WordPress.org

Make WordPress Core

Changeset 16847


Ignore:
Timestamp:
12/09/2010 06:02:54 PM (7 years ago)
Author:
nacin
Message:

Always exit after wp_redirect. props filosofo, fixes #15518.

Location:
trunk
Files:
28 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin.php

    r16412 r16847  
    179179        wp_die(__('You are not allowed to import.'));
    180180
    181     if ( validate_file($importer) )
     181    if ( validate_file($importer) ) {
    182182        wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
     183        exit;
     184    }
    183185
    184186    // Allow plugins to define importers as well
    185187    if ( !isset($wp_importers) || !isset($wp_importers[$importer]) || ! is_callable($wp_importers[$importer][2])) {
    186         if (! file_exists(ABSPATH . "wp-admin/import/$importer.php"))
     188        if (! file_exists(ABSPATH . "wp-admin/import/$importer.php")) {
    187189            wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
     190            exit;
     191        }
    188192        include(ABSPATH . "wp-admin/import/$importer.php");
    189193    }
  • trunk/wp-admin/includes/ms.php

    r16833 r16847  
    508508    if ( is_object( $blog ) ) {
    509509        wp_redirect( get_admin_url( $blog->blog_id, '?c=' . $c ) ); // redirect and count to 5, "just in case"
    510         exit;
    511510    } else {
    512511        wp_redirect( user_admin_url( '?c=' . $c ) ); // redirect and count to 5, "just in case"
    513512    }
    514 
    515     wp_die( __( 'You do not have sufficient permissions to access this page.' ) );
     513    exit;
    516514}
    517515add_action( 'admin_page_access_denied', 'redirect_user_to_blog', 99 );
  • trunk/wp-admin/link-manager.php

    r16776 r16847  
    3030
    3131        wp_redirect( add_query_arg('deleted', count( $bulklinks ), admin_url( 'link-manager.php' ) ) );
     32        exit;
    3233    }
    3334} elseif ( ! empty( $_REQUEST['_wp_http_referer'] ) ) {
  • trunk/wp-admin/media-upload.php

    r16661 r16847  
    5656
    5757        wp_redirect( admin_url($location) );
     58        exit;
    5859    }
    5960
  • trunk/wp-admin/moderation.php

    r16008 r16847  
    1010require_once('../wp-load.php');
    1111wp_redirect( admin_url('edit-comments.php?comment_status=moderated') );
     12exit;
    1213?>
  • trunk/wp-admin/ms-admin.php

    r15481 r16847  
    1111
    1212wp_redirect( network_admin_url() );
     13exit;
     14?>
  • trunk/wp-admin/ms-edit.php

    r15481 r16847  
    1111
    1212wp_redirect( network_admin_url() );
     13exit;
     14?>
  • trunk/wp-admin/ms-sites.php

    r15481 r16847  
    1111
    1212wp_redirect( network_admin_url('sites.php') );
     13exit;
     14
     15?>
  • trunk/wp-admin/ms-themes.php

    r15481 r16847  
    1111
    1212wp_redirect( network_admin_url('themes.php') );
     13exit;
     14?>
  • trunk/wp-admin/ms-upgrade-network.php

    r15481 r16847  
    1111
    1212wp_redirect( network_admin_url('upgrade.php') );
     13exit;
     14
     15?>
  • trunk/wp-admin/ms-users.php

    r15481 r16847  
    1111
    1212wp_redirect( network_admin_url('users.php') );
     13exit;
     14?>
  • trunk/wp-admin/network/admin.php

    r16272 r16847  
    1616    wp_die( __( 'Multisite support is not enabled.' ) );
    1717
    18 if ( ! is_main_site() )
     18if ( ! is_main_site() ) {
    1919    wp_redirect( network_admin_url() );
    20 
     20    exit;
     21}
    2122?>
  • trunk/wp-admin/network/edit.php

    r16774 r16847  
    1414    wp_die( __( 'Multisite support is not enabled.' ) );
    1515
    16 if ( empty( $_GET['action'] ) )
     16if ( empty( $_GET['action'] ) ) {
    1717    wp_redirect( admin_url( 'index.php' ) );
     18    exit;
     19}
    1820
    1921function confirm_delete_users( $users ) {
  • trunk/wp-admin/network/site-info.php

