WordPress.org

Make WordPress Core

Ticket #38073: 38073.3.patch

File 38073.3.patch, 13.1 KB (added by killua99, 2 years ago)
  • src/wp-admin/comment.php

    diff --git src/wp-admin/comment.php src/wp-admin/comment.php
    index c2eca11ec3..aabd361cb7 100644
    $submenu_file = 'edit-comments.php'; 
    1616 * @global string $action
    1717 */
    1818global $action;
    19 wp_reset_vars( array('action') );
     19
     20if ( isset( $_REQUEST['action'] ) ) {
     21        $action = sanitize_text_field( $_REQUEST['action'] );
     22}
    2023
    2124if ( isset( $_POST['deletecomment'] ) )
    2225        $action = 'deletecomment';
  • src/wp-admin/customize.php

    diff --git src/wp-admin/customize.php src/wp-admin/customize.php
    index f1bf8aa9a1..cfb2b01195 100644
    if ( $wp_customize->changeset_post_id() ) { 
    4444        }
    4545}
    4646
     47if ( isset( $_REQUEST['url'] ) ) {
     48        $url = sanitize_text_field( $_REQUEST['url'] );
     49}
     50
     51if ( isset( $_REQUEST['return'] ) ) {
     52        $return = sanitize_text_field( $_REQUEST['return'] );
     53}
     54
     55if ( isset( $_REQUEST['autofocus'] ) ) {
     56        $autofocus = sanitize_text_field( $_REQUEST['autofocus'] );
     57}
    4758
    48 wp_reset_vars( array( 'url', 'return', 'autofocus' ) );
    4959if ( ! empty( $url ) ) {
    5060        $wp_customize->set_preview_url( wp_unslash( $url ) );
    5161}
  • src/wp-admin/edit-tag-form.php

    diff --git src/wp-admin/edit-tag-form.php src/wp-admin/edit-tag-form.php
    index e3fb222bc9..0ad8e64cbb 100644
    if ( 'category' == $taxonomy ) { 
    4444        do_action( 'edit_tag_form_pre', $tag );
    4545}
    4646
    47 /**
    48  * Use with caution, see https://codex.wordpress.org/Function_Reference/wp_reset_vars
    49  */
    50 wp_reset_vars( array( 'wp_http_referer' ) );
     47if ( isset( $_REQUEST['wp_http_referer'] ) ) {
     48        $wp_http_referer = sanitize_text_field( $_REQUEST['wp_http_referer'] );
     49}
    5150
    5251$wp_http_referer = remove_query_arg( array( 'action', 'message', 'tag_ID' ), $wp_http_referer );
    5352
  • src/wp-admin/includes/class-wp-links-list-table.php

    diff --git src/wp-admin/includes/class-wp-links-list-table.php src/wp-admin/includes/class-wp-links-list-table.php
    index 0c241215a2..c10494d4d9 100644
    class WP_Links_List_Table extends WP_List_Table { 
    5151        public function prepare_items() {
    5252                global $cat_id, $s, $orderby, $order;
    5353
    54                 wp_reset_vars( array( 'action', 'cat_id', 'link_id', 'orderby', 'order', 's' ) );
     54                if ( isset( $_REQUEST['action'] ) ) {
     55                        $action = sanitize_text_field( $_REQUEST['action'] );
     56                }
     57
     58                if ( isset( $_REQUEST['cat_id'] ) ) {
     59                        $cat_id = sanitize_text_field( $_REQUEST['cat_id'] );
     60                }
     61
     62                if ( isset( $_REQUEST['link_id'] ) ) {
     63                        $link_id = sanitize_text_field( $_REQUEST['link_id'] );
     64                }
     65
     66                if ( isset( $_REQUEST['orderby'] ) ) {
     67                        $orderby = sanitize_text_field( $_REQUEST['orderby'] );
     68                }
     69
     70                if ( isset( $_REQUEST['order'] ) ) {
     71                        $order = sanitize_text_field( $_REQUEST['order'] );
     72                }
     73
     74                if ( isset( $_REQUEST['s'] ) ) {
     75                        $s = sanitize_text_field( $_REQUEST['s'] );
     76                }
    5577
    5678                $args = array( 'hide_invisible' => 0, 'hide_empty' => 0 );
    5779
  • src/wp-admin/includes/class-wp-ms-themes-list-table.php

