Index: wp-comments-post.php
===================================================================
--- wp-comments-post.php (revision 23383)
+++ wp-comments-post.php (working copy)
@@ -17,8 +17,10 @@
nocache_headers();
-$comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0;
+$post_data = wp_unslash( $_POST );
+$comment_post_ID = isset($post_data['comment_post_ID']) ? (int) $post_data['comment_post_ID'] : 0;
+
$post = get_post($comment_post_ID);
if ( empty($post->comment_status) ) {
@@ -47,10 +49,10 @@
do_action('pre_comment_on_post', $comment_post_ID);
}
-$comment_author = ( isset($_POST['author']) ) ? trim(strip_tags($_POST['author'])) : null;
-$comment_author_email = ( isset($_POST['email']) ) ? trim($_POST['email']) : null;
-$comment_author_url = ( isset($_POST['url']) ) ? trim($_POST['url']) : null;
-$comment_content = ( isset($_POST['comment']) ) ? trim($_POST['comment']) : null;
+$comment_author = ( isset( $post_data['author'] ) ) ? trim( strip_tags( $post_data['author'] ) ) : null;
+$comment_author_email = ( isset( $post_data['email'] ) ) ? trim( $post_data['email'] ) : null;
+$comment_author_url = ( isset( $post_data['url'] ) ) ? trim( $post_data['url'] ) : null;
+$comment_content = ( isset( $post_data['comment'] ) ) ? trim( $post_data['comment'] ) : null;
// If the user is logged in
$user = wp_get_current_user();
@@ -61,7 +63,7 @@
$comment_author_email = $wpdb->escape($user->user_email);
$comment_author_url = $wpdb->escape($user->user_url);
if ( current_user_can('unfiltered_html') ) {
- if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) {
+ if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $post_data['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
kses_init_filters(); // set up the filters
}
@@ -83,7 +85,7 @@
if ( '' == $comment_content )
wp_die( __('ERROR: please type a comment.') );
-$comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0;
+$comment_parent = isset($post_data['comment_parent']) ? absint($post_data['comment_parent']) : 0;
$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID');
@@ -92,7 +94,7 @@
$comment = get_comment($comment_id);
do_action('set_comment_cookies', $comment, $user);
-$location = empty($_POST['redirect_to']) ? get_comment_link($comment_id) : $_POST['redirect_to'] . '#comment-' . $comment_id;
+$location = empty($post_data['redirect_to']) ? get_comment_link($comment_id) : $post_data['redirect_to'] . '#comment-' . $comment_id;
$location = apply_filters('comment_post_redirect', $location, $comment);
wp_safe_redirect( $location );
Index: wp-includes/default-filters.php
===================================================================
--- wp-includes/default-filters.php (revision 23383)
+++ wp-includes/default-filters.php (working copy)
@@ -14,8 +14,8 @@
// Strip, trim, kses, special chars for string saves
foreach ( array( 'pre_term_name', 'pre_comment_author_name', 'pre_link_name', 'pre_link_target', 'pre_link_rel', 'pre_user_display_name', 'pre_user_first_name', 'pre_user_last_name', 'pre_user_nickname' ) as $filter ) {
- add_filter( $filter, 'sanitize_text_field' );
- add_filter( $filter, 'wp_filter_kses' );
+ add_filter( $filter, 'sanitize_text_field' );
+ add_filter( $filter, 'wp_kses_data' );
add_filter( $filter, '_wp_specialchars', 30 );
}
@@ -31,22 +31,21 @@
// Kses only for textarea saves
foreach ( array( 'pre_term_description', 'pre_link_description', 'pre_link_notes', 'pre_user_description' ) as $filter ) {
- add_filter( $filter, 'wp_filter_kses' );
+ add_filter( $filter, 'wp_kses_data' );
}
// Kses only for textarea admin displays
if ( is_admin() ) {
- foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) {
+ foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description', 'comment_text' ) as $filter ) {
add_filter( $filter, 'wp_kses_data' );
}
- add_filter( 'comment_text', 'wp_kses_post' );
}
// Email saves
foreach ( array( 'pre_comment_author_email', 'pre_user_email' ) as $filter ) {
add_filter( $filter, 'trim' );
add_filter( $filter, 'sanitize_email' );
- add_filter( $filter, 'wp_filter_kses' );
+ add_filter( $filter, 'wp_kses_data' );
}
// Email admin display
Index: wp-includes/taxonomy.php
===================================================================
--- wp-includes/taxonomy.php (revision 23384)
+++ wp-includes/taxonomy.php (working copy)
@@ -2061,10 +2061,6 @@
$args = sanitize_term($args, $taxonomy, 'db');
extract($args, EXTR_SKIP);
- // expected_slashed ($name)
- $name = stripslashes($name);
- $description = stripslashes($description);
-
if ( empty($slug) )
$slug = sanitize_title($name);
@@ -2360,9 +2356,6 @@
if ( is_wp_error( $term ) )
return $term;
- // Escape data pulled from DB.
- $term = add_magic_quotes($term);
-
// Merge old and new args with new args overwriting old ones.
$args = array_merge($term, $args);
@@ -2371,10 +2364,6 @@
$args = sanitize_term($args, $taxonomy, 'db');
extract($args, EXTR_SKIP);
- // expected_slashed ($name)
- $name = stripslashes($name);
- $description = stripslashes($description);
-
if ( '' == trim($name) )
return new WP_Error('empty_term_name', __('A name is required for this term'));
Index: wp-includes/post.php
===================================================================
--- wp-includes/post.php (revision 23383)
+++ wp-includes/post.php (working copy)
@@ -1742,17 +1742,41 @@
* @link http://codex.wordpress.org/Function_Reference/add_post_meta
*
* @param int $post_id Post ID.
- * @param string $meta_key Metadata name.
- * @param mixed $meta_value Metadata value.
+ * @param string $meta_key Metadata name (expected slashed).
+ * @param mixed $meta_value Metadata value (expected slashed).
* @param bool $unique Optional, default is false. Whether the same key should not be added.
* @return bool False for failure. True for success.
*/
-function add_post_meta($post_id, $meta_key, $meta_value, $unique = false) {
+function add_post_meta( $post_id, $meta_key, $meta_value, $unique = false ) {
+ _deprecated_function( __FUNCTION__, '3.5', 'wp_add_post_meta() (expects unslashed data)' );
+
+ // expected slashed
+ $meta_key = stripslashes( $meta_key );
+ $meta_value = stripslashes_deep( $meta_value );
+
+ return wp_add_post_meta( $post_id, $meta_key, $meta_value, $unique );
+}
+
+/**
+ * Add meta data field to a post.
+ *
+ * Post meta data is called "Custom Fields" on the Administration Screen.
+ *
+ * @since 3.6.0
+ * @link http://codex.wordpress.org/Function_Reference/wp_add_post_meta
+ *
+ * @param int $post_id Post ID.
+ * @param string $meta_key Metadata name (clean, slashes already stripped).
+ * @param mixed $meta_value Metadata value (clean, slashes already stripped).
+ * @param bool $unique Optional, default is false. Whether the same key should not be added.
+ * @return bool False for failure. True for success.
