Changeset 18346

Timestamp:

06/27/2011 03:56:42 PM (14 years ago)

Author:

ryan

Message:

Hardening. Santizers for WPLANG and new_admin_email. Prevent stomping ID and filter. Validate locale filename. Props westi.

Location:

trunk

Files:

• wp-admin/custom-header.php (modified) (1 diff)
• wp-admin/includes/media.php (modified) (2 diffs)
• wp-admin/includes/post.php (modified) (2 diffs)
• wp-admin/options-general.php (modified) (1 diff)
• wp-includes/formatting.php (modified) (2 diffs)
• wp-settings.php (modified) (1 diff)

trunk/wp-admin/custom-header.php

@@ -647 +647 @@
         'post_mime_type' => $type,
         'guid' => $url,
-        'context' => 'custom-header');
+        'context' => 'custom-header'
+        );
 
         // Save the data

trunk/wp-admin/includes/media.php

@@ -229 +229 @@
     ), $post_data );
 
+    // This should never be set as it would then overwrite an existing attachment.
+    if ( isset( $attachment['ID'] ) )
+        unset( $attachment['ID'] );
+
     // Save the data
     $id = wp_insert_attachment($attachment, $file, $post_id);
@@ -281 +285 @@
         'post_content' => $content,
     ), $post_data );
+
+    // This should never be set as it would then overwrite an existing attachment.
+    if ( isset( $attachment['ID'] ) )
+        unset( $attachment['ID'] );
 
     // Save the attachment metadata

trunk/wp-admin/includes/post.php

@@ -142 +142 @@
     if ( empty($post_data) )
         $post_data = &$_POST;
+
+    // Clear out any data in internal vars.
+    if ( isset( $post_data['filter'] ) )
+        unset( $post_data['filter'] );
 
     $post_ID = (int) $post_data['post_ID'];
@@ -559 +563 @@
             return edit_post();
         }
+    }
+
+    // Edit don't write if we have a post id.
+    if ( isset( $_POST['ID'] ) ) {
+        $_POST['post_ID'] = $_POST['ID'];
+        unset ( $_POST['ID'] );
+    }
+    if ( isset( $_POST['post_ID'] ) ) {
+        return edit_post();
     }
 

trunk/wp-admin/options-general.php

@@ -128 +128 @@
 if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?>
 <div class="updated inline">
-<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), $new_admin_email, esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
+<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), esc_html( $new_admin_email ), esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
 </div>
 <?php endif; ?>

trunk/wp-includes/formatting.php

@@ -2427 +2427 @@
             }
             break;
-
+        case 'new_admin_email':
+            $value = sanitize_email($value);
+            if ( !is_email($value) ) {
+                $value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
+                if ( function_exists('add_settings_error') )
+                    add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
+            }
+            break;
         case 'thumbnail_size_w':
         case 'thumbnail_size_h':
@@ -2521 +2528 @@
             }
             break;
+        case 'WPLANG':
+            $allowed = get_available_languages();
+            if ( ! in_array( $value, $allowed ) && ! empty( $value ) )
+                $value = get_option( $option );
+            break;
 
         case 'timezone_string':

trunk/wp-settings.php

@@ -259 +259 @@
 $locale = get_locale();
 $locale_file = WP_LANG_DIR . "/$locale.php";
-if ( is_readable( $locale_file ) )
+if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) )
     require( $locale_file );
 unset($locale_file);