Changeset 23567 for trunk/wp-admin/upgrade.php
- Timestamp:
- 03/01/2013 05:14:09 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/upgrade.php
r23554 r23567 78 78 switch ( $step ) : 79 79 case 0: 80 $goback = stripslashes( wp_get_referer() );80 $goback = wp_unslash( wp_get_referer() ); 81 81 $goback = esc_url_raw( $goback ); 82 82 $goback = urlencode( $goback ); … … 91 91 wp_upgrade(); 92 92 93 $backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';93 $backto = !empty($_GET['backto']) ? wp_unslash( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/'; 94 94 $backto = esc_url( $backto ); 95 95 $backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
Note: See TracChangeset
for help on using the changeset viewer.