WordPress.org

Make WordPress Core

Ticket #4606: 4606.002.diff

File 4606.002.diff, 1.8 KB (added by markjaquith, 12 years ago)

introducing wp_safe_redirect()

  • wp-pass.php

     
    77// 10 days
    88setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
    99
    10 wp_redirect(wp_get_referer());
     10wp_safe_redirect(wp_get_referer());
    1111?>
     12 No newline at end of file
  • wp-login.php

     
    7878        if ( isset( $_REQUEST['redirect_to'] ) )
    7979                $redirect_to = $_REQUEST['redirect_to'];
    8080
    81         wp_redirect($redirect_to);
     81        wp_safe_redirect($redirect_to);
    8282        exit();
    8383
    8484break;
     
    324324                        if ( !$using_cookie )
    325325                                wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
    326326                        do_action('wp_login', $user_login);
    327                         wp_redirect($redirect_to);
     327                        wp_safe_redirect($redirect_to);
    328328                        exit();
    329329                } else {
    330330                        if ( $using_cookie )
  • wp-includes/pluggable.php

     
    399399}
    400400endif;
    401401
     402if ( !function_exists('wp_safe_redirect') ) :
     403/**
     404 * performs a safe (local) redirect, using wp_redirect()
     405 * @return void
     406 **/
     407function wp_safe_redirect($location, $status = 302) {
     408        if ( $location{0} == '/' ) {
     409                if ( $location{1} == '/' )
     410                        $location = get_option('home') . '/';
     411        } else {
     412                if ( substr($location, 0, strlen(get_option('home'))) != get_option('home') )
     413                        $location = get_option('home') . '/';
     414        }
     415
     416        wp_redirect($location, $status);
     417}
     418endif;
     419
    402420if ( !function_exists('wp_get_cookie_login') ):
    403421function wp_get_cookie_login() {
    404422        if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) )