Do not allow .. anywhere in the filename.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
88f5c2951c
commit
5c92876ab2
|
@ -760,20 +760,37 @@ function add_management_page($page_title, $menu_title, $access_level, $file) {
|
||||||
add_submenu_page('edit.php', $page_title, $menu_title, $access_level, $file);
|
add_submenu_page('edit.php', $page_title, $menu_title, $access_level, $file);
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate_file_to_edit($file, $allowed_files = '') {
|
function validate_file($file, $allowed_files = '') {
|
||||||
if ('..' == substr($file,0,2))
|
if ( false !== strpos($file, './'))
|
||||||
die (__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
|
return 1;
|
||||||
|
|
||||||
if (':' == substr($file,1,1))
|
if (':' == substr($file,1,1))
|
||||||
die (__('Sorry, can’t call files with their real path.'));
|
return 2;
|
||||||
|
|
||||||
if ( !empty($allowed_files) && (! in_array($file, $allowed_files)) ) {
|
if ( !empty($allowed_files) && (! in_array($file, $allowed_files)) )
|
||||||
die (__('Sorry, that file cannot be edited.'));
|
return 3;
|
||||||
}
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
function validate_file_to_edit($file, $allowed_files = '') {
|
||||||
$file = stripslashes($file);
|
$file = stripslashes($file);
|
||||||
|
|
||||||
return $file;
|
$code = validate_file($file, $allowed_files);
|
||||||
|
|
||||||
|
if (! $code)
|
||||||
|
return $file;
|
||||||
|
|
||||||
|
switch ($code) {
|
||||||
|
case 1:
|
||||||
|
die (__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
|
||||||
|
|
||||||
|
case 2:
|
||||||
|
die (__('Sorry, can’t call files with their real path.'));
|
||||||
|
|
||||||
|
case 3:
|
||||||
|
die (__('Sorry, that file cannot be edited.'));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_home_path() {
|
function get_home_path() {
|
||||||
|
|
|
@ -42,13 +42,15 @@ require(ABSPATH . '/wp-admin/menu.php');
|
||||||
// Handle plugin admin pages.
|
// Handle plugin admin pages.
|
||||||
if (isset($_GET['page'])) {
|
if (isset($_GET['page'])) {
|
||||||
$plugin_page = plugin_basename($_GET['page']);
|
$plugin_page = plugin_basename($_GET['page']);
|
||||||
if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page")) {
|
if ( validate_file($plugin_page) ) {
|
||||||
die(sprintf(__('Cannot load %s.'), $plugin_page));
|
die(__('Invalid plugin page'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (! isset($_GET['noheader'])) {
|
if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page"))
|
||||||
|
die(sprintf(__('Cannot load %s.'), $plugin_page));
|
||||||
|
|
||||||
|
if (! isset($_GET['noheader']))
|
||||||
require_once(ABSPATH . '/wp-admin/admin-header.php');
|
require_once(ABSPATH . '/wp-admin/admin-header.php');
|
||||||
}
|
|
||||||
|
|
||||||
include(ABSPATH . "wp-content/plugins/$plugin_page");
|
include(ABSPATH . "wp-content/plugins/$plugin_page");
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue