Hardening. Santizers for WPLANG and new_admin_email. Prevent stomping ID and filter. Validate locale filename. Props westi. For 3.1.

git-svn-id: http://svn.automattic.com/wordpress/branches/3.1@18356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2011-06-27 21:36:48 +00:00
parent dcf09a7568
commit 822c052b96
6 changed files with 38 additions and 4 deletions

View File

@ -596,7 +596,8 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
'post_content' => $url,
'post_mime_type' => $type,
'guid' => $url,
'context' => 'custom-header');
'context' => 'custom-header'
);
// Save the data
$id = wp_insert_attachment($object, $file);

View File

@ -228,6 +228,10 @@ function media_handle_upload($file_id, $post_id, $post_data = array(), $override
'post_content' => $content,
), $post_data );
// This should never be set as it would then overwrite an existing attachment.
if ( isset( $attachment['ID'] ) )
unset( $attachment['ID'] );
// Save the data
$id = wp_insert_attachment($attachment, $file, $post_id);
if ( !is_wp_error($id) ) {
@ -281,6 +285,10 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
'post_content' => $content,
), $post_data );
// This should never be set as it would then overwrite an existing attachment.
if ( isset( $attachment['ID'] ) )
unset( $attachment['ID'] );
// Save the attachment metadata
$id = wp_insert_attachment($attachment, $file, $post_id);
if ( !is_wp_error($id) )

View File

@ -135,6 +135,10 @@ function edit_post( $post_data = null ) {
if ( empty($post_data) )
$post_data = &$_POST;
// Clear out any data in internal vars.
if ( isset( $post_data['filter'] ) )
unset( $post_data['filter'] );
$post_ID = (int) $post_data['post_ID'];
$post = get_post( $post_ID );
$post_data['post_type'] = $post->post_type;
@ -553,6 +557,15 @@ function wp_write_post() {
}
}
// Edit don't write if we have a post id.
if ( isset( $_POST['ID'] ) ) {
$_POST['post_ID'] = $_POST['ID'];
unset ( $_POST['ID'] );
}
if ( isset( $_POST['post_ID'] ) ) {
return edit_post();
}
$translated = _wp_translate_postdata( false );
if ( is_wp_error($translated) )
return $translated;

View File

@ -127,7 +127,7 @@ include('./admin-header.php');
$new_admin_email = get_option( 'new_admin_email' );
if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?>
<div class="updated inline">
<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), $new_admin_email, esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), esc_html( $new_admin_email ), esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
</div>
<?php endif; ?>
</td>

View File

@ -2440,7 +2440,14 @@ function sanitize_option($option, $value) {
add_settings_error('admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
}
break;
case 'new_admin_email':
$value = sanitize_email($value);
if ( !is_email($value) ) {
$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
if ( function_exists('add_settings_error') )
add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
}
break;
case 'thumbnail_size_w':
case 'thumbnail_size_h':
case 'medium_size_w':
@ -2534,6 +2541,11 @@ function sanitize_option($option, $value) {
add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.'));
}
break;
case 'WPLANG':
$allowed = get_available_languages();
if ( ! in_array( $value, $allowed ) && ! empty( $value ) )
$value = get_option( $option );
break;
default :
$value = apply_filters("sanitize_option_{$option}", $value, $option);

View File

@ -258,7 +258,7 @@ load_default_textdomain();
// Find the blog locale.
$locale = get_locale();
$locale_file = WP_LANG_DIR . "/$locale.php";
if ( is_readable( $locale_file ) )
if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) )
require( $locale_file );
unset($locale_file);