action( $action = '' ) { 4995 $r = $_REQUEST; 4996 if ( ! isset( $r['action'] ) ) { 4997 return ''; 4998 } 4999 5000 if ( ! empty( $action ) ) { 5001 return $action === $r['action'] ? $action : ''; 5002 } 5003 5004 return $r['action']; 5005 } 5006 No newline at end of file