Changeset 41415 for branches/4.5/src/wp-admin/plugins.php
- Timestamp:
- 09/19/2017 10:31:43 AM (7 years ago)
- Location:
- branches/4.5
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.5
- Property svn:mergeinfo changed
/branches/4.6 merged: 41414
- Property svn:mergeinfo changed
-
branches/4.5/src/wp-admin/plugins.php
r40172 r41415 18 18 $action = $wp_list_table->current_action(); 19 19 20 $plugin = isset($_REQUEST['plugin']) ? $_REQUEST['plugin']: '';20 $plugin = isset($_REQUEST['plugin']) ? wp_unslash( $_REQUEST['plugin'] ) : ''; 21 21 $s = isset($_REQUEST['s']) ? urlencode( wp_unslash( $_REQUEST['s'] ) ) : ''; 22 22 … … 40 40 check_admin_referer('activate-plugin_' . $plugin); 41 41 42 $result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . $plugin), is_network_admin() );42 $result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . urlencode( $plugin ) ), is_network_admin() ); 43 43 if ( is_wp_error( $result ) ) { 44 44 if ( 'unexpected_output' == $result->get_error_code() ) { 45 $redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . $plugin. "&plugin_status=$status&paged=$page&s=$s");45 $redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . urlencode( $plugin ) . "&plugin_status=$status&paged=$page&s=$s"); 46 46 wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), $redirect)); 47 47 exit; … … 74 74 check_admin_referer('bulk-plugins'); 75 75 76 $plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked']: array();76 $plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array(); 77 77 78 78 if ( is_network_admin() ) { … … 123 123 124 124 if ( isset( $_GET['plugins'] ) ) 125 $plugins = explode( ',', $_GET['plugins']);125 $plugins = explode( ',', wp_unslash( $_GET['plugins'] ) ); 126 126 elseif ( isset( $_POST['checked'] ) ) 127 $plugins = (array) $_POST['checked'];127 $plugins = (array) wp_unslash( $_POST['checked'] ); 128 128 else 129 129 $plugins = array(); … … 198 198 check_admin_referer('bulk-plugins'); 199 199 200 $plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked']: array();200 $plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array(); 201 201 // Do not deactivate plugins which are already deactivated. 202 202 if ( is_network_admin() ) { … … 235 235 236 236 //$_POST = from the plugin form; $_GET = from the FTP details screen. 237 $plugins = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked']: array();237 $plugins = isset( $_REQUEST['checked'] ) ? (array) wp_unslash( $_REQUEST['checked'] ) : array(); 238 238 if ( empty( $plugins ) ) { 239 239 wp_redirect( self_admin_url("plugins.php?plugin_status=$status&paged=$page&s=$s") );
Note: See TracChangeset
for help on using the changeset viewer.