Make WordPress Core

Ticket #38073: 38073.2.patch

File 38073.2.patch, 12.7 KB (added by davideferre, 7 years ago)

Fixes previous submitted patch.

  • src/wp-admin/comment.php

    diff --git a/src/wp-admin/comment.php b/src/wp-admin/comment.php
    index c2eca11ec3..7942021b0d 100644
    a b require_once( dirname( __FILE__ ) . '/admin.php' ); 
    1212$parent_file = 'edit-comments.php';
    1313$submenu_file = 'edit-comments.php';
    1414
    15 /**
    16  * @global string $action
    17  */
    18 global $action;
    19 wp_reset_vars( array('action') );
     15$action = wp_assign_request_var('action');
    2016
    2117if ( isset( $_POST['deletecomment'] ) )
    2218        $action = 'deletecomment';
  • src/wp-admin/customize.php

    diff --git a/src/wp-admin/customize.php b/src/wp-admin/customize.php
    index f1bf8aa9a1..d27d822f31 100644
    a b if ( $wp_customize->changeset_post_id() ) { 
    4545}
    4646
    4747
    48 wp_reset_vars( array( 'url', 'return', 'autofocus' ) );
     48$url = wp_assign_request_var('url');
    4949if ( ! empty( $url ) ) {
    5050        $wp_customize->set_preview_url( wp_unslash( $url ) );
    5151}
     52
     53$return = wp_assign_request_var('return');
    5254if ( ! empty( $return ) ) {
    5355        $wp_customize->set_return_url( wp_unslash( $return ) );
    5456}
     57
     58$autofocus = wp_assign_request_var('autofocus');
    5559if ( ! empty( $autofocus ) && is_array( $autofocus ) ) {
    5660        $wp_customize->set_autofocus( wp_unslash( $autofocus ) );
    5761}
  • src/wp-admin/edit-tag-form.php

    diff --git a/src/wp-admin/edit-tag-form.php b/src/wp-admin/edit-tag-form.php
    index e3fb222bc9..bfae308d6d 100644
    a b if ( 'category' == $taxonomy ) { 
    4444        do_action( 'edit_tag_form_pre', $tag );
    4545}
    4646
    47 /**
    48  * Use with caution, see https://codex.wordpress.org/Function_Reference/wp_reset_vars
    49  */
    50 wp_reset_vars( array( 'wp_http_referer' ) );
     47$wp_http_referer = wp_assign_request_var('wp_http_referer');
    5148
    5249$wp_http_referer = remove_query_arg( array( 'action', 'message', 'tag_ID' ), $wp_http_referer );
    5350
  • src/wp-admin/includes/class-wp-links-list-table.php

    diff --git a/src/wp-admin/includes/class-wp-links-list-table.php b/src/wp-admin/includes/class-wp-links-list-table.php
    index 222d6dfc2d..7561edc4d4 100644
    a b class WP_Links_List_Table extends WP_List_Table { 
    4444
    4545        /**
    4646         *
    47          * @global int    $cat_id
    48          * @global string $s
    49          * @global string $orderby
    50          * @global string $order
    5147         */
    5248        public function prepare_items() {
    53                 global $cat_id, $s, $orderby, $order;
    54 
    55                 wp_reset_vars( array( 'action', 'cat_id', 'link_id', 'orderby', 'order', 's' ) );
     49                $cat_id = wp_assign_request_var('cat_id');
     50                $s = wp_assign_request_var('s');
     51                $orderby = wp_assign_request_var('orderby');
     52                $order = wp_assign_request_var('order');
    5653
    5754                $args = array( 'hide_invisible' => 0, 'hide_empty' => 0 );
    5855
  • src/wp-admin/includes/class-wp-ms-themes-list-table.php

