Context Navigation

← Previous Change
Next Change →

upgrade.php

Timestamp:

03/01/2013 04:28:40 PM (12 years ago)

Author:

ryan

Message:

Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767

File:

: 1 edited

trunk/wp-admin/upgrade.php (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/wp-admin/upgrade.php

-                      r23416
+                      r23554
 switch ( $step ) :
     case 0:
         $goback = wp_get_referer();
+        $goback = stripslashes( wp_get_referer() );
         $goback = esc_url_raw( $goback );
         $goback = urlencode( $goback );
 …
         wp_upgrade();
             $backto = !empty($_GET['backto']) ? wp_unslash( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
+            $backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
             $backto = esc_url( $backto );
             $backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 23554 for trunk/wp-admin/upgrade.php

Legend:

trunk/wp-admin/upgrade.php

Download in other formats: