Context Navigation

menu.php

Timestamp:

03/22/2017 11:03:28 PM (7 years ago)

Author:

westonruter

Message:

Customize: Prevent links to customize.php from being generated which have query vars from wp_removable_query_args() present.

Props dlh.
See #23367, #32692.
Fixes #31850.

File:

r39540	r40313
158	158	$submenu['themes.php'][5] = array( __( 'Themes' ), $appearance_cap, 'themes.php' );
159	159
160		$customize_url = add_query_arg( 'return', urlencode( ~~wp_unslash( $_SERVER['REQUEST_URI']~~ ) ), 'customize.php' );
	160	$customize_url = add_query_arg( 'return', urlencode( remove_query_arg( wp_removable_query_args(), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ), 'customize.php' );
161	161	$submenu['themes.php'][6] = array( __( 'Customize' ), 'customize', esc_url( $customize_url ), '', 'hide-if-no-customize' );
162	162

Note: See TracChangeset for help on using the changeset viewer.