Changeset 36560
- Timestamp:
- 02/17/2016 08:14:37 PM (9 years ago)
- Location:
- trunk/src/wp-admin
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/class-wp-plugins-list-table.php
r36302 r36560 269 269 270 270 /** 271 * @global string $s 271 * @global string $s URL encoded search term. 272 272 * 273 273 * @param array $plugin … … 278 278 279 279 foreach ( $plugin as $value ) { 280 if ( is_string( $value ) && false !== stripos( strip_tags( $value ), $s) ) {280 if ( is_string( $value ) && false !== stripos( strip_tags( $value ), urldecode( $s ) ) ) { 281 281 return true; 282 282 } … … 317 317 318 318 if ( ! empty( $_REQUEST['s'] ) ) { 319 $s = esc_html( $_REQUEST['s']);319 $s = esc_html( wp_unslash( $_REQUEST['s'] ) ); 320 320 321 321 printf( __( 'No plugins found for “%s”.' ), $s ); -
trunk/src/wp-admin/plugins.php
r36302 r36560 19 19 20 20 $plugin = isset($_REQUEST['plugin']) ? $_REQUEST['plugin'] : ''; 21 $s = isset($_REQUEST['s']) ? urlencode( $_REQUEST['s']) : '';21 $s = isset($_REQUEST['s']) ? urlencode( wp_unslash( $_REQUEST['s'] ) ) : ''; 22 22 23 23 // Clean up request URI from temporary args for screen options/paging uri's to work as expected. … … 487 487 if ( strlen( $s ) ) { 488 488 /* translators: %s: search keywords */ 489 printf( '<span class="subtitle">' . __( 'Search results for “%s”' ) . '</span>', esc_html( $s) );489 printf( '<span class="subtitle">' . __( 'Search results for “%s”' ) . '</span>', esc_html( urldecode( $s ) ) ); 490 490 } 491 491 ?>
Note: See TracChangeset
for help on using the changeset viewer.