WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
06/27/2011 09:36:48 PM (14 years ago)
Author:
ryan
Message:

Hardening. Santizers for WPLANG and new_admin_email. Prevent stomping ID and filter. Validate locale filename. Props westi. For 3.1.

Location:
branches/3.1
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • branches/3.1

  • branches/3.1/wp-admin/includes/media.php

    r18018 r18356  
    229229    ), $post_data );
    230230
     231    // This should never be set as it would then overwrite an existing attachment.
     232    if ( isset( $attachment['ID'] ) )
     233        unset( $attachment['ID'] );
     234
    231235    // Save the data
    232236    $id = wp_insert_attachment($attachment, $file, $post_id);
     
    281285        'post_content' => $content,
    282286    ), $post_data );
     287
     288    // This should never be set as it would then overwrite an existing attachment.
     289    if ( isset( $attachment['ID'] ) )
     290        unset( $attachment['ID'] );
    283291
    284292    // Save the attachment metadata
Note: See TracChangeset for help on using the changeset viewer.