    diff --git src/wp-admin/includes/class-wp-ms-themes-list-table.php src/wp-admin/includes/class-wp-ms-themes-list-table.php
    index fc618f0993..977adca34c 100644
    class WP_MS_Themes_List_Table extends WP_List_Table { 
    8686        public function prepare_items() {
    8787                global $status, $totals, $page, $orderby, $order, $s;
    8888
    89                 wp_reset_vars( array( 'orderby', 'order', 's' ) );
     89                if ( isset( $_REQUEST['orderby'] ) ) {
     90                        $orderby = sanitize_text_field( $_REQUEST['orderby'] );
     91                }
     92
     93                if ( isset( $_REQUEST['order'] ) ) {
     94                        $order = sanitize_text_field( $_REQUEST['order'] );
     95                }
     96
     97                if ( isset( $_REQUEST['s'] ) ) {
     98                        $s = sanitize_text_field( $_REQUEST['s'] );
     99                }
    90100
    91101                $themes = array(
    92102                        /**
  • src/wp-admin/includes/class-wp-plugin-install-list-table.php

    diff --git src/wp-admin/includes/class-wp-plugin-install-list-table.php src/wp-admin/includes/class-wp-plugin-install-list-table.php
    index 99dd1c74cf..d7dd65f7ac 100644
    class WP_Plugin_Install_List_Table extends WP_List_Table { 
    7474
    7575                global $tabs, $tab, $paged, $type, $term;
    7676
    77                 wp_reset_vars( array( 'tab' ) );
     77                if ( isset( $_REQUEST['tab'] ) ) {
     78                        $tab = sanitize_text_field( $_REQUEST['tab'] );
     79                }
    7880
    7981                $paged = $this->get_pagenum();
    8082
  • src/wp-admin/includes/class-wp-plugins-list-table.php

    diff --git src/wp-admin/includes/class-wp-plugins-list-table.php src/wp-admin/includes/class-wp-plugins-list-table.php
    index 41b36d45d7..d4e6e198c3 100644
    class WP_Plugins_List_Table extends WP_List_Table { 
    7474        public function prepare_items() {
    7575                global $status, $plugins, $totals, $page, $orderby, $order, $s;
    7676
    77                 wp_reset_vars( array( 'orderby', 'order' ) );
     77                if ( isset( $_REQUEST['orderby'] ) ) {
     78                        $orderby = sanitize_text_field( $_REQUEST['orderby'] );
     79                }
     80
     81                if ( isset( $_REQUEST['order'] ) ) {
     82                        $order = sanitize_text_field( $_REQUEST['order'] );
     83                }
    7884
    7985                /**
    8086                 * Filters the full array of plugins to list in the Plugins list table.
  • src/wp-admin/includes/class-wp-theme-install-list-table.php

    diff --git src/wp-admin/includes/class-wp-theme-install-list-table.php src/wp-admin/includes/class-wp-theme-install-list-table.php
    index c1cd88d5cb..1a630e38bf 100644
    class WP_Theme_Install_List_Table extends WP_Themes_List_Table { 
    3939                include( ABSPATH . 'wp-admin/includes/theme-install.php' );
    4040
    4141                global $tabs, $tab, $paged, $type, $theme_field_defaults;
    42                 wp_reset_vars( array( 'tab' ) );
     42
     43                if ( isset( $_REQUEST['tab'] ) ) {
     44                        $tab = sanitize_text_field( $_REQUEST['tab'] );
     45                }
    4346
    4447                $search_terms = array();
    4548                $search_string = '';
  • src/wp-admin/includes/misc.php

    diff --git src/wp-admin/includes/misc.php src/wp-admin/includes/misc.php
    index 679b9ac5d6..a046941e49 100644
    function update_home_siteurl( $old_value, $value ) { 
    299299 * @since 2.0.0
    300300 *
    301301 * @param array $vars An array of globals to reset.
     302 *
     303 * @deprecated in WordPress 4.9 and will be removed before WordPress 5.0.
     304 *   Use sanitize_text_field().
    302305 */
    303306function wp_reset_vars( $vars ) {
    304307        foreach ( $vars as $var ) {
  • src/wp-admin/link-add.php