+ */
+function wp_add_post_meta( $post_id, $meta_key, $meta_value, $unique = false ) {
// make sure meta is added to the post, not a revision
- if ( $the_post = wp_is_post_revision($post_id) )
+ if ( $the_post = wp_is_post_revision( $post_id ) )
$post_id = $the_post;
- return add_metadata('post', $post_id, $meta_key, $meta_value, $unique);
+ return add_metadata( 'post', $post_id, $meta_key, $meta_value, $unique );
}
/**
@@ -1809,17 +1833,45 @@
* @link http://codex.wordpress.org/Function_Reference/update_post_meta
*
* @param int $post_id Post ID.
- * @param string $meta_key Metadata key.
- * @param mixed $meta_value Metadata value.
+ * @param string $meta_key Metadata key (expected slashed).
+ * @param mixed $meta_value Metadata value (expected slashed).
* @param mixed $prev_value Optional. Previous value to check before removing.
* @return bool False on failure, true if success.
*/
-function update_post_meta($post_id, $meta_key, $meta_value, $prev_value = '') {
+function update_post_meta( $post_id, $meta_key, $meta_value, $prev_value = '' ) {
+ _deprecated_function( __FUNCTION__, '3.5', 'wp_update_post_meta() (expects unslashed data)' );
+
+ // expected slashed
+ $meta_key = stripslashes( $meta_key );
+ $meta_value = stripslashes_deep( $meta_value );
+
+ return wp_update_post_meta( $post_id, $meta_key, $meta_value, $prev_value );
+}
+
+/**
+ * Update post meta field based on post ID.
+ *
+ * Use the $prev_value parameter to differentiate between meta fields with the
+ * same key and post ID.
+ *
+ * If the meta field for the post does not exist, it will be added.
+ *
+ * @since 3.6.0
+ * @uses $wpdb
+ * @link http://codex.wordpress.org/Function_Reference/wp_update_post_meta
+ *
+ * @param int $post_id Post ID.
+ * @param string $meta_key Metadata key (clean, slashes already stripped).
+ * @param mixed $meta_value Metadata value (clean, slashes already stripped).
+ * @param mixed $prev_value Optional. Previous value to check before removing.
+ * @return bool False on failure, true if success.
+ */
+function wp_update_post_meta( $post_id, $meta_key, $meta_value, $prev_value = '' ) {
// make sure meta is added to the post, not a revision
- if ( $the_post = wp_is_post_revision($post_id) )
+ if ( $the_post = wp_is_post_revision( $post_id ) )
$post_id = $the_post;
- return update_metadata('post', $post_id, $meta_key, $meta_value, $prev_value);
+ return update_metadata( 'post', $post_id, $meta_key, $meta_value, $prev_value );
}
/**
@@ -2406,8 +2458,8 @@
do_action('wp_trash_post', $post_id);
- add_post_meta($post_id,'_wp_trash_meta_status', $post['post_status']);
- add_post_meta($post_id,'_wp_trash_meta_time', time());
+ wp_add_post_meta($post_id,'_wp_trash_meta_status', $post['post_status']);
+ wp_add_post_meta($post_id,'_wp_trash_meta_time', time());
$post['post_status'] = 'trash';
wp_insert_post($post);
@@ -2483,7 +2535,7 @@
$statuses = array();
foreach ( $comments as $comment )
$statuses[$comment->comment_ID] = $comment->comment_approved;
- add_post_meta($post_id, '_wp_trash_meta_comments_status', $statuses);
+ wp_add_post_meta($post_id, '_wp_trash_meta_comments_status', $statuses);
// Set status for all comments to post-trashed
$result = $wpdb->update($wpdb->comments, array('comment_approved' => 'post-trashed'), array('comment_post_ID' => $post_id));
@@ -2859,10 +2911,8 @@
$post_name = wp_unique_post_slug($post_name, $post_ID, $post_status, $post_type, $post_parent);
- // expected_slashed (everything!)
$data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'guid' ) );
$data = apply_filters('wp_insert_post_data', $data, $postarr);
- $data = stripslashes_deep( $data );
$where = array( 'ID' => $post_ID );
if ( $update ) {
@@ -2936,7 +2986,7 @@
else
return 0;
}
- update_post_meta($post_ID, '_wp_page_template', $page_template);
+ wp_update_post_meta($post_ID, '_wp_page_template', $page_template);
}
wp_transition_post_status($data['post_status'], $previous_status, $post);
@@ -2969,15 +3019,11 @@
if ( is_object($postarr) ) {
// non-escaped post was passed
$postarr = get_object_vars($postarr);
- $postarr = add_magic_quotes($postarr);
}
// First, get all of the original fields
$post = get_post($postarr['ID'], ARRAY_A);
- // Escape data pulled from DB.
- $post = add_magic_quotes($post);
-
// Passed post category list overwrites existing category list if not empty.
if ( isset($postarr['post_category']) && is_array($postarr['post_category'])
&& 0 != count($postarr['post_category']) )
@@ -3962,7 +4008,6 @@
else
$post_name = sanitize_title($post_name);
- // expected_slashed ($post_name)
$post_name = wp_unique_post_slug($post_name, $post_ID, $post_status, $post_type, $post_parent);
if ( empty($post_date) )
@@ -4005,9 +4050,7 @@
if ( ! isset($pinged) )
$pinged = '';
- // expected_slashed (everything!)
