Ticket #7502: theme.php.8622.diff
| File theme.php.8622.diff, 1.1 KB (added by , 18 years ago) |
|---|
-
theme.php
517 517 if ( !current_user_can( 'switch_themes' ) ) 518 518 return; 519 519 520 $_GET[ template] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET[template]);520 $_GET['template'] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET['template']); 521 521 522 if ( validate_file($_GET[ template]) )522 if ( validate_file($_GET['template']) ) 523 523 return; 524 524 525 add_filter('template', create_function('', "return ' $_GET[template]';") );525 add_filter('template', create_function('', "return '{$_GET['template']}';") ); 526 526 527 527 if ( isset($_GET['stylesheet']) ) { 528 $_GET[ stylesheet] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET[stylesheet]);529 if ( validate_file($_GET[ stylesheet]) )528 $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET['stylesheet']); 529 if ( validate_file($_GET['stylesheet']) ) 530 530 return; 531 add_filter('stylesheet', create_function('', "return ' $_GET[stylesheet]';") );531 add_filter('stylesheet', create_function('', "return '{$_GET['stylesheet']}';") ); 532 532 } 533 533 534 534 ob_start( 'preview_theme_ob_filter' );