    diff --git a/src/wp-admin/includes/class-wp-ms-themes-list-table.php b/src/wp-admin/includes/class-wp-ms-themes-list-table.php
    index 0f3865a985..9ef783f311 100644
    a b class WP_MS_Themes_List_Table extends WP_List_Table { 
    8080         * @global string $status
    8181         * @global array $totals
    8282         * @global int $page
    83          * @global string $orderby
    84          * @global string $order
    85          * @global string $s
    8683         */
    8784        public function prepare_items() {
    88                 global $status, $totals, $page, $orderby, $order, $s;
     85                global $status, $totals, $page;
    8986
    90                 wp_reset_vars( array( 'orderby', 'order', 's' ) );
     87                $orderby = wp_assign_request_var('orderby');
     88                $order = wp_assign_request_var('order');
     89                $s = wp_assign_request_var('s');
    9190
    9291                $themes = array(
    9392                        /**
  • src/wp-admin/includes/class-wp-plugin-install-list-table.php

    diff --git a/src/wp-admin/includes/class-wp-plugin-install-list-table.php b/src/wp-admin/includes/class-wp-plugin-install-list-table.php
    index cd718360cb..65d8f7f0c6 100644
    a b class WP_Plugin_Install_List_Table extends WP_List_Table { 
    6565        /**
    6666         *
    6767         * @global array  $tabs
    68          * @global string $tab
    6968         * @global int    $paged
    7069         * @global string $type
    7170         * @global string $term
    class WP_Plugin_Install_List_Table extends WP_List_Table { 
    7372        public function prepare_items() {
    7473                include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
    7574
    76                 global $tabs, $tab, $paged, $type, $term;
     75                global $tabs, $paged, $type, $term;
    7776
    78                 wp_reset_vars( array( 'tab' ) );
     77                $tab = wp_assign_request_var('tab');
    7978
    8079                $paged = $this->get_pagenum();
    8180
  • src/wp-admin/includes/class-wp-plugins-list-table.php

    diff --git a/src/wp-admin/includes/class-wp-plugins-list-table.php b/src/wp-admin/includes/class-wp-plugins-list-table.php
    index 136fbd4c73..fd0a5af3db 100644
    a b class WP_Plugins_List_Table extends WP_List_Table { 
    6868         * @global array  $plugins
    6969         * @global array  $totals
    7070         * @global int    $page
    71          * @global string $orderby
    72          * @global string $order
    7371         * @global string $s
    7472         */
    7573        public function prepare_items() {
    76                 global $status, $plugins, $totals, $page, $orderby, $order, $s;
     74                global $status, $plugins, $totals, $page, $s;
    7775
    78                 wp_reset_vars( array( 'orderby', 'order' ) );
     76                $orderby = wp_assign_request_var('orderby');
     77                $order = wp_assign_request_var('order');
    7978
    8079                /**
    8180                 * Filters the full array of plugins to list in the Plugins list table.
  • src/wp-admin/includes/class-wp-theme-install-list-table.php

    diff --git a/src/wp-admin/includes/class-wp-theme-install-list-table.php b/src/wp-admin/includes/class-wp-theme-install-list-table.php
    index f459d67d1c..ecc3972e53 100644
    a b class WP_Theme_Install_List_Table extends WP_Themes_List_Table { 
    3030        /**
    3131         *
    3232         * @global array  $tabs
    33          * @global string $tab
    3433         * @global int    $paged
    3534         * @global string $type
    3635         * @global array  $theme_field_defaults
    class WP_Theme_Install_List_Table extends WP_Themes_List_Table { 
    3837        public function prepare_items() {
    3938                include( ABSPATH . 'wp-admin/includes/theme-install.php' );
    4039
    41                 global $tabs, $tab, $paged, $type, $theme_field_defaults;
    42                 wp_reset_vars( array( 'tab' ) );
     40                global $tabs, $paged, $type, $theme_field_defaults;
     41
     42                $tab = wp_assign_request_var('tab');
    4343
    4444                $search_terms = array();
    4545                $search_string = '';
  • src/wp-admin/includes/misc.php

