diff --git a/wp-admin/includes/plugin-install.php b/wp-admin/includes/plugin-install.php
index 6e7fd3f5f6..52cb5bb52c 100644
--- a/wp-admin/includes/plugin-install.php
+++ b/wp-admin/includes/plugin-install.php
@@ -37,9 +37,13 @@ function plugins_api($action, $args = null) {
if ( ! $res ) {
$request = wp_remote_post('http://api.wordpress.org/plugins/info/1.0/', array( 'body' => array('action' => $action, 'request' => serialize($args))) );
- $res = unserialize($request['body']);
- if ( ! $res )
- $res = new WP_Error('plugins_api_failed', __('An unknown error occured'), $request['body']);
+ if ( is_wp_error($request) ) {
+ $res = new WP_Error('plugins_api_failed', __('An Unexpected HTTP Error occured during the API request. Try again'), $request->get_error_message() );
+ } else {
+ $res = unserialize($request['body']);
+ if ( ! $res )
+ $res = new WP_Error('plugins_api_failed', __('An unknown error occured'), $request['body']);
+ }
}
return apply_filters('plugins_api_result', $res, $action, $args);
@@ -62,6 +66,9 @@ function install_popular_tags( $args = array() ) {
$tags = plugins_api('hot_tags', $args);
+ if ( is_wp_error($tags) )
+ return $tags;
+
$cache = (object) array('timeout' => time(), 'cached' => $tags);
update_option('wporg_popular_tags', $cache);
@@ -100,6 +107,9 @@ function install_search($page) {
$api = plugins_api('query_plugins', $args);
+ if ( is_wp_error($api) )
+ wp_die($api);
+
add_action('install_plugins_table_header', 'install_search_form');
display_plugins_table($api->plugins, $api->info['page'], $api->info['pages']);
@@ -173,6 +183,8 @@ add_action('install_plugins_featured', 'install_featured', 10, 1);
function install_featured($page = 1) {
$args = array('browse' => 'featured', 'page' => $page);
$api = plugins_api('query_plugins', $args);
+ if ( is_wp_error($api) )
+ wp_die($api);
display_plugins_table($api->plugins, $api->info['page'], $api->info['pages']);
}
@@ -201,6 +213,8 @@ add_action('install_plugins_new', 'install_new', 10, 1);
function install_new($page = 1) {
$args = array('browse' => 'new', 'page' => $page);
$api = plugins_api('query_plugins', $args);
+ if ( is_wp_error($api) )
+ wp_die($api);
display_plugins_table($api->plugins, $api->info['page'], $api->info['pages']);
}
add_action('install_plugins_updated', 'install_updated', 10, 1);
@@ -234,7 +248,9 @@ function display_plugins_table($plugins, $page = 1, $totalpages = 1){
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : '';
$term = isset($_REQUEST['s']) ? $_REQUEST['s'] : '';
- $plugins_allowedtags = array('a' => array('href' => array(),'title' => array(), 'target' => array()),'abbr' => array('title' => array()),'acronym' => array('title' => array()),'code' => array(),'em' => array(),'strong' => array());
+ $plugins_allowedtags = array('a' => array('href' => array(),'title' => array(), 'target' => array()),
+ 'abbr' => array('title' => array()),'acronym' => array('title' => array()),
+ 'code' => array(),'em' => array(),'strong' => array());
?>
@@ -316,7 +332,7 @@ function display_plugins_table($plugins, $page = 1, $totalpages = 1){
|
|
-
+
; ?>)
@@ -355,6 +371,19 @@ function install_plugin_information() {
$api = plugins_api('plugin_information', array('slug' => $_REQUEST['plugin']));
+ if ( is_wp_error($api) )
+ wp_die($api);
+
+ $plugins_allowedtags = array('a' => array('href' => array(), 'title' => array(), 'target' => array()),
+ 'abbr' => array('title' => array()), 'acronym' => array('title' => array()),
+ 'code' => array(), 'em' => array(), 'strong' => array(), 'div' => array(),
+ 'p' => array(), 'ul' => array(), 'ol' => array(), 'li' => array());
+ //Sanitize HTML
+ foreach ( (array)$api->sections as $section_name => $content )
+ $api->sections[$section_name] = wp_kses($content, $plugins_allowedtags);
+ foreach ( array('version', 'author', 'requires', 'tested', 'homepage', 'downloaded', 'slug') as $key )
+ $api->$key = wp_kses($api->$key, $plugins_allowedtags);
+
$section = isset($_REQUEST['section']) ? $_REQUEST['section'] : 'description'; //Default to the Description tab, Do not translate, API returns English.
if( empty($section) || ! isset($api->sections[ $section ]) )
$section = array_shift( $section_titles = array_keys((array)$api->sections) );
@@ -521,6 +550,9 @@ function install_plugin() {
check_admin_referer('install-plugin_' . $plugin);
$api = plugins_api('plugin_information', array('slug' => $plugin, 'fields' => array('sections' => false) ) ); //Save on a bit of bandwidth.
+
+ if ( is_wp_error($api) )
+ wp_die($api);
echo ' ';
echo ' ', sprintf( __('Installing Plugin: %s'), $api->name . ' ' . $api->version ), '';
@@ -834,6 +866,4 @@ function wp_install_plugin_local_package($package, $feedback = '') {
return $folder . '/' . $pluginfiles[0];
}
-
-
?>
diff --git a/wp-settings.php b/wp-settings.php
index e703202fb4..efc7f63b17 100644
--- a/wp-settings.php
+++ b/wp-settings.php
@@ -108,16 +108,19 @@ if ( !defined('WP_CONTENT_DIR') )
define( 'WP_CONTENT_DIR', ABSPATH . 'wp-content' ); // no trailing slash, full paths only - WP_CONTENT_URL is defined further down
if ( file_exists(ABSPATH . '.maintenance') && !defined('WP_INSTALLING') ) {
- if ( file_exists( WP_CONTENT_DIR . '/maintenance.php' ) ) {
- require_once( WP_CONTENT_DIR . '/maintenance.php' );
- die();
- }
+ include(ABSPATH . '.maintenance');
+ // If the $upgrading timestamp is older than 10 minutes, don't die.
+ if ( ( time() - $upgrading ) < 600 ) {
+ if ( file_exists( WP_CONTENT_DIR . '/maintenance.php' ) ) {
+ require_once( WP_CONTENT_DIR . '/maintenance.php' );
+ die();
+ }
- $protocol = $_SERVER["SERVER_PROTOCOL"];
- if ( 'HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol )
- $protocol = 'HTTP/1.0';
- header( "$protocol 503 Service Unavailable", true, 503 );
- header( 'Content-Type: text/html; charset=utf-8' );
+ $protocol = $_SERVER["SERVER_PROTOCOL"];
+ if ( 'HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol )
+ $protocol = 'HTTP/1.0';
+ header( "$protocol 503 Service Unavailable", true, 503 );
+ header( 'Content-Type: text/html; charset=utf-8' );
?>
@@ -131,7 +134,8 @@ if ( file_exists(ABSPATH . '.maintenance') && !defined('WP_INSTALLING') ) {
|