mirror of
https://github.com/WordPress/WordPress.git
synced 2024-09-30 16:17:56 +02:00
base64 cached objects and store within multi-line comment block to avoid CRLF injections into the cache. Props Peter Westwood.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
660326591e
commit
6e826bcb8b
@ -76,7 +76,7 @@ switch($step) {
|
|||||||
|
|
||||||
case 1:
|
case 1:
|
||||||
$wp_current_db_version = __get_option('db_version');
|
$wp_current_db_version = __get_option('db_version');
|
||||||
if ( $wp_db_version < $wp_current_db_version ) {
|
if ( $wp_db_version != $wp_current_db_version ) {
|
||||||
wp_cache_flush();
|
wp_cache_flush();
|
||||||
make_db_current_silent();
|
make_db_current_silent();
|
||||||
upgrade_all();
|
upgrade_all();
|
||||||
|
@ -47,8 +47,8 @@ function wp_cache_set($key, $data, $flag = '', $expire = 0) {
|
|||||||
return $wp_object_cache->set($key, $data, $flag, $expire);
|
return $wp_object_cache->set($key, $data, $flag, $expire);
|
||||||
}
|
}
|
||||||
|
|
||||||
define('CACHE_SERIAL_HEADER', "<?php\n//");
|
define('CACHE_SERIAL_HEADER', "<?php\n/*");
|
||||||
define('CACHE_SERIAL_FOOTER', "\n?".">");
|
define('CACHE_SERIAL_FOOTER', "*/\n?".">");
|
||||||
|
|
||||||
class WP_Object_Cache {
|
class WP_Object_Cache {
|
||||||
var $cache_dir;
|
var $cache_dir;
|
||||||
@ -158,7 +158,7 @@ class WP_Object_Cache {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->cache[$group][$id] = unserialize(substr(@ file_get_contents($cache_file), strlen(CACHE_SERIAL_HEADER), -strlen(CACHE_SERIAL_FOOTER)));
|
$this->cache[$group][$id] = unserialize(base64_decode(substr(@ file_get_contents($cache_file), strlen(CACHE_SERIAL_HEADER), -strlen(CACHE_SERIAL_FOOTER))));
|
||||||
if (false === $this->cache[$group][$id])
|
if (false === $this->cache[$group][$id])
|
||||||
$this->cache[$group][$id] = '';
|
$this->cache[$group][$id] = '';
|
||||||
|
|
||||||
@ -342,7 +342,7 @@ class WP_Object_Cache {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$temp_file = tempnam($group_dir, 'tmp');
|
$temp_file = tempnam($group_dir, 'tmp');
|
||||||
$serial = CACHE_SERIAL_HEADER.serialize($this->cache[$group][$id]).CACHE_SERIAL_FOOTER;
|
$serial = CACHE_SERIAL_HEADER.base64_encode(serialize($this->cache[$group][$id])).CACHE_SERIAL_FOOTER;
|
||||||
$fd = @fopen($temp_file, 'w');
|
$fd = @fopen($temp_file, 'w');
|
||||||
if ( false === $fd ) {
|
if ( false === $fd ) {
|
||||||
$errors++;
|
$errors++;
|
||||||
|
@ -3,6 +3,6 @@
|
|||||||
// This just holds the version number, in a separate file so we can bump it without cluttering the SVN
|
// This just holds the version number, in a separate file so we can bump it without cluttering the SVN
|
||||||
|
|
||||||
$wp_version = '2.0.3-beta';
|
$wp_version = '2.0.3-beta';
|
||||||
$wp_db_version = 3437;
|
$wp_db_version = 3796;
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
Loading…
Reference in New Issue
Block a user