    diff --git a/src/wp-admin/includes/misc.php b/src/wp-admin/includes/misc.php
    index 679b9ac5d6..fda896faff 100644
    a b function wp_reset_vars( $vars ) { 
    315315}
    316316
    317317/**
     318 * Return $_POST[ $var ] or $_GET[ $var ] value.
     319 *
     320 * This functions returns $_POST[ $var ] or $_GET[ $var ] value in this order
     321 * if they are not empty, otherwise it returns an empty string.
     322 *
     323 * @since 4.8.0
     324 *
     325 * @param  string $var The key of the array for getting value to return.
     326 *
     327 * @return mixed $_POST[ $var ] or $_GET[ $var ] value or an empty string.
     328 */
     329function wp_assign_request_var( $var ) {
     330        if ( empty( $_POST[ $var ] ) ) {
     331                if ( empty( $_GET[ $var ] ) ) {
     332                        return '';
     333                } else {
     334                        return $_GET[ $var ];
     335                }
     336        } else {
     337                return $_POST[ $var ];
     338        }
     339}
     340
     341/**
    318342 * Displays the given administration message.
    319343 *
    320344 * @since 2.1.0
  • src/wp-admin/link-add.php

    diff --git a/src/wp-admin/link-add.php b/src/wp-admin/link-add.php
    index 423c6680e5..f6e3704c49 100644
    a b if ( ! current_user_can('manage_links') ) 
    1515$title = __('Add New Link');
    1616$parent_file = 'link-manager.php';
    1717
    18 wp_reset_vars( array('action', 'cat_id', 'link_id' ) );
     18$action = wp_assign_request_var('action');
     19$cat_id = wp_assign_request_var('cat_id');
     20$link_id = wp_assign_request_var('link_id');
    1921
    2022wp_enqueue_script('link');
    2123wp_enqueue_script('xfn');
  • src/wp-admin/link.php

    diff --git a/src/wp-admin/link.php b/src/wp-admin/link.php
    index bcfe578fb0..1bb4d41f08 100644
    a b  
    1212/** Load WordPress Administration Bootstrap */
    1313require_once( dirname( __FILE__ ) . '/admin.php' );
    1414
    15 wp_reset_vars( array( 'action', 'cat_id', 'link_id' ) );
     15$action = wp_assign_request_var('action');
     16$cat_id = wp_assign_request_var('cat_id');
     17$link_id = wp_assign_request_var('link_id');
    1618
    1719if ( ! current_user_can('manage_links') )
    1820        wp_link_manager_disabled_message();
  • src/wp-admin/media.php

    diff --git a/src/wp-admin/media.php b/src/wp-admin/media.php
    index be3cecad98..d817cbb905 100644
    a b require_once( dirname( __FILE__ ) . '/admin.php' ); 
    1212$parent_file = 'upload.php';
    1313$submenu_file = 'upload.php';
    1414
    15 wp_reset_vars(array('action'));
     15$action = wp_assign_request_var('action');
    1616
    1717switch ( $action ) {
    1818case 'editattachment' :
  • src/wp-admin/options-head.php

    diff --git a/src/wp-admin/options-head.php b/src/wp-admin/options-head.php
    index bee3ae7e67..9f62499d8a 100644
    a b  
    88 * @subpackage Administration
    99 */
    1010
    11 wp_reset_vars( array( 'action' ) );
     11$action = wp_assign_request_var('action');
    1212
    1313if ( isset( $_GET['updated'] ) && isset( $_GET['page'] ) ) {
    1414        // For back-compat with plugins that don't use the Settings API and just set updated=1 in the redirect.
  • src/wp-admin/options.php

    diff --git a/src/wp-admin/options.php b/src/wp-admin/options.php
    index d2e1c0374f..f76077079c 100644
    a b $title = __('Settings'); 
    2222$this_file = 'options.php';
    2323$parent_file = 'options-general.php';
    2424
    25 wp_reset_vars(array('action', 'option_page'));
     25$action = wp_assign_request_var('action');
     26$option_page = wp_assign_request_var('option_page');
    2627
    2728$capability = 'manage_options';
    2829
  • src/wp-admin/post.php

