WordPress.org
Get WordPress

Make WordPress Core

Changeset 3909


Ignore:
Timestamp:
06/24/2006 05:41:59 AM (20 years ago)
Author:
ryan
Message:

wp_get_referer() and friends from robmiller and markjaquith. fixes #2800

Location:
branches/2.0
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • branches/2.0/wp-admin/options.php

    r3771 r3909  
    7878    }
    7979   
    80     $referred = remove_query_arg('updated' , $_SERVER['HTTP_REFERER']);
    81     $goback = add_query_arg('updated', 'true', $_SERVER['HTTP_REFERER']);
     80    $referred = remove_query_arg('updated' , wp_get_referer());
     81    $goback = add_query_arg('updated', 'true', wp_get_referer());
    8282    $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback);
    8383    wp_redirect($goback);

  • branches/2.0/wp-includes/functions.php

    r3905 r3909  
    23222322function wp_nonce_field($action = -1) {
    23232323    echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />';
     2324    wp_referer_field();
     2325}
     2326
     2327function wp_referer_field() {
     2328    $ref = ( false === wp_get_referer() ) ? $_SERVER['REQUEST_URI'] : wp_get_referer();
     2329    $ref = wp_specialchars(stripslashes($ref));
     2330    echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />';
     2331    if ( wp_get_original_referer() ) {
     2332        $original_ref = wp_specialchars(stripslashes(wp_get_original_referer()));
     2333        echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />';
     2334    }
     2335}
     2336
     2337function wp_original_referer_field() {
     2338    echo '<input type="hidden" name="_wp_original_http_referer" value="' . wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
     2339}
     2340
     2341function wp_get_referer() {
     2342    foreach ( array($_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER']) as $ref )
     2343        if ( !empty($ref) )
     2344            return $ref;
     2345    return false;
     2346}
     2347
     2348function wp_get_original_referer() {
     2349    if ( !empty($_REQUEST['_wp_original_http_referer']) )
     2350        return $_REQUEST['_wp_original_http_referer'];
     2351    return false;
    23242352}
    23252353

  • branches/2.0/wp-includes/pluggable-functions.php

    r3835 r3909  
    232232    global $pagenow;
    233233    $adminurl = strtolower(get_settings('siteurl')).'/wp-admin';
    234     $referer = strtolower($_SERVER['HTTP_REFERER']);
     234    $referer = strtolower(wp_get_referer());
    235235    if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) &&
    236236        !(-1 == $action && strstr($referer, $adminurl)) ) {
Note: See TracChangeset for help on using the changeset viewer.