Make WordPress Core

Changeset 34984


Ignore:
Timestamp:
10/09/2015 04:46:00 AM (9 years ago)
Author:
SergeyBiryukov
Message:

Media: Return early from media_sideload_image() if $file didn't match the pattern for images.

Props MikeHansenMe, serpent7776.
Fixes #32755.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/media.php

    r34866 r34984  
    848848        // Set variables for storage, fix file filename for query strings.
    849849        preg_match( '/[^\?]+\.(jpe?g|jpe|gif|png)\b/i', $file, $matches );
     850        if ( ! $matches ) {
     851            return new WP_Error( 'image_sideload_failed', __( 'Invalid image URL' ) );
     852        }
     853
    850854        $file_array = array();
    851855        $file_array['name'] = basename( $matches[0] );
Note: See TracChangeset for help on using the changeset viewer.