    diff --git src/wp-admin/link-add.php src/wp-admin/link-add.php
    index 423c6680e5..2a021421ef 100644
    if ( ! current_user_can('manage_links') ) 
    1515$title = __('Add New Link');
    1616$parent_file = 'link-manager.php';
    1717
    18 wp_reset_vars( array('action', 'cat_id', 'link_id' ) );
     18if ( isset( $_REQUEST['action'] ) ) {
     19        $action = sanitize_text_field( $_REQUEST['action'] );
     20}
     21
     22if ( isset( $_REQUEST['cat_id'] ) ) {
     23        $cat_id = sanitize_text_field( $_REQUEST['cat_id'] );
     24}
     25
     26if ( isset( $_REQUEST['link_id'] ) ) {
     27        $link_id = sanitize_text_field( $_REQUEST['link_id'] );
     28}
    1929
    2030wp_enqueue_script('link');
    2131wp_enqueue_script('xfn');
  • src/wp-admin/link.php

    diff --git src/wp-admin/link.php src/wp-admin/link.php
    index bcfe578fb0..6547ae63da 100644
     
    1212/** Load WordPress Administration Bootstrap */
    1313require_once( dirname( __FILE__ ) . '/admin.php' );
    1414
    15 wp_reset_vars( array( 'action', 'cat_id', 'link_id' ) );
     15if ( isset( $_REQUEST['action'] ) ) {
     16        $action = sanitize_text_field( $_REQUEST['action'] );
     17}
     18
     19if ( isset( $_REQUEST['cat_id'] ) ) {
     20        $cat_id = sanitize_text_field( $_REQUEST['cat_id'] );
     21}
     22
     23if ( isset( $_REQUEST['link_id'] ) ) {
     24        $link_id = sanitize_text_field( $_REQUEST['link_id'] );
     25}
    1626
    1727if ( ! current_user_can('manage_links') )
    1828        wp_link_manager_disabled_message();
  • src/wp-admin/media.php

    diff --git src/wp-admin/media.php src/wp-admin/media.php
    index be3cecad98..2515fbe738 100644
    require_once( dirname( __FILE__ ) . '/admin.php' ); 
    1212$parent_file = 'upload.php';
    1313$submenu_file = 'upload.php';
    1414
    15 wp_reset_vars(array('action'));
     15if ( isset( $_REQUEST['action'] ) ) {
     16        $action = sanitize_text_field( $_REQUEST['action'] );
     17}
    1618
    1719switch ( $action ) {
    1820case 'editattachment' :
  • src/wp-admin/options-head.php

    diff --git src/wp-admin/options-head.php src/wp-admin/options-head.php
    index bee3ae7e67..d0d5b1ef5b 100644
     
    88 * @subpackage Administration
    99 */
    1010
    11 wp_reset_vars( array( 'action' ) );
     11if ( isset( $_REQUEST['action'] ) ) {
     12        $action = sanitize_text_field( $_REQUEST['action'] );
     13}
    1214
    1315if ( isset( $_GET['updated'] ) && isset( $_GET['page'] ) ) {
    1416        // For back-compat with plugins that don't use the Settings API and just set updated=1 in the redirect.
  • src/wp-admin/options.php

    diff --git src/wp-admin/options.php src/wp-admin/options.php
    index d2e1c0374f..f030e8a7d5 100644
    $title = __('Settings'); 
    2222$this_file = 'options.php';
    2323$parent_file = 'options-general.php';
    2424
    25 wp_reset_vars(array('action', 'option_page'));
     25if ( isset( $_REQUEST['action'] ) ) {
     26        $action = sanitize_text_field( $_REQUEST['action'] );
     27}
     28
     29if ( isset( $_REQUEST['option_page'] ) ) {
     30        $option_page = sanitize_text_field( $_REQUEST['option_page'] );
     31}
    2632
    2733$capability = 'manage_options';
    2834
  • src/wp-admin/post.php

    diff --git src/wp-admin/post.php src/wp-admin/post.php
    index cf2bee5790..dd4e8b9c4d 100644
    require_once( dirname( __FILE__ ) . '/admin.php' ); 
    1414$parent_file = 'edit.php';
    1515$submenu_file = 'edit.php';
    1616
    17 wp_reset_vars( array( 'action' ) );
     17if ( isset( $_REQUEST['action'] ) ) {
     18        $action = sanitize_text_field( $_REQUEST['action'] );
     19}
    1820
    1921if ( isset( $_GET['post'] ) )
    2022        $post_id = $post_ID = (int) $_GET['post'];
  • src/wp-admin/revision.php

