WordPress.org

Make WordPress Core

Changeset 1727


Ignore:
Timestamp:
10/02/2004 12:46:30 AM (17 years ago)
Author:
emc3
Message:

Security: Clean up user inputs before using.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/upload.php

    r1576 r1727  
    8181<?php //Makes sure they choose a file
    8282
    83 //print_r($HTTP_POST_FILES);
     83//print_r($_FILES);
    8484//die();
    8585
    8686
    87     $imgalt = (isset($_POST['imgalt'])) ? $_POST['imgalt'] : $imgalt;
    88 
    89     $img1_name = (strlen($imgalt)) ? $_POST['imgalt'] : $HTTP_POST_FILES['img1']['name'];
    90     $img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $HTTP_POST_FILES['img1']['type'];
    91     $imgdesc = str_replace('"', '&amp;quot;', $_POST['imgdesc']);
     87    $imgalt = basename( (isset($_POST['imgalt'])) ? $_POST['imgalt'] : '' );
     88
     89    $img1_name = (strlen($imgalt)) ? $imgalt : basename( $_FILES['img1']['name'] );
     90    $img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $_FILES['img1']['type'];
     91    $imgdesc = htmlentities2($imgdesc);
    9292
    9393    $imgtype = explode(".",$img1_name);
     
    100100    if (strlen($imgalt)) {
    101101        $pathtofile = get_settings('fileupload_realpath')."/".$imgalt;
    102         $img1 = $_POST['img1'];
     102        $img1 = $_POST['img1']['tmp_name'];
    103103    } else {
    104104        $pathtofile = get_settings('fileupload_realpath')."/".$img1_name;
    105         $img1 = $HTTP_POST_FILES['img1']['tmp_name'];
     105        $img1 = $_FILES['img1']['tmp_name'];
    106106    }
    107107
     
    192192        }
    193193        elseif($_POST['thumbsize'] == 'custom') {
    194             $max_side = $_POST['imgthumbsizecustom'];
     194            $max_side = intval($_POST['imgthumbsizecustom']);
    195195        }
    196196       
  • trunk/wp-includes/functions.php

    r1726 r1727  
    17171717}
    17181718
     1719// Borrowed from the PHP Manual user notes. Convert entities, while
     1720// preserving already-encoded entities:
     1721function htmlentities2($myHTML) {
     1722    $translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
     1723    $translation_table[chr(38)] = '&';
     1724    return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&amp;" , strtr($myHTML, $translation_table));
     1725}
     1726
    17191727?>
Note: See TracChangeset for help on using the changeset viewer.