WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Always exit after wp_redirect. props filosofo, fixes #15518. 

git-svn-id: http://svn.automattic.com/wordpress/trunk@16847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2010-12-09 18:02:54 +00:00
parent 0036c52101
commit a717edca97
29 changed files with 64 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
wp-admin/admin.php
View File

@ -178,13 +178,17 @@ if ( isset($plugin_page) ) {
if ( ! current_user_can('import') )
wp_die(__('You are not allowed to import.'));
if ( validate_file($importer) )
if ( validate_file($importer) ) {
wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
exit;
}
// Allow plugins to define importers as well
if ( !isset($wp_importers) || !isset($wp_importers[$importer]) || ! is_callable($wp_importers[$importer][2])) {
if (! file_exists(ABSPATH . "wp-admin/import/$importer.php"))
if (! file_exists(ABSPATH . "wp-admin/import/$importer.php")) {
wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
exit;
}
include(ABSPATH . "wp-admin/import/$importer.php");
}

4
wp-admin/includes/ms.php
View File

@ -507,12 +507,10 @@ function redirect_user_to_blog() {
if ( is_object( $blog ) ) {
wp_redirect( get_admin_url( $blog->blog_id, '?c=' . $c ) ); // redirect and count to 5, "just in case"
exit;
} else {
wp_redirect( user_admin_url( '?c=' . $c ) ); // redirect and count to 5, "just in case"
}
wp_die( __( 'You do not have sufficient permissions to access this page.' ) );
exit;
}
add_action( 'admin_page_access_denied', 'redirect_user_to_blog', 99 );

1
wp-admin/link-manager.php
View File

@ -29,6 +29,7 @@ if ( $doaction && isset( $_REQUEST['linkcheck'] ) ) {
}
wp_redirect( add_query_arg('deleted', count( $bulklinks ), admin_url( 'link-manager.php' ) ) );
exit;
}
} elseif ( ! empty( $_REQUEST['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes( $_SERVER['REQUEST_URI'] ) ) );

1
wp-admin/media-upload.php
View File

@ -55,6 +55,7 @@ if ( isset($_GET['inline']) ) {
$location .= '?message=3';
wp_redirect( admin_url($location) );
exit;
}
$title = __('Upload New Media');

1
wp-admin/moderation.php
View File

@ -9,4 +9,5 @@
*/
require_once('../wp-load.php');
wp_redirect( admin_url('edit-comments.php?comment_status=moderated') );
exit;
?>

4
wp-admin/ms-admin.php
View File

@ -9,4 +9,6 @@
require_once( './admin.php' );
wp_redirect( network_admin_url() );
wp_redirect( network_admin_url() );
exit;
?>

4
wp-admin/ms-edit.php
View File

@ -9,4 +9,6 @@
require_once( './admin.php' );
wp_redirect( network_admin_url() );
wp_redirect( network_admin_url() );
exit;
?>

5
wp-admin/ms-sites.php
View File

@ -9,4 +9,7 @@
require_once( './admin.php' );
wp_redirect( network_admin_url('sites.php') );
wp_redirect( network_admin_url('sites.php') );
exit;
?>

4
wp-admin/ms-themes.php
View File

@ -9,4 +9,6 @@
require_once( './admin.php' );
wp_redirect( network_admin_url('themes.php') );
wp_redirect( network_admin_url('themes.php') );
exit;
?>

5
wp-admin/ms-upgrade-network.php
View File

@ -9,4 +9,7 @@
require_once('admin.php');
wp_redirect( network_admin_url('upgrade.php') );
wp_redirect( network_admin_url('upgrade.php') );
exit;
?>

4
wp-admin/ms-users.php
View File

@ -9,4 +9,6 @@
require_once( './admin.php' );
wp_redirect( network_admin_url('users.php') );
wp_redirect( network_admin_url('users.php') );
exit;
?>

5
wp-admin/network/admin.php
View File

@ -15,7 +15,8 @@ require_once( dirname( dirname( __FILE__ ) ) . '/admin.php' );
if ( ! is_multisite() )
wp_die( __( 'Multisite support is not enabled.' ) );
if ( ! is_main_site() )
if ( ! is_main_site() ) {
wp_redirect( network_admin_url() );
exit;
}
?>

4
wp-admin/network/edit.php
View File

@ -13,8 +13,10 @@ require_once( './admin.php' );
if ( ! is_multisite() )
wp_die( __( 'Multisite support is not enabled.' ) );
if ( empty( $_GET['action'] ) )
if ( empty( $_GET['action'] ) ) {
wp_redirect( admin_url( 'index.php' ) );
exit;
}
function confirm_delete_users( $users ) {
$current_user = wp_get_current_user();

