Ticket #4606: 4606.patch
File 4606.patch, 687 bytes (added by , 17 years ago) |
---|
-
wp-pass.php
7 7 // 10 days 8 8 setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); 9 9 10 wp_redirect(wp_get_referer()); 10 11 /* 12 * ensure to only redirect to pages on the same domain 13 * 14 * @see #4606 15 */ 16 $redirect_url = wp_get_referer(); 17 $bloghome_url = get_option('home'); 18 19 if (substr($redirect_url, 0, strlen($bloghome_url)) != $bloghome_url) { 20 wp_die('Request Error. Please contact the Administrator.'); 21 } else { 22 wp_redirect($redirect_url); 23 } 11 24 ?> 25 No newline at end of file