WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Do not allow .. anywhere in the filename. 

git-svn-id: http://svn.automattic.com/wordpress/trunk@2019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
rboren 2004-12-30 18:05:46 +00:00
parent 88f5c2951c
commit 5c92876ab2
2 changed files with 32 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
wp-admin/admin-functions.php
View File

@ -760,20 +760,37 @@ function add_management_page($page_title, $menu_title, $access_level, $file) {
add_submenu_page('edit.php', $page_title, $menu_title, $access_level, $file);
}
function validate_file_to_edit($file, $allowed_files = '') {
if ('..' == substr($file,0,2))
die (__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
function validate_file($file, $allowed_files = '') {
if ( false !== strpos($file, './'))
return 1;
if (':' == substr($file,1,1))
die (__('Sorry, can’t call files with their real path.'));
return 2;
if ( !empty($allowed_files) && (! in_array($file, $allowed_files)) ) {
die (__('Sorry, that file cannot be edited.'));
}
if ( !empty($allowed_files) && (! in_array($file, $allowed_files)) )
return 3;
return 0;
}
function validate_file_to_edit($file, $allowed_files = '') {
$file = stripslashes($file);
return $file;
$code = validate_file($file, $allowed_files);
if (! $code)
return $file;
switch ($code) {
case 1:
die (__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
case 2:
die (__('Sorry, can’t call files with their real path.'));
case 3:
die (__('Sorry, that file cannot be edited.'));
}
}
function get_home_path() {

10
wp-admin/admin.php
View File

@ -42,13 +42,15 @@ require(ABSPATH . '/wp-admin/menu.php');
// Handle plugin admin pages.
if (isset($_GET['page'])) {
$plugin_page = plugin_basename($_GET['page']);
if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page")) {
die(sprintf(__('Cannot load %s.'), $plugin_page));
if ( validate_file($plugin_page) ) {
die(__('Invalid plugin page'));
}
if (! isset($_GET['noheader'])) {
if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page"))
die(sprintf(__('Cannot load %s.'), $plugin_page));
if (! isset($_GET['noheader']))
require_once(ABSPATH . '/wp-admin/admin-header.php');
}
include(ABSPATH . "wp-content/plugins/$plugin_page");