WordPress.org

Make WordPress Core

Changeset 44051


Ignore:
Timestamp:
12/13/2018 01:32:07 AM (10 months ago)
Author:
peterwilsoncc
Message:

Multisite: Validate activation links.

Merges [44048] to the 4.9 branch.

Location:
branches/4.9
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • branches/4.9

  • branches/4.9/src/wp-activate.php

    r44024 r44051  
    2727$result = null;
    2828
    29 if ( ! empty( $_GET['key'] ) ) {
     29if ( isset( $_GET['key'] ) && isset( $_POST['key'] ) && $_GET['key'] !== $_POST['key'] ) {
     30    wp_die( __( 'A key value mismatch has been detected. Please follow the link provided in your activation email.' ), __( 'An error occurred during the activation' ), 400 );
     31} elseif ( ! empty( $_GET['key'] ) ) {
    3032    $key = $_GET['key'];
    3133} elseif ( ! empty( $_POST['key'] ) ) {
  • branches/4.9/src/wp-admin/includes/class-wp-screen.php

    r43502 r44051  
    271271            switch ( $base ) {
    272272                case 'post' :
    273                     if ( isset( $_GET['post'] ) )
     273                    if ( isset( $_GET['post'] ) && isset( $_POST['post_ID'] ) && (int) $_GET['post'] !== (int) $_POST['post_ID'] )
     274                        wp_die( __( 'A post ID mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 );
     275                    elseif ( isset( $_GET['post'] ) )
    274276                        $post_id = (int) $_GET['post'];
    275277                    elseif ( isset( $_POST['post_ID'] ) )
  • branches/4.9/src/wp-admin/post.php

    r41829 r44051  
    1717wp_reset_vars( array( 'action' ) );
    1818
    19 if ( isset( $_GET['post'] ) )
     19if ( isset( $_GET['post'] ) && isset( $_POST['post_ID'] ) && (int) $_GET['post'] !== (int) $_POST['post_ID'] )
     20    wp_die( __( 'A post ID mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 );
     21elseif ( isset( $_GET['post'] ) )
    2022    $post_id = $post_ID = (int) $_GET['post'];
    2123elseif ( isset( $_POST['post_ID'] ) )
     
    3739    $post_type = $post->post_type;
    3840    $post_type_object = get_post_type_object( $post_type );
     41}
     42
     43if ( isset( $_POST['post_type'] ) && $post && $post_type !== $_POST['post_type'] ) {
     44    wp_die( __( 'A post type mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 );
    3945}
    4046
  • branches/4.9/src/wp-includes/class-wp.php

    r41686 r44051  
    290290            if ( isset( $this->extra_query_vars[$wpvar] ) )
    291291                $this->query_vars[$wpvar] = $this->extra_query_vars[$wpvar];
     292            elseif ( isset( $_GET[ $wpvar ] ) && isset( $_POST[ $wpvar ] ) && $_GET[ $wpvar ] !== $_POST[ $wpvar ] )
     293                wp_die( __( 'A variable mismatch has been detected.' ), __( 'Sorry, you are not allowed to view this item.' ), 400 );
    292294            elseif ( isset( $_POST[$wpvar] ) )
    293295                $this->query_vars[$wpvar] = $_POST[$wpvar];
  • branches/4.9/src/wp-includes/ms-deprecated.php

    r41714 r44051  
    272272
    273273    $ref = '';
    274     if ( isset( $_GET['ref'] ) )
    275         $ref = $_GET['ref'];
    276     if ( isset( $_POST['ref'] ) )
    277         $ref = $_POST['ref'];
     274    if ( isset( $_GET['ref'] ) && isset( $_POST['ref'] ) && $_GET['ref'] !== $_POST['ref'] ) {
     275        wp_die( __( 'A variable mismatch has been detected.' ), __( 'Sorry, you are not allowed to view this item.' ), 400 );
     276    } elseif ( isset( $_POST['ref'] ) ) {
     277        $ref = $_POST[ 'ref' ];
     278    } elseif ( isset( $_GET['ref'] ) ) {
     279        $ref = $_GET[ 'ref' ];
     280    }
    278281
    279282    if ( $ref ) {
     
    288291
    289292    $url = wpmu_admin_redirect_add_updated_param( $url );
    290     if ( isset( $_GET['redirect'] ) ) {
     293    if ( isset( $_GET['redirect'] ) && isset( $_POST['redirect'] ) && $_GET['redirect'] !== $_POST['redirect'] ) {
     294        wp_die( __( 'A variable mismatch has been detected.' ), __( 'Sorry, you are not allowed to view this item.' ), 400 );
     295    } elseif ( isset( $_GET['redirect'] ) ) {
    291296        if ( substr( $_GET['redirect'], 0, 2 ) == 's_' )
    292297            $url .= '&action=blogs&s='. esc_html( substr( $_GET['redirect'], 2 ) );
Note: See TracChangeset for help on using the changeset viewer.