$data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'post_mime_type', 'guid' ) );
- $data = stripslashes_deep( $data );
if ( $update ) {
$wpdb->update( $wpdb->posts, $data, array( 'ID' => $post_ID ) );
@@ -4052,7 +4095,7 @@
clean_post_cache( $post_ID );
if ( ! empty( $context ) )
- add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
+ wp_add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
if ( $update) {
do_action('edit_attachment', $post_ID);
@@ -4439,7 +4482,7 @@
// if we haven't added this old slug before, add it now
if ( !empty( $post_before->post_name ) && !in_array($post_before->post_name, $old_slugs) )
- add_post_meta($post_id, '_wp_old_slug', $post_before->post_name);
+ wp_add_post_meta($post_id, '_wp_old_slug', $post_before->post_name);
// if the new slug was used previously, delete it from the list
if ( in_array($post->post_name, $old_slugs) )
@@ -4864,8 +4907,8 @@
return;
if ( get_option('default_pingback_flag') )
- add_post_meta( $post_id, '_pingme', '1' );
- add_post_meta( $post_id, '_encloseme', '1' );
+ wp_add_post_meta( $post_id, '_pingme', '1' );
+ wp_add_post_meta( $post_id, '_encloseme', '1' );
wp_schedule_single_event(time(), 'do_pings');
}
@@ -5091,7 +5134,6 @@
return new WP_Error( 'post_type', __( 'Cannot create a revision of a revision' ) );
$post = _wp_post_revision_fields( $post, $autosave );
- $post = add_magic_quotes($post); //since data is from db
$revision_id = wp_insert_post( $post );
if ( is_wp_error($revision_id) )
@@ -5170,8 +5212,6 @@
$update['ID'] = $revision['post_parent'];
- $update = add_magic_quotes( $update ); //since data is from db
-
$post_id = wp_update_post( $update );
if ( is_wp_error( $post_id ) )
return $post_id;
@@ -5393,7 +5433,7 @@
$thumbnail_id = absint( $thumbnail_id );
if ( $post && $thumbnail_id && get_post( $thumbnail_id ) ) {
if ( $thumbnail_html = wp_get_attachment_image( $thumbnail_id, 'thumbnail' ) )
- return update_post_meta( $post->ID, '_thumbnail_id', $thumbnail_id );
+ return wp_update_post_meta( $post->ID, '_thumbnail_id', $thumbnail_id );
else
return delete_post_meta( $post->ID, '_thumbnail_id' );
}
Index: wp-includes/comment.php
===================================================================
--- wp-includes/comment.php (revision 23383)
+++ wp-includes/comment.php (working copy)
@@ -633,22 +633,22 @@
*/
function sanitize_comment_cookies() {
if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
- $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
- $comment_author = stripslashes($comment_author);
+ $comment_author = stripslashes($_COOKIE['comment_author_'.COOKIEHASH]);
+ $comment_author = apply_filters('pre_comment_author_name', $comment_author);
$comment_author = esc_attr($comment_author);
$_COOKIE['comment_author_'.COOKIEHASH] = $comment_author;
}
if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
- $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
- $comment_author_email = stripslashes($comment_author_email);
+ $comment_author_email = stripslashes($_COOKIE['comment_author_email_'.COOKIEHASH]);
+ $comment_author_email = apply_filters('pre_comment_author_email', $comment_author_email);
$comment_author_email = esc_attr($comment_author_email);
$_COOKIE['comment_author_email_'.COOKIEHASH] = $comment_author_email;
}
if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {
- $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
- $comment_author_url = stripslashes($comment_author_url);
+ $comment_author_url = stripslashes($_COOKIE['comment_author_url_'.COOKIEHASH]);
+ $comment_author_url = apply_filters('pre_comment_author_url', $comment_author_url);
$_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url;
}
}
@@ -670,11 +670,10 @@
extract($commentdata, EXTR_SKIP);
// Simple duplicate check
- // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content)
- $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_parent = '$comment_parent' AND comment_approved != 'trash' AND ( comment_author = '$comment_author' ";
+ $dupe = $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_parent = %s AND comment_approved != 'trash' AND ( comment_author = %s ", $comment_post_ID, $comment_parent, $comment_author );
if ( $comment_author_email )
- $dupe .= "OR comment_author_email = '$comment_author_email' ";
- $dupe .= ") AND comment_content = '$comment_content' LIMIT 1";
+ $dupe .= $wpdb->prepare( "OR comment_author_email = %s ", $comment_author_email );
+ $dupe .= $wpdb->prepare( ") AND comment_content = %s LIMIT 1", $comment_content );
if ( $wpdb->get_var($dupe) ) {
do_action( 'comment_duplicate_trigger', $commentdata );
if ( defined('DOING_AJAX') )
@@ -1262,7 +1261,7 @@
*/
function wp_insert_comment($commentdata) {
global $wpdb;
- extract(stripslashes_deep($commentdata), EXTR_SKIP);
+ extract($commentdata, EXTR_SKIP);
if ( ! isset($comment_author_IP) )
$comment_author_IP = '';
@@ -1507,7 +1506,7 @@
$commentarr = wp_filter_comment( $commentarr );
// Now extract the merged array.
- extract(stripslashes_deep($commentarr), EXTR_SKIP);
+ extract($commentarr, EXTR_SKIP);
$comment_content = apply_filters('comment_save_pre', $comment_content);
Index: wp-includes/functions.php
===================================================================
--- wp-includes/functions.php (revision 23383)
+++ wp-includes/functions.php (working copy)
@@ -468,7 +468,7 @@
}
if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) {
- add_post_meta( $post_ID, 'enclosure', "$url\n$len\n$mime\n" );
+ wp_add_post_meta( $post_ID, 'enclosure', "$url\n$len\n$mime\n" );
}
}
}
Index: wp-includes/user.php
===================================================================
--- wp-includes/user.php (revision 23383)
+++ wp-includes/user.php (working copy)
@@ -1390,7 +1390,6 @@
}
$data = compact( 'user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name', 'user_registered' );
- $data = stripslashes_deep( $data );
if ( $update ) {
$wpdb->update( $wpdb->users, $data, compact( 'ID' ) );
@@ -1462,9 +1461,6 @@
$user[ $key ] = get_user_meta( $ID, $key, true );
}
- // Escape data pulled from DB.
- $user = add_magic_quotes( $user );
-
// If password is changing, hash it now.
if ( ! empty($userdata['user_pass']) ) {
$plaintext_pass = $userdata['user_pass'];
Index: wp-includes/class-wp-xmlrpc-server.php
===================================================================
--- wp-includes/class-wp-xmlrpc-server.php (revision 23383)
+++ wp-includes/class-wp-xmlrpc-server.php (working copy)
@@ -276,21 +276,21 @@
$post_id = (int) $post_id;
foreach ( (array) $fields as $meta ) {
+ $meta['key'] = stripslashes( $meta['key'] );
+ $meta['value'] = stripslashes_deep( $meta['value'] );
if ( isset($meta['id']) ) {
$meta['id'] = (int) $meta['id'];
$pmeta = get_metadata_by_mid( 'post', $meta['id'] );
if ( isset($meta['key']) ) {
- $meta['key'] = stripslashes( $meta['key'] );
if ( $meta['key'] != $pmeta->meta_key )
continue;
- $meta['value'] = stripslashes_deep( $meta['value'] );
if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) )
update_metadata_by_mid( 'post', $meta['id'], $meta['value'] );
} elseif ( current_user_can( 'delete_post_meta', $post_id, $pmeta->meta_key ) ) {
delete_metadata_by_mid( 'post', $meta['id'] );
}
} elseif ( current_user_can( 'add_post_meta', $post_id, stripslashes( $meta['key'] ) ) ) {
- add_post_meta( $post_id, $meta['key'], $meta['value'] );
+ wp_add_post_meta( $post_id, $meta['key'], $meta['value'] );
}
}
}
@@ -4316,7 +4316,7 @@
}
}
if (!$found)
- add_post_meta( $post_ID, 'enclosure', $encstring );
+ wp_add_post_meta( $post_ID, 'enclosure', $encstring );
}
}
@@ -5274,7 +5274,6 @@
// retain old cats
$cats = wp_get_post_categories($post_ID);
$postdata['post_category'] = $cats;
- $this->escape($postdata);
$result = wp_update_post($postdata);
Index: wp-includes/formatting.php
===================================================================
--- wp-includes/formatting.php (revision 23383)
+++ wp-includes/formatting.php (working copy)
@@ -1716,10 +1716,7 @@
* @return string Converted content.
*/
function wp_rel_nofollow( $text ) {
- // This is a pre save filter, so text is already escaped.
- $text = stripslashes($text);
$text = preg_replace_callback('||i', 'wp_rel_nofollow_callback', $text);
- $text = esc_sql($text);
return $text;
}
@@ -3342,3 +3339,37 @@
$urls_to_ping = implode( "\n", $urls_to_ping );
return apply_filters( 'sanitize_trackback_urls', $urls_to_ping, $to_ping );
}
+
+/**
+ * Slash a string or array of strings.
+ *
+ * This should be used only for GPC data.
