WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow Apostrophes in Post Passwords. $_POST and $_COOKIE are always slashed. Fixes #17145 

git-svn-id: http://svn.automattic.com/wordpress/trunk@18712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
dd32 2011-09-19 04:17:26 +00:00
parent 085ba95a60
commit bd5cf872c6
2 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/post-template.php
View File

@ -564,7 +564,7 @@ function post_password_required( $post = null ) {
if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) ) if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )
return true; return true;
if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) if ( stripslashes( $_COOKIE['wp-postpass_' . COOKIEHASH] ) != $post->post_password )
return true; return true;
return false; return false;

5
wp-pass.php
View File

@ -9,11 +9,8 @@
/** Make sure that the WordPress bootstrap has run before continuing. */ /** Make sure that the WordPress bootstrap has run before continuing. */
require( dirname(__FILE__) . '/wp-load.php'); require( dirname(__FILE__) . '/wp-load.php');
if ( get_magic_quotes_gpc() )
$_POST['post_password'] = stripslashes($_POST['post_password']);
// 10 days // 10 days
setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); setcookie('wp-postpass_' . COOKIEHASH, stripslashes( $_POST['post_password'] ), time() + 864000, COOKIEPATH);
wp_safe_redirect(wp_get_referer()); wp_safe_redirect(wp_get_referer());
exit; exit;