    r16833 r16847  
    5959    restore_current_blog();
    6060    wp_redirect( add_query_arg( array( 'update' => 'updated', 'id' => $id ), 'site-info.php') );
     61    exit;
    6162}
    6263
  • trunk/wp-admin/network/site-options.php

    r16833 r16847  
    4949    restore_current_blog();
    5050    wp_redirect( add_query_arg( array( 'update' => 'updated', 'id' => $id ), 'site-options.php') );
     51    exit;
    5152}
    5253
  • trunk/wp-admin/plugin-editor.php

    r16747 r16847  
    7171
    7272            wp_redirect(add_query_arg('_wpnonce', wp_create_nonce('edit-plugin-test_' . $file), "plugin-editor.php?file=$file&liveupdate=1&scrollto=$scrollto&networkwide=" . $network_wide));
    73             exit;
    7473        }
    7574        wp_redirect( self_admin_url("plugin-editor.php?file=$file&a=te&scrollto=$scrollto") );
  • trunk/wp-admin/post.php

    r16008 r16847  
    8686
    8787    wp_redirect( apply_filters( 'redirect_post_location', $location, $post_id ) );
     88    exit;
    8889}
    8990
     
    266267
    267268default:
    268         wp_redirect( admin_url('edit.php') );
     269    wp_redirect( admin_url('edit.php') );
    269270    exit();
    270271    break;
  • trunk/wp-admin/update-core.php

    r16747 r16847  
    367367    dismiss_core_update( $update );
    368368    wp_redirect( wp_nonce_url('update-core.php?action=upgrade-core', 'upgrade-core') );
     369    exit;
    369370}
    370371
     
    377378    undismiss_core_update( $version, $locale );
    378379    wp_redirect( wp_nonce_url('update-core.php?action=upgrade-core', 'upgrade-core') );
     380    exit;
    379381}
    380382
  • trunk/wp-admin/user/admin.php

    r15879 r16847  
    1212require_once( dirname(dirname(__FILE__)) . '/admin.php');
    1313
    14 if ( ! is_main_site() )
     14if ( ! is_main_site() ) {
    1515    wp_redirect( user_admin_url() );
    16 
     16    exit;
     17}
    1718?>
  • trunk/wp-atom.php

    r9158 r16847  
    99require( './wp-load.php' );
    1010wp_redirect( get_bloginfo( 'atom_url' ), 301 );
    11 
     11exit;
    1212?>
  • trunk/wp-comments-post.php

    r14473 r16847  
    102102
    103103wp_redirect($location);
    104 
     104exit;
    105105?>
  • trunk/wp-commentsrss2.php

    r9158 r16847  
    99require( './wp-load.php' );
    1010wp_redirect( get_bloginfo( 'comments_rss2_url' ), 301 );
    11 
     11exit;
    1212?>
  • trunk/wp-feed.php

    r14162 r16847  
    99require( './wp-load.php' );
    1010wp_redirect( get_bloginfo( get_default_feed() . '_url' ), 301 );
    11 
     11exit;
    1212?>
  • trunk/wp-pass.php

    r11022 r16847  
    1717
    1818wp_safe_redirect(wp_get_referer());
     19exit;
    1920?>
  • trunk/wp-rdf.php

    r9158 r16847  
    99require( './wp-load.php' );
    1010wp_redirect( get_bloginfo( 'rdf_url' ), 301 );
    11 
     11exit;
    1212?>
  • trunk/wp-register.php

    r16008 r16847  
    1212require('./wp-load.php');
    1313wp_redirect( site_url('wp-login.php?action=register') );
    14 
     14exit;
    1515?>
  • trunk/wp-rss.php

    r9158 r16847  
    99require( './wp-load.php' );
    1010wp_redirect( get_bloginfo( 'rss_url' ), 301 );
    11 
     11exit;
    1212?>
  • trunk/wp-rss2.php

    r9158 r16847  
    99require( './wp-load.php' );
    1010wp_redirect( get_bloginfo( 'rss2_url' ), 301 );
    11 
     11exit;
    1212?>
Note: See TracChangeset for help on using the changeset viewer.