WordPress.org

Make WordPress Core

Ticket #9402: more_more_validation_fixes.patch

File more_more_validation_fixes.patch, 5.8 KB (added by simek, 5 years ago)
  • includes/plugin-install.php

     
    138138        $tags = array(); 
    139139        foreach ( (array)$api_tags as $tag ) 
    140140                $tags[ $tag['name'] ] = (object) array( 
    141                                                                 'link' => clean_url( admin_url('plugin-install.php?tab=search&type=tag&s=' . urlencode($tag['name'])) ), 
     141                                                                'link' => clean_url( admin_url('plugin-install.php?tab=search&type=tag&s=' . urlencode($tag['name'])) ), 
    142142                                                                'name' => $tag['name'], 
    143143                                                                'id' => sanitize_title_with_dashes($tag['name']), 
    144144                                                                'count' => $tag['count'] ); 
  • includes/plugin.php

     
    406406                $checked[] = 'checked[]=' . $plugin; 
    407407 
    408408        ob_start(); 
    409         $url = wp_nonce_url('plugins.php?action=delete-selected&verify-delete=1&' . implode('&', $checked), 'bulk-manage-plugins'); 
     409        $url = wp_nonce_url('plugins.php?action=delete-selected&verify-delete=1&' . implode('&', $checked), 'bulk-manage-plugins'); 
    410410        if ( false === ($credentials = request_filesystem_credentials($url)) ) { 
    411411                $data = ob_get_contents(); 
    412412                ob_end_clean(); 
  • includes/post.php

     
    800800 
    801801        $post_status_q = ''; 
    802802        if ( isset($q['post_status']) && in_array( $q['post_status'], array_keys($post_stati) ) ) { 
    803                 $post_status_q = '&post_status=' . $q['post_status']; 
    804                 $post_status_q .= '&perm=readable'; 
     803                $post_status_q = '&post_status=' . $q['post_status']; 
     804                $post_status_q .= '&perm=readable'; 
    805805        } 
    806806 
    807807        if ( isset($q['post_status']) && 'pending' === $q['post_status'] ) { 
     
    820820                $posts_per_page = 15; 
    821821        $posts_per_page = apply_filters('edit_posts_per_page', $posts_per_page); 
    822822 
    823         wp("post_type=post&what_to_show=posts$post_status_q&posts_per_page=$posts_per_page&order=$order&orderby=$orderby"); 
     823        wp("post_type=post&what_to_show=posts$post_status_q&posts_per_page=$posts_per_page&order=$order&orderby=$orderby"); 
    824824 
    825825        return array($post_stati, $avail_post_stati); 
    826826} 
     
    13541354 
    13551355<?php 
    13561356        if ( $concatenate_scripts ) 
    1357                 echo "<script type='text/javascript' src='$baseurl/wp-tinymce.php?c=$zip&ver=$ver'></script>\n"; 
     1357                echo "<script type='text/javascript' src='$baseurl/wp-tinymce.php?c=$zip&amp;ver=$ver'></script>\n"; 
    13581358        else 
    13591359                echo "<script type='text/javascript' src='$baseurl/tiny_mce.js?ver=$ver'></script>\n"; 
    13601360 
  • includes/template.php

     
    501501                $args['popular_cats'] = get_terms( 'category', array( 'fields' => 'ids', 'orderby' => 'count', 'order' => 'DESC', 'number' => 10, 'hierarchical' => false ) ); 
    502502 
    503503        if ( $descendants_and_self ) { 
    504                 $categories = get_categories( "child_of=$descendants_and_self&hierarchical=0&hide_empty=0" ); 
     504                $categories = get_categories( "child_of=$descendants_and_self&amp;hierarchical=0&amp;hide_empty=0" ); 
    505505                $self = get_category( $descendants_and_self ); 
    506506                array_unshift( $categories, $self ); 
    507507        } else { 
     
    598598                $checked_categories[] = $default; 
    599599        } 
    600600 
    601         $categories = get_terms('link_category', 'orderby=count&hide_empty=0'); 
     601        $categories = get_terms('link_category', 'orderby=count&amp;hide_empty=0'); 
    602602 
    603603        if ( empty($categories) ) 
    604604                return; 
     
    20602060        else 
    20612061                $ptime = mysql2date(__('Y/m/d \a\t g:i A'), $comment->comment_date ); 
    20622062 
    2063         $delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
    2064         $approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$post->ID&c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); 
    2065         $unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$post->ID&c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); 
    2066         $spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
     2063        $delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&amp;p=$post->ID&amp;c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
     2064        $approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&amp;p=$post->ID&amp;c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); 
     2065        $unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&amp;p=$post->ID&amp;c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); 
     2066        $spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&amp;dt=spam&amp;p=$post->ID&amp;c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
    20672067 
    20682068        echo "<tr id='comment-$comment->comment_ID' class='$the_comment_status'>"; 
    20692069        $columns = get_column_headers('edit-comments'); 
  • includes/theme-install.php

     
    154154        $tags = array(); 
    155155        foreach ( (array)$api_tags as $tag ) { 
    156156                $tags[ $tag['name'] ] = (object) array( 
    157                                                                 'link' => clean_url( admin_url('theme-install.php?tab=search&type=tag&s=' . urlencode($tag['name'])) ), 
     157                                                                'link' => clean_url( admin_url('theme-install.php?tab=search&amp;type=tag&amp;s=' . urlencode($tag['name'])) ), 
    158158                                                                'name' => $tag['name'], 
    159159                                                                'id' => sanitize_title_with_dashes($tag['name']), 
    160160                                                                'count' => $tag['count'] );