Use wp_get_referer(). fixes #2800 #2855

git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2006-06-24 21:37:24 +00:00
parent 6367948cac
commit 421007958a
8 changed files with 20 additions and 19 deletions

View File

@ -211,10 +211,10 @@ if ('publish' != $post->post_status || 0 == $post_ID) {
<input name="referredby" type="hidden" id="referredby" value="<?php <input name="referredby" type="hidden" id="referredby" value="<?php
if ( !empty($_REQUEST['popupurl']) ) if ( !empty($_REQUEST['popupurl']) )
echo wp_specialchars($_REQUEST['popupurl']); echo wp_specialchars($_REQUEST['popupurl']);
else if ( url_to_postid($_SERVER['HTTP_REFERER']) == $post_ID ) else if ( url_to_postid(wp_get_referer()) == $post_ID )
echo 'redo'; echo 'redo';
else else
echo wp_specialchars($_SERVER['HTTP_REFERER']); echo wp_specialchars(wp_get_referer());
?>" /></p> ?>" /></p>
<?php do_action('edit_form_advanced'); ?> <?php do_action('edit_form_advanced'); ?>

View File

@ -89,7 +89,7 @@ else
</script> </script>
<p class="submit"><input type="submit" name="editcomment" id="editcomment" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" /> <p class="submit"><input type="submit" name="editcomment" id="editcomment" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" />
<input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" /> <input name="referredby" type="hidden" id="referredby" value="<?php echo wp_get_referer(); ?>" />
</p> </p>
</div> </div>

View File

@ -64,7 +64,7 @@ edCanvas = document.getElementById('content');
<?php if ('bookmarklet' != $mode) { <?php if ('bookmarklet' != $mode) {
echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' . __('Advanced Editing &raquo;') . '" />'; echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' . __('Advanced Editing &raquo;') . '" />';
} ?> } ?>
<input name="referredby" type="hidden" id="referredby" value="<?php if (isset($_SERVER['HTTP_REFERER'])) echo urlencode($_SERVER['HTTP_REFERER']); ?>" /> <input name="referredby" type="hidden" id="referredby" value="<?php if (isset(wp_get_referer())) echo urlencode(wp_get_referer()); ?>" />
</p> </p>
<?php do_action('simple_edit_form', ''); ?> <?php do_action('simple_edit_form', ''); ?>

View File

@ -14,7 +14,7 @@ if (0 == $post_ID) {
$form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />"; $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
} }
$sendto = $_SERVER['HTTP_REFERER']; $sendto = wp_get_referer();
if ( 0 != $post_ID && $sendto == get_permalink($post_ID) ) if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
$sendto = 'redo'; $sendto = 'redo';

View File

@ -129,7 +129,7 @@ switch ($action) {
add_link(); add_link();
header('Location: ' . $_SERVER['HTTP_REFERER'] . '?added=true'); header('Location: ' . wp_get_referer() . '?added=true');
break; break;
} // end Add } // end Add

View File

@ -111,12 +111,12 @@ case 'editpost':
$post_ID = edit_post(); $post_ID = edit_post();
if ($_POST['save']) { if ($_POST['save']) {
$location = $_SERVER['HTTP_REFERER']; $location = wp_get_referer();
} elseif ($_POST['updatemeta']) { } elseif ($_POST['updatemeta']) {
$location = $_SERVER['HTTP_REFERER'] . '&message=2#postcustom'; $location = wp_get_referer() . '&message=2#postcustom';
} elseif ($_POST['deletemeta']) { } elseif ($_POST['deletemeta']) {
$location = $_SERVER['HTTP_REFERER'] . '&message=3#postcustom'; $location = wp_get_referer() . '&message=3#postcustom';
} elseif (isset($_POST['referredby']) && $_POST['referredby'] != $_SERVER['HTTP_REFERER']) { } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) {
$location = $_POST['referredby']; $location = $_POST['referredby'];
if ( $_POST['referredby'] == 'redo' ) if ( $_POST['referredby'] == 'redo' )
$location = get_permalink( $post_ID ); $location = get_permalink( $post_ID );
@ -125,6 +125,7 @@ case 'editpost':
} else { } else {
$location = 'post.php'; $location = 'post.php';
} }
header ('Location: ' . $location); // Send user on their way while we keep working header ('Location: ' . $location); // Send user on their way while we keep working
exit(); exit();
@ -147,7 +148,7 @@ case 'delete':
die( __('Error in deleting...') ); die( __('Error in deleting...') );
} }
$sendback = $_SERVER['HTTP_REFERER']; $sendback = wp_get_referer();
if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php'; if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php';
elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php';
$sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
@ -234,8 +235,8 @@ case 'deletecomment':
wp_set_comment_status($comment->comment_ID, "delete"); wp_set_comment_status($comment->comment_ID, "delete");
do_action('delete_comment', $comment->comment_ID); do_action('delete_comment', $comment->comment_ID);
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) { if ((wp_get_referer() != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']); header('Location: ' . wp_get_referer());
} else { } else {
header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
} }
@ -261,8 +262,8 @@ case 'unapprovecomment':
wp_set_comment_status($comment->comment_ID, "hold"); wp_set_comment_status($comment->comment_ID, "hold");
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) { if ((wp_get_referer() != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']); header('Location: ' . wp_get_referer());
} else { } else {
header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
} }
@ -312,8 +313,8 @@ case 'approvecomment':
} }
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) { if ((wp_get_referer() != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']); header('Location: ' . wp_get_referer());
} else { } else {
header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
} }

View File

@ -67,7 +67,7 @@ text-align: center; border-top: 1px solid #ccc; padding-top: 1em; font-style: it
switch($step) { switch($step) {
case 0: case 0:
$goback = wp_specialchars($_SERVER['HTTP_REFERER'], 1); $goback = wp_specialchars(wp_get_referer());
?> ?>
<p><?php _e('This file upgrades you from any previous version of WordPress to the latest. It may take a while though, so be patient.'); ?></p> <p><?php _e('This file upgrades you from any previous version of WordPress to the latest. It may take a while though, so be patient.'); ?></p>
<h2 class="step"><a href="upgrade.php?step=1&amp;backto=<?php echo $goback; ?>"><?php _e('Upgrade WordPress &raquo;'); ?></a></h2> <h2 class="step"><a href="upgrade.php?step=1&amp;backto=<?php echo $goback; ?>"><?php _e('Upgrade WordPress &raquo;'); ?></a></h2>

View File

@ -7,5 +7,5 @@ if ( get_magic_quotes_gpc() )
// 10 days // 10 days
setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
wp_redirect($_SERVER['HTTP_REFERER']); wp_redirect(wp_get_referer());
?> ?>