+ *
+ * @since 3.6.0
+ *
+ * @param string|array $value String or array of strings to slash.
+ * @return string|array Slashed $value
+ */
+function wp_slash( $value ) {
+ if ( is_array( $value ) ) {
+ array_map( 'wp_slash', $value);
+ } else {
+ $value = addslashes( $value );
+ }
+
+ return $value;
+}
+
+/**
+ * Remove slashes a string or array of strings.
+ *
+ * This should be used for GPC data before passing it along to core API.
+ *
+ * @since 3.6.0
+ *
+ * @param string|array $value String or array of strings to unslash.
+ * @return string|array Unslashed $value
+ */
+function wp_unslash( $value ) {
+ return stripslashes_deep( $value );
+}
Index: wp-includes/kses.php
===================================================================
--- wp-includes/kses.php (revision 23383)
+++ wp-includes/kses.php (working copy)
@@ -1326,18 +1326,18 @@
*/
function kses_init_filters() {
// Normal filtering
- add_filter('title_save_pre', 'wp_filter_kses');
+ add_filter('title_save_pre', 'wp_kses_data');
// Comment filtering
if ( current_user_can( 'unfiltered_html' ) )
- add_filter( 'pre_comment_content', 'wp_filter_post_kses' );
+ add_filter( 'pre_comment_content', 'wp_kses_post' );
else
- add_filter( 'pre_comment_content', 'wp_filter_kses' );
+ add_filter( 'pre_comment_content', 'wp_kses_data' );
// Post filtering
- add_filter('content_save_pre', 'wp_filter_post_kses');
- add_filter('excerpt_save_pre', 'wp_filter_post_kses');
- add_filter('content_filtered_save_pre', 'wp_filter_post_kses');
+ add_filter('content_save_pre', 'wp_kses_post');
+ add_filter('excerpt_save_pre', 'wp_kses_post');
+ add_filter('content_filtered_save_pre', 'wp_kses_post');
}
/**
@@ -1354,16 +1354,16 @@
*/
function kses_remove_filters() {
// Normal filtering
- remove_filter('title_save_pre', 'wp_filter_kses');
+ remove_filter('title_save_pre', 'wp_kses_data');
// Comment filtering
- remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
- remove_filter( 'pre_comment_content', 'wp_filter_kses' );
+ remove_filter( 'pre_comment_content', 'wp_kses_post' );
+ remove_filter( 'pre_comment_content', 'wp_kses_data' );
// Post filtering
- remove_filter('content_save_pre', 'wp_filter_post_kses');
- remove_filter('excerpt_save_pre', 'wp_filter_post_kses');
- remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
+ remove_filter('content_save_pre', 'wp_kses_post');
+ remove_filter('excerpt_save_pre', 'wp_kses_post');
+ remove_filter('content_filtered_save_pre', 'wp_kses_post');
}
/**
Index: wp-includes/meta.php
===================================================================
--- wp-includes/meta.php (revision 23383)
+++ wp-includes/meta.php (working copy)
@@ -42,9 +42,6 @@
$column = esc_sql($meta_type . '_id');
- // expected_slashed ($meta_key)
- $meta_key = stripslashes($meta_key);
- $meta_value = stripslashes_deep($meta_value);
$meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
$check = apply_filters( "add_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $unique );
@@ -113,10 +110,7 @@
$column = esc_sql($meta_type . '_id');
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
- // expected_slashed ($meta_key)
- $meta_key = stripslashes($meta_key);
$passed_value = $meta_value;
- $meta_value = stripslashes_deep($meta_value);
$meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
$check = apply_filters( "update_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $prev_value );
Index: wp-includes/nav-menu.php
===================================================================
--- wp-includes/nav-menu.php (revision 23383)
+++ wp-includes/nav-menu.php (working copy)
@@ -369,20 +369,20 @@
$menu_item_db_id = (int) $menu_item_db_id;
- update_post_meta( $menu_item_db_id, '_menu_item_type', sanitize_key($args['menu-item-type']) );
- update_post_meta( $menu_item_db_id, '_menu_item_menu_item_parent', strval( (int) $args['menu-item-parent-id'] ) );
- update_post_meta( $menu_item_db_id, '_menu_item_object_id', strval( (int) $args['menu-item-object-id'] ) );
- update_post_meta( $menu_item_db_id, '_menu_item_object', sanitize_key($args['menu-item-object']) );
- update_post_meta( $menu_item_db_id, '_menu_item_target', sanitize_key($args['menu-item-target']) );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_type', sanitize_key($args['menu-item-type']) );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_menu_item_parent', strval( (int) $args['menu-item-parent-id'] ) );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_object_id', strval( (int) $args['menu-item-object-id'] ) );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_object', sanitize_key($args['menu-item-object']) );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_target', sanitize_key($args['menu-item-target']) );
$args['menu-item-classes'] = array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-classes'] ) );
$args['menu-item-xfn'] = implode( ' ', array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-xfn'] ) ) );
- update_post_meta( $menu_item_db_id, '_menu_item_classes', $args['menu-item-classes'] );
- update_post_meta( $menu_item_db_id, '_menu_item_xfn', $args['menu-item-xfn'] );
- update_post_meta( $menu_item_db_id, '_menu_item_url', esc_url_raw($args['menu-item-url']) );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_classes', $args['menu-item-classes'] );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_xfn', $args['menu-item-xfn'] );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_url', esc_url_raw($args['menu-item-url']) );
if ( 0 == $menu_id )
- update_post_meta( $menu_item_db_id, '_menu_item_orphaned', (string) time() );
+ wp_update_post_meta( $menu_item_db_id, '_menu_item_orphaned', (string) time() );
elseif ( get_post_meta( $menu_item_db_id, '_menu_item_orphaned' ) )
delete_post_meta( $menu_item_db_id, '_menu_item_orphaned' );
Index: wp-mail.php
===================================================================
--- wp-mail.php (revision 23383)
+++ wp-mail.php (working copy)
@@ -202,7 +202,6 @@
$post_category = array(get_option('default_email_category'));
$post_data = compact('post_content','post_title','post_date','post_date_gmt','post_author','post_category', 'post_status');
- $post_data = add_magic_quotes($post_data);
$post_ID = wp_insert_post($post_data);
if ( is_wp_error( $post_ID ) )
Index: wp-admin/includes/bookmark.php
===================================================================
--- wp-admin/includes/bookmark.php (revision 23383)
+++ wp-admin/includes/bookmark.php (working copy)
@@ -39,9 +39,9 @@
if ( !empty( $link_id ) ) {
$_POST['link_id'] = $link_id;
- return wp_update_link( $_POST );
+ return wp_update_link( stripslashes_deep( $_POST ) );
} else {
- return wp_insert_link( $_POST );
+ return wp_insert_link( stripslashes_deep( $_POST ) );
}
}
@@ -137,7 +137,7 @@
$linkdata = wp_parse_args( $linkdata, $defaults );
$linkdata = sanitize_bookmark( $linkdata, 'db' );
- extract( stripslashes_deep( $linkdata ), EXTR_SKIP );
+ extract( $linkdata, EXTR_SKIP );
$update = false;
@@ -250,9 +250,6 @@
$link = get_bookmark( $link_id, ARRAY_A );
- // Escape data pulled from DB.