    diff --git a/src/wp-admin/post.php b/src/wp-admin/post.php
    index cf2bee5790..58cfd2029e 100644
    a b require_once( dirname( __FILE__ ) . '/admin.php' ); 
    1414$parent_file = 'edit.php';
    1515$submenu_file = 'edit.php';
    1616
    17 wp_reset_vars( array( 'action' ) );
     17$action = wp_assign_request_var('action');
    1818
    1919if ( isset( $_GET['post'] ) )
    2020        $post_id = $post_ID = (int) $_GET['post'];
  • src/wp-admin/revision.php

    diff --git a/src/wp-admin/revision.php b/src/wp-admin/revision.php
    index c86f78a451..e1ccd8b1ab 100644
    a b require_once( dirname( __FILE__ ) . '/admin.php' ); 
    2020
    2121require ABSPATH . 'wp-admin/includes/revision.php';
    2222
    23 wp_reset_vars( array( 'revision', 'action', 'from', 'to' ) );
     23$revision = wp_assign_request_var('revision');
     24$action = wp_assign_request_var('action');
     25$from = wp_assign_request_var('from');
     26$to = wp_assign_request_var('to');
    2427
    2528$revision_id = absint( $revision );
    2629
  • src/wp-admin/theme-editor.php

    diff --git a/src/wp-admin/theme-editor.php b/src/wp-admin/theme-editor.php
    index 03b91944ea..f6c56fb471 100644
    a b get_current_screen()->set_help_sidebar( 
    4343        '<p>' . __('<a href="https://wordpress.org/support/">Support Forums</a>') . '</p>'
    4444);
    4545
    46 wp_reset_vars( array( 'action', 'error', 'file', 'theme' ) );
     46$action = wp_assign_request_var('action');
     47$error = wp_assign_request_var('error');
     48$file = wp_assign_request_var('file');
     49$theme = wp_assign_request_var('theme');
    4750
    4851if ( $theme ) {
    4952        $stylesheet = $theme;
  • src/wp-admin/theme-install.php

    diff --git a/src/wp-admin/theme-install.php b/src/wp-admin/theme-install.php
    index dd9ff500d1..29f1ad608b 100644
    a b  
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111require( ABSPATH . 'wp-admin/includes/theme-install.php' );
    1212
    13 wp_reset_vars( array( 'tab' ) );
     13$tab = wp_assign_request_var('tab');
    1414
    1515if ( ! current_user_can('install_themes') )
    1616        wp_die( __( 'Sorry, you are not allowed to install themes on this site.' ) );
  • src/wp-admin/themes.php

    diff --git a/src/wp-admin/themes.php b/src/wp-admin/themes.php
    index b73cd166d5..c64ecf5db9 100644
    a b if ( current_user_can( 'switch_themes' ) ) { 
    124124} else {
    125125        $themes = wp_prepare_themes_for_js( array( wp_get_theme() ) );
    126126}
    127 wp_reset_vars( array( 'theme', 'search' ) );
     127$theme = wp_assign_request_var('theme');
     128$search = wp_assign_request_var('search');
    128129
    129130wp_localize_script( 'theme', '_wpThemeSettings', array(
    130131        'themes'   => $themes,
  • src/wp-admin/user-edit.php

    diff --git a/src/wp-admin/user-edit.php b/src/wp-admin/user-edit.php
    index 80cef618e5..2b76f2279d 100644
    a b  
    99/** WordPress Administration Bootstrap */
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111
    12 wp_reset_vars( array( 'action', 'user_id', 'wp_http_referer' ) );
     12$action = wp_assign_request_var('action');
     13$user_id = wp_assign_request_var('user_id');
     14$wp_http_referer = wp_assign_request_var('wp_http_referer');
    1315
    1416$user_id = (int) $user_id;
    1517$current_user = wp_get_current_user();