WordPress.org
Get WordPress

Make WordPress Core

Changeset 3908


Ignore:
Timestamp:
06/24/2006 05:38:37 AM (19 years ago)
Author:
ryan
Message:

wp_get_referer() and friends from robmiller and markjaquith. fixes #2800

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-admin/options.php

    r3759 r3908  
    7878    }
    7979   
    80     $referred = remove_query_arg('updated' , $_SERVER['HTTP_REFERER']);
    81     $goback = add_query_arg('updated', 'true', $_SERVER['HTTP_REFERER']);
     80    $referred = remove_query_arg('updated' , wp_get_referer());
     81    $goback = add_query_arg('updated', 'true', wp_get_referer());
    8282    $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback);
    8383    wp_redirect($goback);

  • trunk/wp-includes/functions.php

    r3904 r3908  
    812812function wp_nonce_field($action = -1) {
    813813    echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />';
     814    wp_referer_field();
     815}
     816
     817function wp_referer_field() {
     818    $ref = ( false === wp_get_referer() ) ? $_SERVER['REQUEST_URI'] : wp_get_referer();
     819    $ref = wp_specialchars(stripslashes($ref));
     820    echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />';
     821    if ( wp_get_original_referer() ) {
     822        $original_ref = wp_specialchars(stripslashes(wp_get_original_referer()));
     823        echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />';
     824    }
     825}
     826
     827function wp_original_referer_field() {
     828    echo '<input type="hidden" name="_wp_original_http_referer" value="' . wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
     829}
     830
     831function wp_get_referer() {
     832    foreach ( array($_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER']) as $ref )
     833        if ( !empty($ref) )
     834            return $ref;
     835    return false;
     836}
     837
     838function wp_get_original_referer() {
     839    if ( !empty($_REQUEST['_wp_original_http_referer']) )
     840        return $_REQUEST['_wp_original_http_referer'];
     841    return false;
    814842}
    815843

  • trunk/wp-includes/pluggable.php

    r3862 r3908  
    232232    global $pagenow, $menu, $submenu, $parent_file, $submenu_file;;
    233233    $adminurl = strtolower(get_settings('siteurl')).'/wp-admin';
    234     $referer = strtolower($_SERVER['HTTP_REFERER']);
     234    $referer = strtolower(wp_get_referer());
    235235    if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) &&
    236236        !(-1 == $action && strstr($referer, $adminurl)) ) {
Note: See TracChangeset for help on using the changeset viewer.