Changeset 3737

Timestamp:

04/21/2006 09:18:32 PM (20 years ago)

Author:

ryan

Message:

Ref checks. Comment filter.

Location:

branches/2.0

Files:

• wp-admin/cat-js.php (modified) (1 diff)
• wp-admin/categories.php (modified) (2 diffs)
• wp-admin/edit-comments.php (modified) (1 diff)
• wp-admin/edit-form-ajax-cat.php (modified) (2 diffs)
• wp-admin/inline-uploading.php (modified) (1 diff)
• wp-admin/link-categories.php (modified) (3 diffs)
• wp-admin/link-import.php (modified) (1 diff)
• wp-admin/list-manipulation.js (modified) (2 diffs)
• wp-admin/list-manipulation.php (modified) (2 diffs)
• wp-admin/moderation.php (modified) (1 diff)
• wp-admin/options-permalink.php (modified) (1 diff)
• wp-admin/plugin-editor.php (modified) (1 diff)
• wp-admin/post.php (modified) (2 diffs)
• wp-admin/templates.php (modified) (1 diff)
• wp-admin/theme-editor.php (modified) (1 diff)
• wp-includes/classes.php (modified) (1 diff)
• wp-includes/comment-functions.php (modified) (1 diff)
• wp-includes/pluggable-functions.php (modified) (1 diff)

branches/2.0/wp-admin/cat-js.php

@@ -145 +145 @@
     var catString = '';
 
-    catString = 'ajaxnewcat=' + encodeURIComponent(newcat.value);
+    catString = ajaxCat.encVar('ajaxnewcat', newcat.value) + '&' + ajaxCat.encVar('cookie', document.cookie);
     ajaxCat.requestFile = 'edit-form-ajax-cat.php';
-    ajaxCat.method = 'GET';
+    ajaxCat.method = 'POST';
     ajaxCat.onLoading = newCatLoading;
     ajaxCat.onLoaded = newCatLoaded;

branches/2.0/wp-admin/categories.php

@@ -25 +25 @@
 
 case 'addcat':
+
+    check_admin_referer();
 
     if ( !current_user_can('manage_categories') )
@@ -95 +97 @@
 
 case 'editedcat':
+    check_admin_referer();
+
     if ( !current_user_can('manage_categories') )
         die (__('Cheatin’ uh?'));

branches/2.0/wp-admin/edit-comments.php

@@ -40 +40 @@
 <?php
 if ( !empty( $_POST['delete_comments'] ) ) :
+    check_admin_referer();
+
     $i = 0;
     foreach ($_POST['delete_comments'] as $comment) : // Check the permissions on each

branches/2.0/wp-admin/edit-form-ajax-cat.php

@@ -8 +8 @@
 if ( !current_user_can('manage_categories') )
     die('-1');
+if ( !check_ajax_referer() )
+    die('-1');
 
 function get_out_now() { exit; }
@@ -13 +15 @@
 add_action('shutdown', 'get_out_now', -1);
 
-$names = explode(',', rawurldecode($_GET['ajaxnewcat']) );
+$names = explode(',', rawurldecode($_POST['ajaxnewcat']) );
 $ids   = array();
 

branches/2.0/wp-admin/inline-uploading.php

@@ -2 +2 @@
 
 require_once('admin.php');
+
+check_admin_referer();
 
 header('Content-Type: text/html; charset=' . get_option('blog_charset'));

branches/2.0/wp-admin/link-categories.php

@@ -27 +27 @@
   case 'addcat':
   {
+      check_admin_referer();
+
       if ( !current_user_can('manage_links') )
           die (__("Cheatin' uh ?"));
@@ -81 +83 @@
   case 'Delete':
   {
+    check_admin_referer();
+
     $cat_id = (int) $_GET['cat_id'];
     $cat_name=get_linkcatname($cat_id);
@@ -200 +204 @@
   case "editedcat":
   {
+    check_admin_referer();
+
     if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));

branches/2.0/wp-admin/link-import.php

@@ -64 +64 @@
 
     case 1: {
+        check_admin_referer();
+
                 include_once('admin-header.php');
                 if ( !current_user_can('manage_links') )

