WordPress.org

Make WordPress Core

Changeset 18323


Ignore:
Timestamp:
06/20/11 14:58:50 (3 years ago)
Author:
westi
Message:

Ensure we have a valid timezone identifier before trying to use it.
Validate the new timezone identifier during option update.
Fixes #17840.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/options-general.php

    r17748 r18323  
    163163</select> 
    164164 
    165     <span id="utc-time"><?php printf(__('<abbr title="Coordinated Universal Time">UTC</abbr> time is <code>%s</code>'), date_i18n($timezone_format, false, 'gmt')); ?></span> 
     165    <span id="utc-time"><?php printf(__('<abbr title="Coordinated Universal Time">UTC</abbr> time is <code>%s</code>'), date_i18n($timezone_format, false, 'gmt')); ?></span> 
    166166<?php if ( get_option('timezone_string') || !empty($current_offset) ) : ?> 
    167167    <span id="local-time"><?php printf(__('Local time is <code>%1$s</code>'), date_i18n($timezone_format)); ?></span> 
     
    183183    <br /> 
    184184    <?php 
    185     if ( function_exists('timezone_transitions_get') ) { 
     185    $allowed_zones = timezone_identifiers_list(); 
     186     
     187    if ( in_array( $tzstring, $allowed_zones) ) { 
    186188        $found = false; 
    187189        $date_time_zone_selected = new DateTimeZone($tzstring); 
  • trunk/wp-includes/formatting.php

    r18159 r18323  
    25222522            break; 
    25232523 
     2524        case 'timezone_string': 
     2525            $allowed_zones = timezone_identifiers_list(); 
     2526            if ( ! in_array( $value, $allowed_zones ) && ! empty( $value ) ) { 
     2527                $value = get_option( $option ); // Resets option to stored value in the case of failed sanitization 
     2528                if ( function_exists('add_settings_error') ) 
     2529                    add_settings_error('timezone_string', 'invalid_timezone_string', __('The timezone you have entered is not valid. Please select a valid timezone.') ); 
     2530            } 
     2531            break; 
     2532 
    25242533        default : 
    25252534            $value = apply_filters("sanitize_option_{$option}", $value, $option); 
Note: See TracChangeset for help on using the changeset viewer.