WordPress.org

Make WordPress Core

Ticket #9244: less_confusing.9244.diff

File less_confusing.9244.diff, 927 bytes (added by filosofo, 9 years ago)
  • wp-includes/theme.php

     
    849849        if ( !current_user_can( 'switch_themes' ) )
    850850                return;
    851851
    852         $_GET['template'] = preg_replace('|[^a-z0-9_.\-/]|i', '', $_GET['template']);
     852        $_GET['template'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['template']);
    853853
    854854        if ( validate_file($_GET['template']) )
    855855                return;
     
    857857        add_filter('template', create_function('', "return '{$_GET['template']}';") );
    858858
    859859        if ( isset($_GET['stylesheet']) ) {
    860                 $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.\-/]|i', '', $_GET['stylesheet']);
     860                $_GET['stylesheet'] = preg_replace('|[^a-z0-9_./-]|i', '', $_GET['stylesheet']);
    861861                if ( validate_file($_GET['stylesheet']) )
    862862                        return;
    863863                add_filter('stylesheet', create_function('', "return '{$_GET['stylesheet']}';") );