Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Props xknown, zieladam, peterwilsoncc, whyisjake.
Merges [49379] to trunk.
Built from https://develop.svn.wordpress.org/trunk@49388


git-svn-id: http://core.svn.wordpress.org/trunk@49147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
desrosj 2020-10-29 18:09:13 +00:00
parent 84a7bde414
commit 9c5173ffa6
6 changed files with 10 additions and 4 deletions

View File

@ -581,6 +581,8 @@ class Custom_Background {
* @deprecated 3.5.0 * @deprecated 3.5.0
*/ */
public function wp_set_background_image() { public function wp_set_background_image() {
check_ajax_referer( 'custom-background' );
if ( ! current_user_can( 'edit_theme_options' ) || ! isset( $_POST['attachment_id'] ) ) { if ( ! current_user_can( 'edit_theme_options' ) || ! isset( $_POST['attachment_id'] ) ) {
exit; exit;
} }

View File

@ -126,11 +126,13 @@
frame.on( 'select', function() { frame.on( 'select', function() {
// Grab the selected attachment. // Grab the selected attachment.
var attachment = frame.state().get('selection').first(); var attachment = frame.state().get('selection').first();
var nonceValue = $( '#_wpnonce' ).val() || '';
// Run an Ajax request to set the background image. // Run an Ajax request to set the background image.
$.post( ajaxurl, { $.post( ajaxurl, {
action: 'set-background-image', action: 'set-background-image',
attachment_id: attachment.id, attachment_id: attachment.id,
_ajax_nonce: nonceValue,
size: 'full' size: 'full'
}).done( function() { }).done( function() {
// When the request completes, reload the window. // When the request completes, reload the window.

View File

@ -1,2 +1,2 @@
/*! This file is auto-generated */ /*! This file is auto-generated */
!function(e){e(document).ready(function(){var o,t=e("#custom-background-image");e("#background-color").wpColorPicker({change:function(n,c){t.css("background-color",c.color.toString())},clear:function(){t.css("background-color","")}}),e('select[name="background-size"]').change(function(){t.css("background-size",e(this).val())}),e('input[name="background-position"]').change(function(){t.css("background-position",e(this).val())}),e('input[name="background-repeat"]').change(function(){t.css("background-repeat",e(this).is(":checked")?"repeat":"no-repeat")}),e('input[name="background-attachment"]').change(function(){t.css("background-attachment",e(this).is(":checked")?"scroll":"fixed")}),e("#choose-from-library-link").click(function(n){var c=e(this);n.preventDefault(),o||(o=wp.media.frames.customBackground=wp.media({title:c.data("choose"),library:{type:"image"},button:{text:c.data("update"),close:!1}})).on("select",function(){var n=o.state().get("selection").first();e.post(ajaxurl,{action:"set-background-image",attachment_id:n.id,size:"full"}).done(function(){window.location.reload()})}),o.open()})})}(jQuery); !function(e){e(document).ready(function(){var o,a=e("#custom-background-image");e("#background-color").wpColorPicker({change:function(n,c){a.css("background-color",c.color.toString())},clear:function(){a.css("background-color","")}}),e('select[name="background-size"]').change(function(){a.css("background-size",e(this).val())}),e('input[name="background-position"]').change(function(){a.css("background-position",e(this).val())}),e('input[name="background-repeat"]').change(function(){a.css("background-repeat",e(this).is(":checked")?"repeat":"no-repeat")}),e('input[name="background-attachment"]').change(function(){a.css("background-attachment",e(this).is(":checked")?"scroll":"fixed")}),e("#choose-from-library-link").click(function(n){var c=e(this);n.preventDefault(),o||(o=wp.media.frames.customBackground=wp.media({title:c.data("choose"),library:{type:"image"},button:{text:c.data("update"),close:!1}})).on("select",function(){var n=o.state().get("selection").first(),c=e("#_wpnonce").val()||"";e.post(ajaxurl,{action:"set-background-image",attachment_id:n.id,_ajax_nonce:c,size:"full"}).done(function(){window.location.reload()})}),o.open()})})}(jQuery);

View File

@ -11,7 +11,7 @@ jQuery(function($) {
* Adds a click event handler to the element with a 'wp-gallery' class. * Adds a click event handler to the element with a 'wp-gallery' class.
*/ */
$( 'body' ).bind( 'click.wp-gallery', function(e) { $( 'body' ).bind( 'click.wp-gallery', function(e) {
var target = $( e.target ), id, img_size; var target = $( e.target ), id, img_size, nonceValue;
if ( target.hasClass( 'wp-set-header' ) ) { if ( target.hasClass( 'wp-set-header' ) ) {
// Opens the image to preview it full size. // Opens the image to preview it full size.
@ -21,6 +21,7 @@ jQuery(function($) {
// Sets the image as background of the theme. // Sets the image as background of the theme.
id = target.data( 'attachment-id' ); id = target.data( 'attachment-id' );
img_size = $( 'input[name="attachments[' + id + '][image-size]"]:checked').val(); img_size = $( 'input[name="attachments[' + id + '][image-size]"]:checked').val();
nonceValue = $( '#_wpnonce' ).val() && '';
/** /**
* This Ajax action has been deprecated since 3.5.0, see custom-background.php * This Ajax action has been deprecated since 3.5.0, see custom-background.php
@ -28,6 +29,7 @@ jQuery(function($) {
jQuery.post(ajaxurl, { jQuery.post(ajaxurl, {
action: 'set-background-image', action: 'set-background-image',
attachment_id: id, attachment_id: id,
_ajax_nonce: nonceValue,
size: img_size size: img_size
}, function() { }, function() {
var win = window.dialogArguments || opener || parent || top; var win = window.dialogArguments || opener || parent || top;

View File

@ -1,2 +1,2 @@
/*! This file is auto-generated */ /*! This file is auto-generated */
jQuery(function(o){o("body").bind("click.wp-gallery",function(a){var e,t,n=o(a.target);n.hasClass("wp-set-header")?((window.dialogArguments||opener||parent||top).location.href=n.data("location"),a.preventDefault()):n.hasClass("wp-set-background")&&(e=n.data("attachment-id"),t=o('input[name="attachments['+e+'][image-size]"]:checked').val(),jQuery.post(ajaxurl,{action:"set-background-image",attachment_id:e,size:t},function(){var a=window.dialogArguments||opener||parent||top;a.tb_remove(),a.location.reload()}),a.preventDefault())})}); jQuery(function(r){r("body").bind("click.wp-gallery",function(a){var e,t,n,o=r(a.target);o.hasClass("wp-set-header")?((window.dialogArguments||opener||parent||top).location.href=o.data("location"),a.preventDefault()):o.hasClass("wp-set-background")&&(e=o.data("attachment-id"),t=r('input[name="attachments['+e+'][image-size]"]:checked').val(),n=r("#_wpnonce").val()&&"",jQuery.post(ajaxurl,{action:"set-background-image",attachment_id:e,_ajax_nonce:n,size:t},function(){var a=window.dialogArguments||opener||parent||top;a.tb_remove(),a.location.reload()}),a.preventDefault())})});

View File

@ -13,7 +13,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '5.6-beta2-49387'; $wp_version = '5.6-beta2-49388';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.