Index: wp-admin/options-head.php =================================================================== --- wp-admin/options-head.php (revision 23418) +++ wp-admin/options-head.php (working copy) @@ -2,14 +2,13 @@ /** * WordPress Options Header. * - * Resets variables: 'action', 'standalone', and 'option_group_id'. Displays - * updated message, if updated variable is part of the URL query. + * Displays updated message, if updated variable is part of the URL query. * * @package WordPress * @subpackage Administration */ -wp_reset_vars(array('action', 'standalone', 'option_group_id')); +wp_reset_vars( array( 'action' ) ); if ( isset( $_GET['updated'] ) && isset( $_GET['page'] ) ) { // For backwards compat with plugins that don't use the Settings API and just set updated=1 in the redirect Index: wp-admin/includes/bookmark.php =================================================================== --- wp-admin/includes/bookmark.php (revision 23418) +++ wp-admin/includes/bookmark.php (working copy) @@ -55,12 +55,12 @@ function get_default_link_to_edit() { $link = new stdClass; if ( isset( $_GET['linkurl'] ) ) - $link->link_url = esc_url( $_GET['linkurl'] ); + $link->link_url = esc_url( wp_unslash( $_GET['linkurl'] ) ); else $link->link_url = ''; if ( isset( $_GET['name'] ) ) - $link->link_name = esc_attr( $_GET['name'] ); + $link->link_name = esc_attr( wp_unslash( $_GET['name'] ) ); else $link->link_name = ''; Index: wp-admin/includes/class-wp-links-list-table.php =================================================================== --- wp-admin/includes/class-wp-links-list-table.php (revision 23418) +++ wp-admin/includes/class-wp-links-list-table.php (working copy) @@ -23,7 +23,7 @@ function prepare_items() { global $cat_id, $s, $orderby, $order; - wp_reset_vars( array( 'action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'orderby', 'order', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]', 's' ) ); + wp_reset_vars( array( 'action', 'cat_id', 'link_id', 'orderby', 'order', 's' ) ); $args = array( 'hide_invisible' => 0, 'hide_empty' => 0 ); Index: wp-admin/post.php =================================================================== --- wp-admin/post.php (revision 23418) +++ wp-admin/post.php (working copy) @@ -1,4 +1,4 @@ - - Index: wp-admin/link-add.php =================================================================== --- wp-admin/link-add.php (revision 23418) +++ wp-admin/link-add.php (working copy) @@ -15,10 +15,7 @@ $title = __('Add New Link'); $parent_file = 'link-manager.php'; -wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', - 'description', 'visible', 'target', 'category', 'link_id', - 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', - 'notes', 'linkcheck[]')); +wp_reset_vars( array('action', 'cat_id', 'link_id' ) ); wp_enqueue_script('link'); wp_enqueue_script('xfn'); Index: wp-admin/link.php =================================================================== --- wp-admin/link.php (revision 23418) +++ wp-admin/link.php (working copy) @@ -12,7 +12,7 @@ /** Load WordPress Administration Bootstrap */ require_once ('admin.php'); -wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]')); +wp_reset_vars( array( 'action', 'cat_id', 'link_id' ) ); if ( ! current_user_can('manage_links') ) wp_link_manager_disabled_message(); Index: wp-admin/user-edit.php =================================================================== --- wp-admin/user-edit.php (revision 23418) +++ wp-admin/user-edit.php (working copy) @@ -9,7 +9,7 @@ /** WordPress Administration Bootstrap */ require_once('./admin.php'); -wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer')); +wp_reset_vars( array( 'action', 'user_id', 'wp_http_referer' ) ); $user_id = (int) $user_id; $current_user = wp_get_current_user(); @@ -54,7 +54,7 @@ '
' . __('Support Forums') . '
' ); -$wp_http_referer = remove_query_arg(array('update', 'delete_count'), wp_unslash( $wp_http_referer ) ); +$wp_http_referer = remove_query_arg(array('update', 'delete_count'), $wp_http_referer ); $user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' );