WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Require all plugin page requests (?page=) to be for registered plugins pages. Provides CYA for plugins that don't do enough cap checking. action requests not bound to a plugin page still go through. 

git-svn-id: http://svn.automattic.com/wordpress/branches/2.8@11596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2009-06-18 00:33:51 +00:00
parent 42e991f6ea
commit c3fd5515b9
1 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
wp-admin/includes/plugin.php
View File

@ -585,7 +585,7 @@ function uninstall_plugin($plugin) {
//
function add_menu_page( $page_title, $menu_title, $access_level, $file, $function = '', $icon_url = '' ) {
global $menu, $admin_page_hooks;
global $menu, $admin_page_hooks, $_registered_pages;
$file = plugin_basename( $file );
@ -602,11 +602,13 @@ function add_menu_page( $page_title, $menu_title, $access_level, $file, $functio
$menu[] = array ( $menu_title, $access_level, $file, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url );
$_registered_pages[$hookname] = true;
return $hookname;
}
function add_object_page( $page_title, $menu_title, $access_level, $file, $function = '', $icon_url = '') {
global $menu, $admin_page_hooks, $_wp_last_object_menu;
global $menu, $admin_page_hooks, $_wp_last_object_menu, $_registered_pages;
$file = plugin_basename( $file );
@ -623,11 +625,13 @@ function add_object_page( $page_title, $menu_title, $access_level, $file, $funct
$menu[$_wp_last_object_menu] = array ( $menu_title, $access_level, $file, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url );
$_registered_pages[$hookname] = true;
return $hookname;
}
function add_utility_page( $page_title, $menu_title, $access_level, $file, $function = '', $icon_url = '') {
global $menu, $admin_page_hooks, $_wp_last_utility_menu;
global $menu, $admin_page_hooks, $_wp_last_utility_menu, $_registered_pages;
$file = plugin_basename( $file );
@ -646,6 +650,8 @@ function add_utility_page( $page_title, $menu_title, $access_level, $file, $func
$menu[$_wp_last_utility_menu] = array ( $menu_title, $access_level, $file, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url );
$_registered_pages[$hookname] = true;
return $hookname;
}
@ -654,6 +660,7 @@ function add_submenu_page( $parent, $page_title, $menu_title, $access_level, $fi
global $menu;
global $_wp_real_parent_file;
global $_wp_submenu_nopriv;
global $_registered_pages;
$file = plugin_basename( $file );
@ -683,6 +690,8 @@ function add_submenu_page( $parent, $page_title, $menu_title, $access_level, $fi
if (!empty ( $function ) && !empty ( $hookname ))
add_action( $hookname, $function );
$_registered_pages[$hookname] = true;
return $hookname;
}
@ -919,14 +928,21 @@ function user_can_access_admin_page() {
global $_wp_menu_nopriv;
global $_wp_submenu_nopriv;
global $plugin_page;
global $_registered_pages;
$parent = get_admin_page_parent();
if ( !isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$parent][$pagenow] ) )
return false;
if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$parent][$plugin_page] ) )
return false;
if ( isset( $plugin_page ) ) {
if ( isset( $_wp_submenu_nopriv[$parent][$plugin_page] ) )
return false;
$hookname = get_plugin_page_hookname($plugin_page, $parent);
if ( !isset($_registered_pages[$hookname]) )
return false;
}
if ( empty( $parent) ) {
if ( isset( $_wp_menu_nopriv[$pagenow] ) )