- $link = add_magic_quotes( $link );
-
// Passed link category list overwrites existing category list if not empty.
if ( isset( $linkdata['link_category'] ) && is_array( $linkdata['link_category'] )
&& 0 != count( $linkdata['link_category'] ) )
Index: wp-admin/includes/taxonomy.php
===================================================================
--- wp-admin/includes/taxonomy.php (revision 23383)
+++ wp-admin/includes/taxonomy.php (working copy)
@@ -157,9 +157,6 @@
// First, get all of the original fields
$category = get_category($cat_ID, ARRAY_A);
- // Escape data pulled from DB.
- $category = add_magic_quotes($category);
-
// Merge old and new fields with new fields overwriting old ones.
$catarr = array_merge($category, $catarr);
Index: wp-admin/includes/ajax-actions.php
===================================================================
--- wp-admin/includes/ajax-actions.php (revision 23383)
+++ wp-admin/includes/ajax-actions.php (working copy)
@@ -279,19 +279,21 @@
*/
function _wp_ajax_add_hierarchical_term() {
- $action = $_POST['action'];
+ $post_data = wp_unslash( $_POST );
+
+ $action = $post_data['action'];
$taxonomy = get_taxonomy(substr($action, 4));
check_ajax_referer( $action, '_ajax_nonce-add-' . $taxonomy->name );
if ( !current_user_can( $taxonomy->cap->edit_terms ) )
wp_die( -1 );
- $names = explode(',', $_POST['new'.$taxonomy->name]);
- $parent = isset($_POST['new'.$taxonomy->name.'_parent']) ? (int) $_POST['new'.$taxonomy->name.'_parent'] : 0;
+ $names = explode(',', $post_data['new'.$taxonomy->name]);
+ $parent = isset($post_data['new'.$taxonomy->name.'_parent']) ? (int) $post_data['new'.$taxonomy->name.'_parent'] : 0;
if ( 0 > $parent )
$parent = 0;
if ( $taxonomy->name == 'category' )
- $post_category = isset($_POST['post_category']) ? (array) $_POST['post_category'] : array();
+ $post_category = isset( $post_data['post_category'] ) ? (array) $post_data['post_category'] : array();
else
- $post_category = ( isset($_POST['tax_input']) && isset($_POST['tax_input'][$taxonomy->name]) ) ? (array) $_POST['tax_input'][$taxonomy->name] : array();
+ $post_category = ( isset( $post_data['tax_input'] ) && isset( $post_data['tax_input'][$taxonomy->name] ) ) ? (array) $post_data['tax_input'][$taxonomy->name] : array();
$checked_categories = array_map( 'absint', (array) $post_category );
$popular_ids = wp_popular_terms_checklist($taxonomy->name, 0, 10, false);
@@ -559,7 +561,7 @@
check_ajax_referer( $action );
if ( !current_user_can( 'manage_categories' ) )
wp_die( -1 );
- $names = explode(',', $_POST['newcat']);
+ $names = explode( ',', stripslashes( $_POST['newcat'] ) );
$x = new WP_Ajax_Response();
foreach ( $names as $cat_name ) {
$cat_name = trim($cat_name);
@@ -586,9 +588,11 @@
function wp_ajax_add_tag() {
global $wp_list_table;
+ $post_data = wp_unslash( $_POST );
+
check_ajax_referer( 'add-tag', '_wpnonce_add-tag' );
- $post_type = !empty($_POST['post_type']) ? $_POST['post_type'] : 'post';
- $taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
+ $post_type = !empty($post_data['post_type']) ? $post_data['post_type'] : 'post';
+ $taxonomy = !empty($post_data['taxonomy']) ? $post_data['taxonomy'] : 'post_tag';
$tax = get_taxonomy($taxonomy);
if ( !current_user_can( $tax->cap->edit_terms ) )
@@ -596,7 +600,7 @@
$x = new WP_Ajax_Response();
- $tag = wp_insert_term($_POST['tag-name'], $taxonomy, $_POST );
+ $tag = wp_insert_term( $post_data['tag-name'], $taxonomy, $post_data );
if ( !$tag || is_wp_error($tag) || (!$tag = get_term( $tag['term_id'], $taxonomy )) ) {
$message = __('An error has occurred. Please reload the page and try again.');
@@ -610,7 +614,7 @@
$x->send();
}
- $wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => $_POST['screen'] ) );
+ $wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => $post_data['screen'] ) );
$level = 0;
if ( is_taxonomy_hierarchical($taxonomy) ) {
@@ -728,10 +732,10 @@
$user = wp_get_current_user();
if ( $user->exists() ) {
$user_ID = $user->ID;
- $comment_author = $wpdb->escape($user->display_name);
- $comment_author_email = $wpdb->escape($user->user_email);
- $comment_author_url = $wpdb->escape($user->user_url);
- $comment_content = trim($_POST['content']);
+ $comment_author = $user->display_name;
+ $comment_author_email = $user->user_email;
+ $comment_author_url = $user->user_url;
+ $comment_content = trim( wp_unslash( $_POST['content'] ) );
if ( current_user_can( 'unfiltered_html' ) ) {
if ( wp_create_nonce( 'unfiltered-html-comment' ) != $_POST['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
@@ -957,8 +961,8 @@
) );
} else { // Update?
$mid = (int) key( $_POST['meta'] );
- $key = stripslashes( $_POST['meta'][$mid]['key'] );
- $value = stripslashes( $_POST['meta'][$mid]['value'] );
+ $key = wp_unslash( $_POST['meta'][$mid]['key'] );
+ $value = wp_unslash( $_POST['meta'][$mid]['value'] );
if ( '' == trim($key) )
wp_die( __( 'Please provide a custom field name.' ) );
if ( '' == trim($value) )
@@ -1227,7 +1231,7 @@
$args = array();
if ( isset( $_POST['search'] ) )
- $args['s'] = stripslashes( $_POST['search'] );
+ $args['s'] = wp_unslash( $_POST['search'] );
$args['pagenum'] = ! empty( $_POST['page'] ) ? absint( $_POST['page'] ) : 1;
require(ABSPATH . WPINC . '/class-wp-editor.php');
@@ -1328,7 +1332,6 @@
$data = &$_POST;
$post = get_post( $post_ID, ARRAY_A );
- $post = add_magic_quotes($post); //since it is from db
$data['content'] = $post['post_content'];
$data['excerpt'] = $post['post_excerpt'];
@@ -1376,8 +1379,10 @@
global $wp_list_table;
check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
+
+ $post_data = wp_unslash( $_POST );
- $taxonomy = sanitize_key( $_POST['taxonomy'] );
+ $taxonomy = sanitize_key( $post_data['taxonomy'] );
$tax = get_taxonomy( $taxonomy );
if ( ! $tax )
wp_die( 0 );
@@ -1387,13 +1392,13 @@
$wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => 'edit-' . $taxonomy ) );
- if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
+ if ( ! isset($post_data['tax_ID']) || ! ( $id = (int) $post_data['tax_ID'] ) )
wp_die( -1 );
$tag = get_term( $id, $taxonomy );
- $_POST['description'] = $tag->description;
+ $post_data['description'] = $tag->description;
- $updated = wp_update_term($id, $taxonomy, $_POST);
+ $updated = wp_update_term($id, $taxonomy, $post_data );
if ( $updated && !is_wp_error($updated) ) {
$tag = get_term( $updated['term_id'], $taxonomy );
if ( !$tag || is_wp_error( $tag ) ) {
@@ -1425,7 +1430,7 @@
$post_types = get_post_types( array( 'public' => true ), 'objects' );
unset( $post_types['attachment'] );
- $s = stripslashes( $_POST['ps'] );
+ $s = wp_unslash( $_POST['ps'] );
$searchand = $search = '';
$args = array(
'post_type' => array_keys( $post_types ),
@@ -1596,7 +1601,7 @@
$post_id = null;
}
- $post_data = isset( $_REQUEST['post_data'] ) ? $_REQUEST['post_data'] : array();
+ $post_data = isset( $_REQUEST['post_data'] ) ? stripslashes_deep( $_REQUEST['post_data'] ) : array();
// If the context is custom header or background, make sure the uploaded file is an image.
