Changeset 23416 for trunk/wp-includes/functions.php
- Timestamp:
- 02/14/2013 10:51:06 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/functions.php
r23411 r23416 469 469 470 470 if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) { 471 add_post_meta( $post_ID, 'enclosure', "$url\n$len\n$mime\n" );471 wp_add_post_meta( $post_ID, 'enclosure', "$url\n$len\n$mime\n" ); 472 472 } 473 473 } … … 1257 1257 */ 1258 1258 function wp_original_referer_field( $echo = true, $jump_back_to = 'current' ) { 1259 $jump_back_to = ( 'previous' == $jump_back_to ) ? wp_get_referer() : $_SERVER['REQUEST_URI'];1259 $jump_back_to = ( 'previous' == $jump_back_to ) ? wp_get_referer() : wp_unslash( $_SERVER['REQUEST_URI'] ); 1260 1260 $ref = ( wp_get_original_referer() ) ? wp_get_original_referer() : $jump_back_to; 1261 $orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . esc_attr( stripslashes( $ref )) . '" />';1261 $orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . esc_attr( $ref ) . '" />'; 1262 1262 if ( $echo ) 1263 1263 echo $orig_referer_field; … … 1278 1278 $ref = false; 1279 1279 if ( ! empty( $_REQUEST['_wp_http_referer'] ) ) 1280 $ref = $_REQUEST['_wp_http_referer'];1280 $ref = wp_unslash( $_REQUEST['_wp_http_referer'] ); 1281 1281 else if ( ! empty( $_SERVER['HTTP_REFERER'] ) ) 1282 $ref = $_SERVER['HTTP_REFERER'];1283 1284 if ( $ref && $ref !== $_SERVER['REQUEST_URI'])1282 $ref = wp_unslash( $_SERVER['HTTP_REFERER'] ); 1283 1284 if ( $ref && $ref !== wp_unslash( $_SERVER['REQUEST_URI'] ) ) 1285 1285 return $ref; 1286 1286 return false; … … 1298 1298 function wp_get_original_referer() { 1299 1299 if ( !empty( $_REQUEST['_wp_original_http_referer'] ) ) 1300 return $_REQUEST['_wp_original_http_referer'];1300 return wp_unslash( $_REQUEST['_wp_original_http_referer'] ); 1301 1301 return false; 1302 1302 }
Note: See TracChangeset
for help on using the changeset viewer.