From 5e0b9ac9467512b8a4ef94911f446833f89910e3 Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Thu, 28 Feb 2013 21:04:26 +0000 Subject: [PATCH] Allow paths with two consecutive dots to be passed to home_url() and all related *_url() functions. props markjaquith. fixes #19032. git-svn-id: http://core.svn.wordpress.org/trunk@23537 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/link-template.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/wp-includes/link-template.php b/wp-includes/link-template.php index 90a2819a0a..99b24e1c9b 100644 --- a/wp-includes/link-template.php +++ b/wp-includes/link-template.php @@ -1919,7 +1919,7 @@ function get_home_url( $blog_id = null, $path = '', $scheme = null ) { $url = set_url_scheme( $url, $scheme ); - if ( ! empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false ) + if ( $path && is_string( $path ) ) $url .= '/' . ltrim( $path, '/' ); return apply_filters( 'home_url', $url, $path, $orig_scheme, $blog_id ); @@ -1971,7 +1971,7 @@ function get_site_url( $blog_id = null, $path = '', $scheme = null ) { $url = set_url_scheme( $url, $scheme ); - if ( ! empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false ) + if ( $path && is_string( $path ) ) $url .= '/' . ltrim( $path, '/' ); return apply_filters( 'site_url', $url, $path, $scheme, $blog_id ); @@ -2005,7 +2005,7 @@ function admin_url( $path = '', $scheme = 'admin' ) { function get_admin_url( $blog_id = null, $path = '', $scheme = 'admin' ) { $url = get_site_url($blog_id, 'wp-admin/', $scheme); - if ( !empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false ) + if ( $path && is_string( $path ) ) $url .= ltrim( $path, '/' ); return apply_filters( 'admin_url', $url, $path, $blog_id ); @@ -2023,7 +2023,7 @@ function get_admin_url( $blog_id = null, $path = '', $scheme = 'admin' ) { function includes_url($path = '') { $url = site_url() . '/' . WPINC . '/'; - if ( !empty($path) && is_string($path) && strpos($path, '..') === false ) + if ( $path && is_string( $path ) ) $url .= ltrim($path, '/'); return apply_filters('includes_url', $url, $path); @@ -2041,7 +2041,7 @@ function includes_url($path = '') { function content_url($path = '') { $url = set_url_scheme( WP_CONTENT_URL ); - if ( !empty($path) && is_string($path) && strpos($path, '..') === false ) + if ( $path && is_string( $path ) ) $url .= '/' . ltrim($path, '/'); return apply_filters('content_url', $url, $path); @@ -2080,7 +2080,7 @@ function plugins_url($path = '', $plugin = '') { $url .= '/' . ltrim($folder, '/'); } - if ( !empty($path) && is_string($path) && strpos($path, '..') === false ) + if ( $path && is_string( $path ) ) $url .= '/' . ltrim($path, '/'); return apply_filters('plugins_url', $url, $path, $plugin); @@ -2111,7 +2111,7 @@ function network_site_url( $path = '', $scheme = null ) { else $url = set_url_scheme( 'http://' . $current_site->domain . $current_site->path, $scheme ); - if ( ! empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false ) + if ( $path && is_string( $path ) ) $url .= ltrim( $path, '/' ); return apply_filters( 'network_site_url', $url, $path, $scheme ); @@ -2147,7 +2147,7 @@ function network_home_url( $path = '', $scheme = null ) { else $url = set_url_scheme( 'http://' . $current_site->domain . $current_site->path, $scheme ); - if ( ! empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false ) + if ( $path && is_string( $path ) ) $url .= ltrim( $path, '/' ); return apply_filters( 'network_home_url', $url, $path, $orig_scheme); @@ -2169,7 +2169,7 @@ function network_admin_url( $path = '', $scheme = 'admin' ) { $url = network_site_url('wp-admin/network/', $scheme); - if ( !empty($path) && is_string($path) && strpos($path, '..') === false ) + if ( $path && is_string( $path ) ) $url .= ltrim($path, '/'); return apply_filters('network_admin_url', $url, $path); @@ -2188,7 +2188,7 @@ function network_admin_url( $path = '', $scheme = 'admin' ) { function user_admin_url( $path = '', $scheme = 'admin' ) { $url = network_site_url('wp-admin/user/', $scheme); - if ( !empty($path) && is_string($path) && strpos($path, '..') === false ) + if ( $path && is_string( $path ) ) $url .= ltrim($path, '/'); return apply_filters('user_admin_url', $url, $path);