branches/2.0/wp-admin/list-manipulation.js

@@ -34 +34 @@
     ajaxDel.onInteractive = function() { ajaxDel.myResponseElement.innerHTML = 'Processing Data...'; };
     ajaxDel.onCompletion = function() { removeThisItem( what + '-' + id ); };
-    ajaxDel.runAJAX('action=delete-' + what + '&id=' + id);
+    ajaxDel.runAJAX('action=delete-' + what + '&id=' + id + '&' + ajaxDel.encVar('cookie', document.cookie));
     return false;
 }
@@ -40 +40 @@
 function removeThisItem(id) {
     var response = ajaxDel.response;
-    if ( isNaN(response) ) { alert(response); }
+    if ( isNaN(response) ) { ajaxDel.myResponseElement.innerHTML = response; return false; }
     response = parseInt(response, 10);
     if ( -1 == response ) { ajaxDel.myResponseElement.innerHTML = "You don't have permission to do that."; }

branches/2.0/wp-admin/list-manipulation.php

@@ -6 +6 @@
 get_currentuserinfo();
 if ( !is_user_logged_in() )
+    die('-1');
+if ( !check_ajax_referer() )
     die('-1');
 
@@ -15 +17 @@
 function get_out_now() { exit; }
 add_action('shutdown', 'get_out_now', -1);
-
-//  check_admin_referer();
 
 switch ( $_POST['action'] ) :

branches/2.0/wp-admin/moderation.php

@@ -32 +32 @@
 
 case 'update':
+
+    check_admin_referer();
 
     if ( ! current_user_can('moderate_comments') )

branches/2.0/wp-admin/options-permalink.php

@@ -59 +59 @@
 
 if ( isset($_POST) ) {
+    check_admin_referer();
+
     if ( isset($_POST['permalink_structure']) ) {
         $permalink_structure = $_POST['permalink_structure'];

branches/2.0/wp-admin/plugin-editor.php

@@ -34 +34 @@
 
 case 'update':
+
+    check_admin_referer();
 
     if ( !current_user_can('edit_plugins') )

branches/2.0/wp-admin/post.php

@@ -293 +293 @@
 case 'approvecomment':
 
+    check_admin_referer();
+
     $comment = (int) $_GET['comment'];
     $p = (int) $_GET['p'];
@@ -322 +324 @@
 
 case 'editedcomment':
+
+    check_admin_referer();
 
     edit_comment();

branches/2.0/wp-admin/templates.php

@@ -36 +36 @@
 
 case 'update':
+
+    check_adimn_referer();
 
     if ( ! current_user_can('edit_files') )

branches/2.0/wp-admin/theme-editor.php

@@ -47 +47 @@
 
 case 'update':
+
+    check_admin_referer();
 
     if ( !current_user_can('edit_themes') )

branches/2.0/wp-includes/classes.php

@@ -827 +827 @@
                         continue;
                     $fulltext = strtolower($comment->email.' '.$comment->url.' '.$comment->ip.' '.$comment->text);
-                    if( strpos( $fulltext, strtolower($word) ) != FALSE ) {
+                    if( false !== strpos( $fulltext, strtolower($word) ) ) {
                         $this->found_comments[] = $comment->ID;
                         break;

branches/2.0/wp-includes/comment-functions.php

@@ -185 +185 @@
     // Merge old and new fields with new fields overwriting old ones.
     $commentarr = array_merge($comment, $commentarr);
+
+    $commentarr = wp_filter_comment( $commentarr );
 
     // Now extract the merged array.

branches/2.0/wp-includes/pluggable-functions.php

@@ -231 +231 @@
         die(__('Sorry, you need to <a href="http://codex.wordpress.org/Enable_Sending_Referrers">enable sending referrers</a> for this feature to work.'));
     do_action('check_admin_referer');
+}
+endif;
+
+if ( !function_exists('check_ajax_referer') ) :
+function check_ajax_referer() {
+    $cookie = explode(';', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
+    foreach ( $cookie as $tasty ) {
+        if ( false !== strpos($tasty, USER_COOKIE) )
+            $user = substr(strstr($tasty, '='), 1);
+        if ( false !== strpos($tasty, PASS_COOKIE) )
+            $pass = substr(strstr($tasty, '='), 1);
+    }
+    if ( wp_login( $user, $pass, true ) )
+        return true;
+    return false;
 }
 endif;