if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) {
@@ -1630,10 +1635,10 @@
if ( isset( $post_data['context'] ) && isset( $post_data['theme'] ) ) {
if ( 'custom-background' === $post_data['context'] )
- update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', $post_data['theme'] );
+ wp_update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', $post_data['theme'] );
if ( 'custom-header' === $post_data['context'] )
- update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', $post_data['theme'] );
+ wp_update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', $post_data['theme'] );
}
if ( ! $attachment = wp_prepare_attachment_for_js( $attachment_id ) )
@@ -1778,7 +1783,7 @@
wp_die( 0 );
$new_lock = ( time() - apply_filters( 'wp_check_post_lock_window', AUTOSAVE_INTERVAL * 2 ) + 5 ) . ':' . $active_lock[1];
- update_post_meta( $post_id, '_edit_lock', $new_lock, implode( ':', $active_lock ) );
+ wp_update_post_meta( $post_id, '_edit_lock', $new_lock, implode( ':', $active_lock ) );
wp_die( 1 );
}
Index: wp-admin/includes/post.php
===================================================================
--- wp-admin/includes/post.php (revision 23383)
+++ wp-admin/includes/post.php (working copy)
@@ -149,8 +149,9 @@
*/
function edit_post( $post_data = null ) {
- if ( empty($post_data) )
- $post_data = &$_POST;
+ if ( empty($post_data) ) {
+ $post_data = stripslashes_deep( $_POST );
+ }
// Clear out any data in internal vars.
unset( $post_data['filter'] );
@@ -241,7 +242,7 @@
add_meta( $post_ID );
- update_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
+ wp_update_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
wp_update_post( $post_data );
@@ -559,7 +560,7 @@
}
// Create the post.
- $post_ID = wp_insert_post( $_POST );
+ $post_ID = wp_insert_post( stripslashes_deep( $_POST ) );
if ( is_wp_error( $post_ID ) )
return $post_ID;
@@ -568,7 +569,7 @@
add_meta( $post_ID );
- add_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
+ wp_add_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
// Now that we have an ID we can fix any attachment anchor hrefs
_fix_attachment_links( $post_ID );
@@ -612,9 +613,9 @@
global $wpdb;
$post_ID = (int) $post_ID;
- $metakeyselect = isset($_POST['metakeyselect']) ? stripslashes( trim( $_POST['metakeyselect'] ) ) : '';
- $metakeyinput = isset($_POST['metakeyinput']) ? stripslashes( trim( $_POST['metakeyinput'] ) ) : '';
- $metavalue = isset($_POST['metavalue']) ? $_POST['metavalue'] : '';
+ $metakeyselect = isset($_POST['metakeyselect']) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : '';
+ $metakeyinput = isset($_POST['metakeyinput']) ? wp_unslash( trim( $_POST['metakeyinput'] ) ) : '';
+ $metavalue = isset($_POST['metavalue']) ? wp_unslash( trim( $_POST['metavalue'] ) ) : '';
if ( is_string( $metavalue ) )
$metavalue = trim( $metavalue );
@@ -633,7 +634,7 @@
$metakey = esc_sql( $metakey );
- return add_post_meta( $post_ID, $metakey, $metavalue );
+ return wp_add_post_meta( $post_ID, $metakey, $metavalue );
}
return false;
@@ -706,14 +707,11 @@
* @since 1.2.0
*
* @param unknown_type $meta_id
- * @param unknown_type $meta_key Expect Slashed
- * @param unknown_type $meta_value Expect Slashed
+ * @param unknown_type $meta_key
+ * @param unknown_type $meta_value
* @return unknown
*/
function update_meta( $meta_id, $meta_key, $meta_value ) {
- $meta_key = stripslashes( $meta_key );
- $meta_value = stripslashes_deep( $meta_value );
-
return update_metadata_by_mid( 'post', $meta_id, $meta_value, $meta_key );
}
@@ -767,8 +765,6 @@
if ( $replace ) {
$post['post_content'] = $content;
- // Escape data pulled from DB.
- $post = add_magic_quotes($post);
return wp_update_post($post);
}
@@ -1179,7 +1175,7 @@
$now = time();
$lock = "$now:$user_id";
- update_post_meta( $post->ID, '_edit_lock', $lock );
+ wp_update_post_meta( $post->ID, '_edit_lock', $lock );
return array( $now, $user_id );
}
Index: wp-admin/includes/misc.php
===================================================================
--- wp-admin/includes/misc.php (revision 23383)
+++ wp-admin/includes/misc.php (working copy)
@@ -323,8 +323,8 @@
if ( !$user = wp_get_current_user() )
return;
- $option = $_POST['wp_screen_options']['option'];
- $value = $_POST['wp_screen_options']['value'];
+ $option = stripslashes( $_POST['wp_screen_options']['option'] );
+ $value = stripslashes_deep( $_POST['wp_screen_options']['value'] );
if ( $option != sanitize_key( $option ) )
return;
Index: wp-admin/includes/comment.php
===================================================================
--- wp-admin/includes/comment.php (revision 23383)
+++ wp-admin/includes/comment.php (working copy)
@@ -19,9 +19,6 @@
function comment_exists($comment_author, $comment_date) {
global $wpdb;
- $comment_author = stripslashes($comment_author);
- $comment_date = stripslashes($comment_date);
-
return $wpdb->get_var( $wpdb->prepare("SELECT comment_post_ID FROM $wpdb->comments
WHERE comment_author = %s AND comment_date = %s", $comment_author, $comment_date) );
}
@@ -33,38 +30,40 @@
*/
function edit_comment() {
- if ( ! current_user_can( 'edit_comment', (int) $_POST['comment_ID'] ) )
+ $post_data = stripslashes_deep( $_POST );
+
+ if ( ! current_user_can( 'edit_comment', (int) $post_data['comment_ID'] ) )
wp_die ( __( 'You are not allowed to edit comments on this post.' ) );
- $_POST['comment_author'] = $_POST['newcomment_author'];
- $_POST['comment_author_email'] = $_POST['newcomment_author_email'];
- $_POST['comment_author_url'] = $_POST['newcomment_author_url'];
- $_POST['comment_approved'] = $_POST['comment_status'];
- $_POST['comment_content'] = $_POST['content'];
- $_POST['comment_ID'] = (int) $_POST['comment_ID'];
+ $post_data['comment_author'] = $post_data['newcomment_author'];
+ $post_data['comment_author_email'] = $post_data['newcomment_author_email'];
+ $post_data['comment_author_url'] = $post_data['newcomment_author_url'];
+ $post_data['comment_approved'] = $post_data['comment_status'];
+ $post_data['comment_content'] = $post_data['content'];
+ $post_data['comment_ID'] = (int) $post_data['comment_ID'];
foreach ( array ('aa', 'mm', 'jj', 'hh', 'mn') as $timeunit ) {
- if ( !empty( $_POST['hidden_' . $timeunit] ) && $_POST['hidden_' . $timeunit] != $_POST[$timeunit] ) {
+ if ( !empty( $post_data['hidden_' . $timeunit] ) && $post_data['hidden_' . $timeunit] != $post_data[$timeunit] ) {
