WordPress.org

Make WordPress Core

Ticket #9244: theme-preview-bug.diff

File theme-preview-bug.diff, 927 bytes (added by chrisbliss18, 5 years ago)
  • wp-includes/theme.php

     
    849849        if ( !current_user_can( 'switch_themes' ) ) 
    850850                return; 
    851851 
    852         $_GET['template'] = preg_replace('|[^a-z0-9_.-/]|i', '', $_GET['template']); 
     852        $_GET['template'] = preg_replace('|[^a-z0-9_.\-/]|i', '', $_GET['template']); 
    853853 
    854854        if ( validate_file($_GET['template']) ) 
    855855                return; 
     
    857857        add_filter('template', create_function('', "return '{$_GET['template']}';") ); 
    858858 
    859859        if ( isset($_GET['stylesheet']) ) { 
    860                 $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.-/]|i', '', $_GET['stylesheet']); 
     860                $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.\-/]|i', '', $_GET['stylesheet']); 
    861861                if ( validate_file($_GET['stylesheet']) ) 
    862862                        return; 
    863863                add_filter('stylesheet', create_function('', "return '{$_GET['stylesheet']}';") );