1
wp-admin/network/site-info.php
View File

@ -58,6 +58,7 @@ if ( isset($_REQUEST['action']) && 'update-site' == $_REQUEST['action'] ) {
restore_current_blog();
wp_redirect( add_query_arg( array( 'update' => 'updated', 'id' => $id ), 'site-info.php') );
exit;
}
if ( isset($_GET['update']) ) {

3
wp-admin/network/site-options.php
View File

@ -48,6 +48,7 @@ if ( isset($_REQUEST['action']) && 'update-site' == $_REQUEST['action'] && is_ar
do_action( 'wpmu_update_blog_options' );
restore_current_blog();
wp_redirect( add_query_arg( array( 'update' => 'updated', 'id' => $id ), 'site-options.php') );
exit;
}
if ( isset($_GET['update']) ) {
@ -131,4 +132,4 @@ if ( ! empty( $messages ) ) {
</div>
<?php
require('../admin-footer.php');
require('../admin-footer.php');

2
wp-admin/network/site-users.php
View File

@ -279,4 +279,4 @@ endif; ?>
</form>
</div>
<?php
require('../admin-footer.php');
require('../admin-footer.php');

1
wp-admin/plugin-editor.php
View File

@ -70,7 +70,6 @@ case 'update':
update_option('recently_activated', array($file => time()) + (array)get_option('recently_activated'));
wp_redirect(add_query_arg('_wpnonce', wp_create_nonce('edit-plugin-test_' . $file), "plugin-editor.php?file=$file&liveupdate=1&scrollto=$scrollto&networkwide=" . $network_wide));
exit;
}
wp_redirect( self_admin_url("plugin-editor.php?file=$file&a=te&scrollto=$scrollto") );
} else {

3
wp-admin/post.php
View File

@ -85,6 +85,7 @@ function redirect_post($post_id = '') {
}
wp_redirect( apply_filters( 'redirect_post_location', $location, $post_id ) );
exit;
}
if ( isset( $_POST['deletepost'] ) )
@ -265,7 +266,7 @@ case 'preview':
break;
default:
wp_redirect( admin_url('edit.php') );
wp_redirect( admin_url('edit.php') );
exit();
break;
} // end switch

2
wp-admin/update-core.php
View File

@ -366,6 +366,7 @@ function do_dismiss_core_update() {
return;
dismiss_core_update( $update );
wp_redirect( wp_nonce_url('update-core.php?action=upgrade-core', 'upgrade-core') );
exit;
}
function do_undismiss_core_update() {
@ -376,6 +377,7 @@ function do_undismiss_core_update() {
return;
undismiss_core_update( $version, $locale );
wp_redirect( wp_nonce_url('update-core.php?action=upgrade-core', 'upgrade-core') );
exit;
}
function no_update_actions($actions) {

5
wp-admin/user/admin.php
View File

@ -11,7 +11,8 @@ define('WP_USER_ADMIN', TRUE);
require_once( dirname(dirname(__FILE__)) . '/admin.php');
if ( ! is_main_site() )
if ( ! is_main_site() ) {
wp_redirect( user_admin_url() );
exit;
}
?>

4
wp-atom.php
View File

@ -8,5 +8,5 @@
require( './wp-load.php' );
wp_redirect( get_bloginfo( 'atom_url' ), 301 );
?>
exit;
?>

2
wp-comments-post.php
View File

@ -101,5 +101,5 @@ $location = empty($_POST['redirect_to']) ? get_comment_link($comment_id) : $_POS
$location = apply_filters('comment_post_redirect', $location, $comment);
wp_redirect($location);
exit;
?>

4
wp-commentsrss2.php
View File

@ -8,5 +8,5 @@
require( './wp-load.php' );
wp_redirect( get_bloginfo( 'comments_rss2_url' ), 301 );
?>
exit;
?>

4
wp-feed.php
View File

@ -8,5 +8,5 @@
require( './wp-load.php' );
wp_redirect( get_bloginfo( get_default_feed() . '_url' ), 301 );
?>
exit;
?>

3
wp-pass.php
View File

@ -16,4 +16,5 @@ if ( get_magic_quotes_gpc() )
setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
wp_safe_redirect(wp_get_referer());
?>
exit;
?>

4
wp-rdf.php
View File

@ -8,5 +8,5 @@
require( './wp-load.php' );
wp_redirect( get_bloginfo( 'rdf_url' ), 301 );
?>
exit;
?>

4
wp-register.php
View File

@ -11,5 +11,5 @@
require('./wp-load.php');
wp_redirect( site_url('wp-login.php?action=register') );
?>
exit;
?>

4
wp-rss.php
View File

@ -8,5 +8,5 @@
require( './wp-load.php' );
wp_redirect( get_bloginfo( 'rss_url' ), 301 );
?>
exit;
?>

4
wp-rss2.php
View File

@ -8,5 +8,5 @@
require( './wp-load.php' );
wp_redirect( get_bloginfo( 'rss2_url' ), 301 );
?>
exit;
?>