WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Strip extra slashes from _POST when doing nonce AYS. Props MarkJaquith and mdawaffe. fixes #2761 

git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2006-06-01 23:39:03 +00:00
parent b027b64a18
commit 627ec22359
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/pluggable-functions.php
View File

@ -238,6 +238,8 @@ function check_admin_referer($action = -1) {
$html = "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>\n<html xmlns='http://www.w3.org/1999/xhtml' lang='en' xml:lang='en'>\n\n";
$html .= "<head>\n\t<title>" . __('WordPress Confirmation') . "</title>\n";
$html .= "</head>\n<body>\n";
// Remove extra layer of slashes.
$_POST = stripslashes_deep($_POST );
if ( $_POST ) {
$q = http_build_query($_POST);
$q = explode( ini_get('arg_separator.output'), $q);