Changeset 23416 for trunk/wp-admin/includes/misc.php
- Timestamp:
- 02/14/2013 10:51:06 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/misc.php
r22375 r23416 221 221 */ 222 222 function url_shorten( $url ) { 223 $short_url = str_replace( 'http://', '', stripslashes( $url ));223 $short_url = str_replace( 'http://', '', $url ); 224 224 $short_url = str_replace( 'www.', '', $short_url ); 225 225 $short_url = untrailingslashit( $short_url ); … … 249 249 $$var = ''; 250 250 else 251 $$var = $_GET[$var];251 $$var = wp_unslash( $_GET[$var] ); 252 252 } else { 253 $$var = $_POST[$var];253 $$var = wp_unslash( $_POST[$var] ); 254 254 } 255 255 } … … 324 324 if ( !$user = wp_get_current_user() ) 325 325 return; 326 $option = $_POST['wp_screen_options']['option'];327 $value = $_POST['wp_screen_options']['value'];326 $option = wp_unslash( $_POST['wp_screen_options']['option'] ); 327 $value = wp_unslash( $_POST['wp_screen_options']['value'] ); 328 328 329 329 if ( $option != sanitize_key( $option ) )
Note: See TracChangeset
for help on using the changeset viewer.