Changeset 33840
- Timestamp:
- 09/01/2015 03:56:44 AM (9 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/js/utils.js
r29478 r33840 162 162 secure = !! userSettings.secure; 163 163 164 name = name.toString().replace( /[^A-Za-z0-9_ ]/, '' );164 name = name.toString().replace( /[^A-Za-z0-9_-]/, '' ); 165 165 166 166 if ( typeof value === 'number' ) { 167 167 value = parseInt( value, 10 ); 168 168 } else { 169 value = value.toString().replace( /[^A-Za-z0-9_ ]/, '' );169 value = value.toString().replace( /[^A-Za-z0-9_-]/, '' ); 170 170 } 171 171 -
trunk/src/wp-includes/option.php
r33794 r33840 901 901 902 902 if ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) { 903 $cookie = preg_replace( '/[^A-Za-z0-9=&_ ]/', '', $_COOKIE['wp-settings-' . $user_id] );903 $cookie = preg_replace( '/[^A-Za-z0-9=&_-]/', '', $_COOKIE['wp-settings-' . $user_id] ); 904 904 905 905 if ( strpos( $cookie, '=' ) ) { // '=' cannot be 1st char … … 941 941 $settings = ''; 942 942 foreach ( $user_settings as $name => $value ) { 943 $_name = preg_replace( '/[^A-Za-z0-9_ ]+/', '', $name );944 $_value = preg_replace( '/[^A-Za-z0-9_ ]+/', '', $value );943 $_name = preg_replace( '/[^A-Za-z0-9_-]+/', '', $name ); 944 $_value = preg_replace( '/[^A-Za-z0-9_-]+/', '', $value ); 945 945 946 946 if ( ! empty( $_name ) ) {
Note: See TracChangeset
for help on using the changeset viewer.