    diff --git src/wp-admin/revision.php src/wp-admin/revision.php
    index c86f78a451..3634eba234 100644
    require_once( dirname( __FILE__ ) . '/admin.php' ); 
    2020
    2121require ABSPATH . 'wp-admin/includes/revision.php';
    2222
    23 wp_reset_vars( array( 'revision', 'action', 'from', 'to' ) );
     23if ( isset( $_REQUEST['revision'] ) ) {
     24        $revision = sanitize_text_field( $_REQUEST['revision'] );
     25}
     26
     27if ( isset( $_REQUEST['action'] ) ) {
     28        $action = sanitize_text_field( $_REQUEST['action'] );
     29}
     30
     31if ( isset( $_REQUEST['from'] ) ) {
     32        $from = sanitize_text_field( $_REQUEST['from'] );
     33}
     34
     35if ( isset( $_REQUEST['to'] ) ) {
     36        $to = sanitize_text_field( $_REQUEST['to'] );
     37}
    2438
    2539$revision_id = absint( $revision );
    2640
  • src/wp-admin/theme-editor.php

    diff --git src/wp-admin/theme-editor.php src/wp-admin/theme-editor.php
    index 03b91944ea..919befa93e 100644
    get_current_screen()->set_help_sidebar( 
    4343        '<p>' . __('<a href="https://wordpress.org/support/">Support Forums</a>') . '</p>'
    4444);
    4545
    46 wp_reset_vars( array( 'action', 'error', 'file', 'theme' ) );
     46if ( isset( $_REQUEST['action'] ) ) {
     47        $action = sanitize_text_field( $_REQUEST['action'] );
     48}
     49
     50if ( isset( $_REQUEST['error'] ) ) {
     51        $error = sanitize_text_field( $_REQUEST['error'] );
     52}
     53
     54if ( isset( $_REQUEST['file'] ) ) {
     55        $file = sanitize_text_field( $_REQUEST['file'] );
     56}
     57
     58if ( isset( $_REQUEST['theme'] ) ) {
     59        $theme = sanitize_text_field( $_REQUEST['theme'] );
     60}
    4761
    4862if ( $theme ) {
    4963        $stylesheet = $theme;
  • src/wp-admin/theme-install.php

    diff --git src/wp-admin/theme-install.php src/wp-admin/theme-install.php
    index dd9ff500d1..50ed4424b9 100644
     
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111require( ABSPATH . 'wp-admin/includes/theme-install.php' );
    1212
    13 wp_reset_vars( array( 'tab' ) );
     13if ( isset( $_REQUEST['tab'] ) ) {
     14        $tab = sanitize_text_field( $_REQUEST['tab'] );
     15}
    1416
    1517if ( ! current_user_can('install_themes') )
    1618        wp_die( __( 'Sorry, you are not allowed to install themes on this site.' ) );
  • src/wp-admin/themes.php

    diff --git src/wp-admin/themes.php src/wp-admin/themes.php
    index b73cd166d5..6dcf875029 100644
    if ( current_user_can( 'switch_themes' ) ) { 
    124124} else {
    125125        $themes = wp_prepare_themes_for_js( array( wp_get_theme() ) );
    126126}
    127 wp_reset_vars( array( 'theme', 'search' ) );
     127
     128if ( isset( $_REQUEST['theme'] ) ) {
     129        $theme = sanitize_text_field( $_REQUEST['theme'] );
     130}
     131
     132if ( isset( $_REQUEST['search'] ) ) {
     133        $search = sanitize_text_field( $_REQUEST['search'] );
     134}
    128135
    129136wp_localize_script( 'theme', '_wpThemeSettings', array(
    130137        'themes'   => $themes,
  • src/wp-admin/user-edit.php

    diff --git src/wp-admin/user-edit.php src/wp-admin/user-edit.php
    index e034163da4..e7c8c77c6b 100644
     
    99/** WordPress Administration Bootstrap */
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111
    12 wp_reset_vars( array( 'action', 'user_id', 'wp_http_referer' ) );
     12if ( isset( $_REQUEST['action'] ) ) {
     13        $action = sanitize_text_field( $_REQUEST['action'] );
     14}
     15
     16if ( isset( $_REQUEST['user_id'] ) ) {
     17        $user_id = sanitize_text_field( $_REQUEST['user_id'] );
     18}
     19
     20if ( isset( $_REQUEST['wp_http_referer'] ) ) {
     21        $wp_http_referer = sanitize_text_field( $_REQUEST['wp_http_referer'] );
     22}
    1323
    1424$user_id = (int) $user_id;
    1525$current_user = wp_get_current_user();