$_POST['edit_date'] = '1';
break;
}
}
- if ( !empty ( $_POST['edit_date'] ) ) {
- $aa = $_POST['aa'];
- $mm = $_POST['mm'];
- $jj = $_POST['jj'];
- $hh = $_POST['hh'];
- $mn = $_POST['mn'];
- $ss = $_POST['ss'];
+ if ( !empty ( $post_data['edit_date'] ) ) {
+ $aa = $post_data['aa'];
+ $mm = $post_data['mm'];
+ $jj = $post_data['jj'];
+ $hh = $post_data['hh'];
+ $mn = $post_data['mn'];
+ $ss = $post_data['ss'];
$jj = ($jj > 31 ) ? 31 : $jj;
$hh = ($hh > 23 ) ? $hh -24 : $hh;
$mn = ($mn > 59 ) ? $mn -60 : $mn;
$ss = ($ss > 59 ) ? $ss -60 : $ss;
- $_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
+ $post_data['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
}
- wp_update_comment( $_POST );
+ wp_update_comment( $post_data );
}
/**
Index: wp-admin/includes/image-edit.php
===================================================================
--- wp-admin/includes/image-edit.php (revision 23383)
+++ wp-admin/includes/image-edit.php (working copy)
@@ -533,7 +533,7 @@
}
}
- if ( !wp_update_attachment_metadata($post_id, $meta) || !update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes) ) {
+ if ( !wp_update_attachment_metadata($post_id, $meta) || !wp_update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes) ) {
$msg->error = __('Cannot save image metadata.');
return $msg;
}
@@ -699,7 +699,7 @@
if ( $success ) {
wp_update_attachment_metadata( $post_id, $meta );
- update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes);
+ wp_update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes);
if ( $target == 'thumbnail' || $target == 'all' || $target == 'full' ) {
// Check if it's an image edit from attachment edit screen
Index: wp-admin/includes/user.php
===================================================================
--- wp-admin/includes/user.php (revision 23383)
+++ wp-admin/includes/user.php (working copy)
@@ -38,18 +38,21 @@
} else {
$update = false;
}
+
+ // get clean data before we get started.
+ $post_data = stripslashes_deep( $_POST );
- if ( !$update && isset( $_POST['user_login'] ) )
- $user->user_login = sanitize_user($_POST['user_login'], true);
+ if ( !$update && isset( $post_data['user_login'] ) )
+ $user->user_login = sanitize_user($post_data['user_login'], true);
$pass1 = $pass2 = '';
- if ( isset( $_POST['pass1'] ))
- $pass1 = $_POST['pass1'];
- if ( isset( $_POST['pass2'] ))
- $pass2 = $_POST['pass2'];
+ if ( isset( $post_data['pass1'] ))
+ $pass1 = $post_data['pass1'];
+ if ( isset( $post_data['pass2'] ))
+ $pass2 = $post_data['pass2'];
- if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
- $new_role = sanitize_text_field( $_POST['role'] );
+ if ( isset( $post_data['role'] ) && current_user_can( 'edit_users' ) ) {
+ $new_role = sanitize_text_field( $post_data['role'] );
$potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
// Multisite super admins can freely edit their blog roles -- they possess all caps.
@@ -62,44 +65,44 @@
wp_die(__('You can’t give users that role.'));
}
- if ( isset( $_POST['email'] ))
- $user->user_email = sanitize_text_field( $_POST['email'] );
- if ( isset( $_POST['url'] ) ) {
- if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
+ if ( isset( $post_data['email'] ))
+ $user->user_email = sanitize_text_field( $post_data['email'] );
+ if ( isset( $post_data['url'] ) ) {
+ if ( empty ( $post_data['url'] ) || $post_data['url'] == 'http://' ) {
$user->user_url = '';
} else {
- $user->user_url = esc_url_raw( $_POST['url'] );
+ $user->user_url = esc_url_raw( $post_data['url'] );
$protocols = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
$user->user_url = preg_match('/^(' . $protocols . '):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
}
}
- if ( isset( $_POST['first_name'] ) )
- $user->first_name = sanitize_text_field( $_POST['first_name'] );
- if ( isset( $_POST['last_name'] ) )
- $user->last_name = sanitize_text_field( $_POST['last_name'] );
- if ( isset( $_POST['nickname'] ) )
- $user->nickname = sanitize_text_field( $_POST['nickname'] );
- if ( isset( $_POST['display_name'] ) )
- $user->display_name = sanitize_text_field( $_POST['display_name'] );
+ if ( isset( $post_data['first_name'] ) )
+ $user->first_name = sanitize_text_field( $post_data['first_name'] );
+ if ( isset( $post_data['last_name'] ) )
+ $user->last_name = sanitize_text_field( $post_data['last_name'] );
+ if ( isset( $post_data['nickname'] ) )
+ $user->nickname = sanitize_text_field( $post_data['nickname'] );
+ if ( isset( $post_data['display_name'] ) )
+ $user->display_name = sanitize_text_field( $post_data['display_name'] );
- if ( isset( $_POST['description'] ) )
- $user->description = trim( $_POST['description'] );
+ if ( isset( $post_data['description'] ) )
+ $user->description = trim( $post_data['description'] );
foreach ( _wp_get_user_contactmethods( $user ) as $method => $name ) {
- if ( isset( $_POST[$method] ))
- $user->$method = sanitize_text_field( $_POST[$method] );
+ if ( isset( $post_data[$method] ))
+ $user->$method = sanitize_text_field( $post_data[$method] );
}
if ( $update ) {
- $user->rich_editing = isset( $_POST['rich_editing'] ) && 'false' == $_POST['rich_editing'] ? 'false' : 'true';
- $user->admin_color = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh';
- $user->show_admin_bar_front = isset( $_POST['admin_bar_front'] ) ? 'true' : 'false';
+ $user->rich_editing = isset( $post_data['rich_editing'] ) && 'false' == $post_data['rich_editing'] ? 'false' : 'true';
+ $user->admin_color = isset( $post_data['admin_color'] ) ? sanitize_text_field( $post_data['admin_color'] ) : 'fresh';
+ $user->show_admin_bar_front = isset( $post_data['admin_bar_front'] ) ? 'true' : 'false';
}
- $user->comment_shortcuts = isset( $_POST['comment_shortcuts'] ) && 'true' == $_POST['comment_shortcuts'] ? 'true' : '';
+ $user->comment_shortcuts = isset( $post_data['comment_shortcuts'] ) && 'true' == $post_data['comment_shortcuts'] ? 'true' : '';
$user->use_ssl = 0;
- if ( !empty($_POST['use_ssl']) )
+ if ( !empty($post_data['use_ssl']) )
$user->use_ssl = 1;
$errors = new WP_Error();
@@ -134,7 +137,7 @@
if ( !empty( $pass1 ) )
$user->user_pass = $pass1;
- if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
+ if ( !$update && isset( $post_data['user_login'] ) && !validate_username( $post_data['user_login'] ) )
$errors->add( 'user_login', __( 'ERROR: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
