Changeset 41444 for branches/4.3/src/wp-admin/plugins.php
- Timestamp:
- 09/19/2017 01:19:20 PM (7 years ago)
- Location:
- branches/4.3
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.3
- Property svn:mergeinfo changed
/branches/4.4 (added) merged: 41434 /branches/4.5 (added) merged: 41415-41416 /branches/4.6 merged: 41414 /trunk reverse-merged: 18512
- Property svn:mergeinfo changed
-
branches/4.3/src/wp-admin/plugins.php
r40174 r41444 18 18 $action = $wp_list_table->current_action(); 19 19 20 $plugin = isset($_REQUEST['plugin']) ? $_REQUEST['plugin']: '';20 $plugin = isset($_REQUEST['plugin']) ? wp_unslash( $_REQUEST['plugin'] ) : ''; 21 21 $s = isset($_REQUEST['s']) ? urlencode($_REQUEST['s']) : ''; 22 22 … … 40 40 check_admin_referer('activate-plugin_' . $plugin); 41 41 42 $result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . $plugin), is_network_admin() );42 $result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . urlencode( $plugin ) ), is_network_admin() ); 43 43 if ( is_wp_error( $result ) ) { 44 44 if ( 'unexpected_output' == $result->get_error_code() ) { 45 $redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . $plugin. "&plugin_status=$status&paged=$page&s=$s");45 $redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . urlencode( $plugin ) . "&plugin_status=$status&paged=$page&s=$s"); 46 46 wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), $redirect)); 47 47 exit; … … 70 70 check_admin_referer('bulk-plugins'); 71 71 72 $plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked']: array();72 $plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array(); 73 73 74 74 if ( is_network_admin() ) { … … 110 110 111 111 if ( isset( $_GET['plugins'] ) ) 112 $plugins = explode( ',', $_GET['plugins']);112 $plugins = explode( ',', wp_unslash( $_GET['plugins'] ) ); 113 113 elseif ( isset( $_POST['checked'] ) ) 114 $plugins = (array) $_POST['checked'];114 $plugins = (array) wp_unslash( $_POST['checked'] ); 115 115 else 116 116 $plugins = array(); … … 187 187 check_admin_referer('bulk-plugins'); 188 188 189 $plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked']: array();189 $plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array(); 190 190 // Do not deactivate plugins which are already deactivated. 191 191 if ( is_network_admin() ) { … … 220 220 221 221 //$_POST = from the plugin form; $_GET = from the FTP details screen. 222 $plugins = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked']: array();222 $plugins = isset( $_REQUEST['checked'] ) ? (array) wp_unslash( $_REQUEST['checked'] ) : array(); 223 223 if ( empty( $plugins ) ) { 224 224 wp_redirect( self_admin_url("plugins.php?plugin_status=$status&paged=$page&s=$s") );
Note: See TracChangeset
for help on using the changeset viewer.