WordPress.org

Make WordPress Core

Ticket #33837: 33837.diff

File 33837.diff, 8.2 KB (added by wonderboymusic, 4 years ago)
  • src/wp-admin/admin-post.php

     
    2828/** This action is documented in wp-admin/admin.php */
    2929do_action( 'admin_init' );
    3030
    31 $action = empty( $_REQUEST['action'] ) ? '' : $_REQUEST['action'];
     31$action = wp_validate_action();
    3232
    3333if ( ! wp_validate_auth_cookie() ) {
    3434        if ( empty( $action ) ) {
  • src/wp-admin/admin.php

     
    358358        }
    359359}
    360360
    361 if ( ! empty( $_REQUEST['action'] ) ) {
     361$_action = wp_validate_action();
     362if ( ! empty( $_action ) ) {
    362363        /**
    363364         * Fires when an 'action' request variable is sent.
    364365         *
    365          * The dynamic portion of the hook name, `$_REQUEST['action']`,
     366         * The dynamic portion of the hook name, `$_action`,
    366367         * refers to the action derived from the `GET` or `POST` request.
    367368         *
    368369         * @since 2.6.0
    369370         */
    370         do_action( 'admin_action_' . $_REQUEST['action'] );
     371        do_action( 'admin_action_' . $_action );
    371372}
     373unset( $_action );
  • src/wp-admin/async-upload.php

     
    66 * @subpackage Administration
    77 */
    88
     9// `wp_validate_action()` isn't loaded yet
    910if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
    1011        define( 'DOING_AJAX', true );
    1112}
     
    1920else
    2021        require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
    2122
    22 if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['action'] ) ) {
     23if ( ! wp_validate_action( 'upload-attachment' ) ) {
    2324        // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead
    2425        if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
    2526                $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
     
    3435
    3536header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
    3637
    37 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
     38if ( wp_validate_action( 'upload-attachment' ) ) {
    3839        include( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
    3940
    4041        send_nosniff_header();
  • src/wp-admin/includes/class-wp-terms-list-table.php

     
    153153         * @return string
    154154         */
    155155        public function current_action() {
    156                 if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['delete_tags'] ) && ( 'delete' == $_REQUEST['action'] || 'delete' == $_REQUEST['action2'] ) )
     156                $action = wp_validate_action();
     157                if ( $action && isset( $_REQUEST['delete_tags'] ) && ( 'delete' == $action || 'delete' == $_REQUEST['action2'] ) )
    157158                        return 'bulk-delete';
    158159
    159160                return parent::current_action();
  • src/wp-admin/network/site-info.php

     
    5353$parsed_scheme = parse_url( $details->siteurl, PHP_URL_SCHEME );
    5454$is_main_site = is_main_site( $id );
    5555
    56 if ( isset( $_REQUEST['action'] ) && 'update-site' == $_REQUEST['action'] ) {
     56if ( wp_validate_action( 'update-site' ) ) {
    5757        check_admin_referer( 'edit-site' );
    5858
    5959        switch_to_blog( $id );
  • src/wp-admin/network/site-new.php

     
    3333        '<p>' . __('<a href="https://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>'
    3434);
    3535
    36 if ( isset($_REQUEST['action']) && 'add-site' == $_REQUEST['action'] ) {
     36if ( wp_validate_action( 'add-site' ) ) {
    3737        check_admin_referer( 'add-blog', '_wpnonce_add-blog' );
    3838
    3939        if ( ! is_array( $_POST['blog'] ) )
  • src/wp-admin/network/site-settings.php

     
    4848
    4949$is_main_site = is_main_site( $id );
    5050
    51 if ( isset($_REQUEST['action']) && 'update-site' == $_REQUEST['action'] && is_array( $_POST['option'] ) ) {
     51if ( wp_validate_action( 'update-site' ) && is_array( $_POST['option'] ) ) {
    5252        check_admin_referer( 'edit-site' );
    5353
    5454        switch_to_blog( $id );
  • src/wp-admin/network/user-new.php

     
    3030        '<p>' . __('<a href="https://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>'
    3131);
    3232
    33 if ( isset($_REQUEST['action']) && 'add-user' == $_REQUEST['action'] ) {
     33if ( wp_validate_action( 'add-user' ) ) {
    3434        check_admin_referer( 'add-user', '_wpnonce_add-user' );
    3535
    3636        if ( ! current_user_can( 'manage_network_users' ) )
  • src/wp-admin/network/users.php

     
    174174
    175175require_once( ABSPATH . 'wp-admin/admin-header.php' );
    176176
    177 if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $_REQUEST['action'] ) ) {
     177$action = wp_validate_action();
     178if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $action ) ) {
    178179        ?>
    179180        <div id="message" class="updated notice is-dismissible"><p>
    180181                <?php
    181                 switch ( $_REQUEST['action'] ) {
     182                switch ( $action ) {
    182183                        case 'delete':
    183184                                _e( 'User deleted.' );
    184185                        break;
  • src/wp-admin/update.php

     
    1717if ( isset($_GET['action']) ) {
    1818        $plugin = isset($_REQUEST['plugin']) ? trim($_REQUEST['plugin']) : '';
    1919        $theme = isset($_REQUEST['theme']) ? urldecode($_REQUEST['theme']) : '';
    20         $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
     20        $action = wp_validate_action();
    2121
    2222        if ( 'update-selected' == $action ) {
    2323                if ( ! current_user_can( 'update_plugins' ) )
  • src/wp-admin/user-new.php

     
    2929        add_filter( 'wpmu_signup_user_notification_email', 'admin_created_user_email' );
    3030}
    3131
    32 if ( isset($_REQUEST['action']) && 'adduser' == $_REQUEST['action'] ) {
     32if ( wp_validate_action( 'adduser' ) ) {
    3333        check_admin_referer( 'add-user', '_wpnonce_add-user' );
    3434
    3535        $user_details = null;
     
    101101        }
    102102        wp_redirect( $redirect );
    103103        die();
    104 } elseif ( isset($_REQUEST['action']) && 'createuser' == $_REQUEST['action'] ) {
     104} elseif ( wp_validate_action( 'createuser' ) ) {
    105105        check_admin_referer( 'create-user', '_wpnonce_create-user' );
    106106
    107107        if ( ! current_user_can( 'create_users' ) ) {
  • src/wp-includes/functions.php

     
    49804980        </script>
    49814981        <?php
    49824982}
     4983
     4984/**
     4985 * Retrieve and, optionally, validate, an `action` query var
     4986 *
     4987 * @since 4.4.0
     4988 *
     4989 * @param string $action Optional. Action to validate.
     4990 * @return string Empty string if there is no action in the request or it doesn't
     4991 *                match the passed `$action`. Returns the [passed `$action` or
     4992 *                request action on succcess.
     4993 */
     4994function wp_validate_action( $action = '' ) {
     4995        $r = $_REQUEST;
     4996        if ( ! isset( $r['action'] ) ) {
     4997                return '';
     4998        }
     4999
     5000        if ( ! empty( $action ) ) {
     5001                return $action === $r['action'] ? $action : '';
     5002        }
     5003
     5004        return $r['action'];
     5005}
     5006 No newline at end of file