if ( !$update && username_exists( $user->user_login ) )
@@ -159,7 +162,7 @@
$user_id = wp_update_user( $user );
} else {
$user_id = wp_insert_user( $user );
- wp_new_user_notification( $user_id, isset($_POST['send_password']) ? $pass1 : '' );
+ wp_new_user_notification( $user_id, isset($post_data['send_password']) ? $pass1 : '' );
}
return $user_id;
}
Index: wp-admin/includes/media.php
===================================================================
--- wp-admin/includes/media.php (revision 23383)
+++ wp-admin/includes/media.php (working copy)
@@ -444,6 +444,8 @@
}
if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
+ $attachment = stripslashes_deep( $attachment );
+
$post = $_post = get_post($attachment_id, ARRAY_A);
$post_type_object = get_post_type_object( $post[ 'post_type' ] );
@@ -468,10 +470,9 @@
if ( isset($attachment['image_alt']) ) {
$image_alt = get_post_meta($attachment_id, '_wp_attachment_image_alt', true);
- if ( $image_alt != stripslashes($attachment['image_alt']) ) {
- $image_alt = wp_strip_all_tags( stripslashes($attachment['image_alt']), true );
- // update_meta expects slashed
- update_post_meta( $attachment_id, '_wp_attachment_image_alt', addslashes($image_alt) );
+ if ( $image_alt != $attachment['image_alt'] ) {
+ $image_alt = wp_strip_all_tags( $attachment['image_alt'], true );
+ wp_update_post_meta( $attachment_id, '_wp_attachment_image_alt', $image_alt );
}
}
Index: wp-admin/edit-tags.php
===================================================================
--- wp-admin/edit-tags.php (revision 23383)
+++ wp-admin/edit-tags.php (working copy)
@@ -47,7 +47,9 @@
if ( !current_user_can( $tax->cap->edit_terms ) )
wp_die( __( 'Cheatin’ uh?' ) );
- $ret = wp_insert_term( $_POST['tag-name'], $taxonomy, $_POST );
+ $post_data = stripslashes_deep( $_POST );
+
+ $ret = wp_insert_term( $post_data['tag-name'], $taxonomy, $post_data );
$location = 'edit-tags.php?taxonomy=' . $taxonomy;
if ( 'post' != $post_type )
$location .= '&post_type=' . $post_type;
@@ -132,7 +134,10 @@
break;
case 'editedtag':
- $tag_ID = (int) $_POST['tag_ID'];
+
+ $post_data = stripslashes_deep( $_POST );
+
+ $tag_ID = (int) $post_data['tag_ID'];
check_admin_referer( 'update-tag_' . $tag_ID );
if ( !current_user_can( $tax->cap->edit_terms ) )
@@ -142,7 +147,7 @@
if ( ! $tag )
wp_die( __( 'You attempted to edit an item that doesn’t exist. Perhaps it was deleted?' ) );
- $ret = wp_update_term( $tag_ID, $taxonomy, $_POST );
+ $ret = wp_update_term( $tag_ID, $taxonomy, $post_data );
$location = 'edit-tags.php?taxonomy=' . $taxonomy;
if ( 'post' != $post_type )
Index: wp-admin/custom-header.php
===================================================================
--- wp-admin/custom-header.php (revision 23383)
+++ wp-admin/custom-header.php (working copy)
@@ -948,7 +948,7 @@
'width' => $choice['width'],
);
- update_post_meta( $choice['attachment_id'], '_wp_attachment_is_custom_header', get_stylesheet() );
+ wp_update_post_meta( $choice['attachment_id'], '_wp_attachment_is_custom_header', get_stylesheet() );
set_theme_mod( 'header_image', $choice['url'] );
set_theme_mod( 'header_image_data', $header_image_data );
return;
Index: wp-admin/media.php
===================================================================
--- wp-admin/media.php (revision 23383)
+++ wp-admin/media.php (working copy)
@@ -32,7 +32,7 @@
}
if ( false !== strpos($location, 'upload.php') ) {
$location = remove_query_arg('message', $location);
- $location = add_query_arg('posted', $attachment_id, $location);
+ $location = add_query_arg('posted', $attachment_id, $location);
} elseif ( false !== strpos($location, 'media.php') ) {
$location = add_query_arg('message', 'updated', $location);
}
Index: wp-admin/nav-menus.php
===================================================================
--- wp-admin/nav-menus.php (revision 23383)
+++ wp-admin/nav-menus.php (working copy)
@@ -93,7 +93,7 @@
if ( ! is_wp_error( $parent_object ) ) {
$parent_data = (array) $parent_object;
$menu_item_data['menu_item_parent'] = $parent_data['menu_item_parent'];
- update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
+ wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
}
@@ -103,7 +103,7 @@
$menu_item_data['menu_order'] = $menu_item_data['menu_order'] + 1;
$menu_item_data['menu_item_parent'] = $next_item_data['ID'];
- update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
+ wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post($menu_item_data);
wp_update_post($next_item_data);
@@ -115,7 +115,7 @@
in_array( $menu_item_data['menu_item_parent'], $orders_to_dbids )
) {
$menu_item_data['menu_item_parent'] = (int) get_post_meta( $menu_item_data['menu_item_parent'], '_menu_item_menu_item_parent', true);
- update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
+ wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
}
}
}
@@ -190,7 +190,7 @@
$menu_item_data['menu_order'] = $menu_item_data['menu_order'] - 1;
// save changes
- update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
+ wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post($menu_item_data);
wp_update_post($parent_data);
}
@@ -205,7 +205,7 @@
) {
// just make it a child of the previous; keep the order
$menu_item_data['menu_item_parent'] = (int) $orders_to_dbids[$dbids_to_orders[$menu_item_id] - 1];
- update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
+ wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post($menu_item_data);
}
}
Index: wp-admin/custom-background.php
===================================================================
--- wp-admin/custom-background.php (revision 23383)
+++ wp-admin/custom-background.php (working copy)
@@ -378,7 +378,7 @@
// Add the meta-data
wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
- update_post_meta( $id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
+ wp_update_post_meta( $id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
set_theme_mod('background_image', esc_url_raw($url));
@@ -415,7 +415,7 @@
if ( in_array( $_POST['size'], $sizes ) )
$size = esc_attr( $_POST['size'] );
- update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
+ wp_update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
$url = wp_get_attachment_image_src( $attachment_id, $size );
$thumbnail = wp_get_attachment_image_src( $attachment_id, 'thumbnail' );
set_theme_mod( 'background_image', esc_url_raw( $url[0] ) );