diff --git src/wp-admin/includes/class-custom-background.php src/wp-admin/includes/class-custom-background.php
index 8027c6a2ce..89b786ad09 100644
|
|
|
class Custom_Background { |
| 536 | 536 | |
| 537 | 537 | $overrides = array( 'test_form' => false ); |
| 538 | 538 | |
| 539 | | $uploaded_file = $_FILES['import']; |
| | 539 | $uploaded_file = isset( $_FILES['import'] ) ? sanitize_text_field( wp_unslash( $_FILES['import'] ) ) : ''; |
| 540 | 540 | $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] ); |
| 541 | 541 | if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) { |
| 542 | 542 | wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) ); |
diff --git src/wp-admin/includes/class-custom-image-header.php src/wp-admin/includes/class-custom-image-header.php
index 54be1d90e4..6f4e01cd41 100644
|
|
|
endif; |
| 973 | 973 | public function step_2_manage_upload() { |
| 974 | 974 | $overrides = array( 'test_form' => false ); |
| 975 | 975 | |
| 976 | | $uploaded_file = $_FILES['import']; |
| | 976 | $uploaded_file = isset( $_FILES['import'] ) ? sanitize_text_field( wp_unslash( $_FILES['import'] ) ) : ''; |
| 977 | 977 | $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] ); |
| 978 | 978 | |
| 979 | 979 | if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) { |
diff --git src/wp-admin/includes/class-wp-ms-themes-list-table.php src/wp-admin/includes/class-wp-ms-themes-list-table.php
index 70187f44d4..e7fc161086 100644
|
|
|
class WP_MS_Themes_List_Table extends WP_List_Table { |
| 267 | 267 | public function _search_callback( $theme ) { |
| 268 | 268 | static $term = null; |
| 269 | 269 | if ( is_null( $term ) ) { |
| 270 | | $term = wp_unslash( $_REQUEST['s'] ); |
| | 270 | $term = isset( $_REQUEST['s'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['s'] ) ) : ''; |
| 271 | 271 | } |
| 272 | 272 | |
| 273 | 273 | foreach ( array( 'Name', 'Description', 'Author', 'Author', 'AuthorURI' ) as $field ) { |
diff --git src/wp-admin/includes/media.php src/wp-admin/includes/media.php
index 5c0b5d0b38..7d614aeae6 100644
|
|
|
function wp_media_upload_handler() { |
| 887 | 887 | } |
| 888 | 888 | |
| 889 | 889 | if ( ! empty( $_POST['insertonlybutton'] ) ) { |
| 890 | | $src = $_POST['src']; |
| | 890 | $src = isset( $_POST['src'] ) ? $_POST['src'] : ''; |
| 891 | 891 | |
| 892 | 892 | if ( ! empty( $src ) && ! strpos( $src, '://' ) ) { |
| 893 | 893 | $src = "http://$src"; |
| 894 | 894 | } |
| 895 | 895 | |
| 896 | 896 | if ( isset( $_POST['media_type'] ) && 'image' !== $_POST['media_type'] ) { |
| 897 | | $title = esc_html( wp_unslash( $_POST['title'] ) ); |
| | 897 | $title = isset( $_POST['title'] ) ? esc_html( wp_unslash( $_POST['title'] ) ) : ''; |
| 898 | 898 | if ( empty( $title ) ) { |
| 899 | 899 | $title = esc_html( wp_basename( $src ) ); |
| 900 | 900 | } |
| … |
… |
function wp_media_upload_handler() { |
| 934 | 934 | $html = apply_filters( "{$type}_send_to_editor_url", $html, sanitize_url( $src ), $title ); |
| 935 | 935 | } else { |
| 936 | 936 | $align = ''; |
| 937 | | $alt = esc_attr( wp_unslash( $_POST['alt'] ) ); |
| | 937 | $alt = isset( $_POST['alt'] ) ? esc_attr( wp_unslash( $_POST['alt'] ) ) : ''; |
| 938 | 938 | |
| 939 | 939 | if ( isset( $_POST['align'] ) ) { |
| 940 | 940 | $align = esc_attr( wp_unslash( $_POST['align'] ) ); |
| … |
… |
function media_upload_gallery_form( $errors ) { |
| 2557 | 2557 | $redir_tab = 'gallery'; |
| 2558 | 2558 | media_upload_header(); |
| 2559 | 2559 | |
| 2560 | | $post_id = (int) $_REQUEST['post_id']; |
| | 2560 | $post_id = isset( $_REQUEST['post_id'] ) ? (int) $_REQUEST['post_id'] : ''; |
| 2561 | 2561 | $form_action_url = admin_url( "media-upload.php?type=$type&tab=gallery&post_id=$post_id" ); |
| 2562 | 2562 | /** This filter is documented in wp-admin/includes/media.php */ |
| 2563 | 2563 | $form_action_url = apply_filters( 'media_upload_form_url', $form_action_url, $type ); |