Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Change all core API to expect unslashed rather than slashed arguments. 

The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Ryan Boren 2013-02-14 22:51:06 +00:00
parent ae974b8495
commit cc5ed3a485
86 changed files with 531 additions and 651 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/admin.php
View File

@ -43,7 +43,7 @@ if ( get_option('db_upgraded') ) {
do_action('after_db_upgrade');
} elseif ( get_option('db_version') != $wp_db_version && empty($_POST) ) {
if ( !is_multisite() ) {
wp_redirect(admin_url('upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI']))));
wp_redirect( admin_url( 'upgrade.php?_wp_http_referer=' . urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) );
exit;
} elseif ( apply_filters( 'do_mu_upgrade', true ) ) {
/**
@ -84,7 +84,7 @@ wp_enqueue_script( 'common' );
$editing = false;
if ( isset($_GET['page']) ) {
$plugin_page = stripslashes($_GET['page']);
$plugin_page = wp_unslash( $_GET['page'] );
$plugin_page = plugin_basename($plugin_page);
}

4
wp-admin/custom-background.php
View File

@ -378,7 +378,7 @@ if ( current_theme_supports( 'custom-background', 'default-color' ) )
// Add the meta-data
wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
update_post_meta( $id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
wp_update_post_meta( $id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
set_theme_mod('background_image', esc_url_raw($url));
@ -415,7 +415,7 @@ if ( current_theme_supports( 'custom-background', 'default-color' ) )
if ( in_array( $_POST['size'], $sizes ) )
$size = esc_attr( $_POST['size'] );
update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
wp_update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', get_option('stylesheet' ) );
$url = wp_get_attachment_image_src( $attachment_id, $size );
$thumbnail = wp_get_attachment_image_src( $attachment_id, 'thumbnail' );
set_theme_mod( 'background_image', esc_url_raw( $url[0] ) );

2
wp-admin/custom-header.php
View File

@ -948,7 +948,7 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
'width' => $choice['width'],
);
update_post_meta( $choice['attachment_id'], '_wp_attachment_is_custom_header', get_stylesheet() );
wp_update_post_meta( $choice['attachment_id'], '_wp_attachment_is_custom_header', get_stylesheet() );
set_theme_mod( 'header_image', $choice['url'] );
set_theme_mod( 'header_image_data', $header_image_data );
return;

10
wp-admin/edit-comments.php
View File

@ -20,9 +20,9 @@ if ( $doaction ) {
check_admin_referer( 'bulk-comments' );
if ( 'delete_all' == $doaction && !empty( $_REQUEST['pagegen_timestamp'] ) ) {
$comment_status = $wpdb->escape( $_REQUEST['comment_status'] );
$delete_time = $wpdb->escape( $_REQUEST['pagegen_timestamp'] );
$comment_ids = $wpdb->get_col( "SELECT comment_ID FROM $wpdb->comments WHERE comment_approved = '$comment_status' AND '$delete_time' > comment_date_gmt" );
$comment_status = $_REQUEST['comment_status'];
$delete_time = $_REQUEST['pagegen_timestamp'];
$comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_approved = %s AND %s > comment_date_gmt", $comment_status, $delete_time ) );
$doaction = 'delete';
} elseif ( isset( $_REQUEST['delete_comments'] ) ) {
$comment_ids = $_REQUEST['delete_comments'];
@ -95,7 +95,7 @@ if ( $doaction ) {
wp_safe_redirect( $redirect_to );
exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes( $_SERVER['REQUEST_URI'] ) ) );
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}
@ -153,7 +153,7 @@ else
echo __('Comments');
if ( isset($_REQUEST['s']) && $_REQUEST['s'] )
printf( '<span class="subtitle">' . sprintf( __( 'Search results for &#8220;%s&#8221;' ), wp_html_excerpt( esc_html( stripslashes( $_REQUEST['s'] ) ), 50 ) ) . '</span>' ); ?>
printf( '<span class="subtitle">' . sprintf( __( 'Search results for &#8220;%s&#8221;' ), wp_html_excerpt( esc_html( wp_unslash( $_REQUEST['s'] ) ), 50 ) ) . '</span>' ); ?>
</h2>
<?php

2
wp-admin/edit-form-advanced.php
View File

@ -304,7 +304,7 @@ if ( isset( $post_new_file ) && current_user_can( $post_type_object->cap->create
<input type="hidden" id="post_author" name="post_author" value="<?php echo esc_attr( $post->post_author ); ?>" />
<input type="hidden" id="post_type" name="post_type" value="<?php echo esc_attr( $post_type ) ?>" />
<input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo esc_attr( $post->post_status) ?>" />
<input type="hidden" id="referredby" name="referredby" value="<?php echo esc_url(stripslashes(wp_get_referer())); ?>" />
<input type="hidden" id="referredby" name="referredby" value="<?php echo esc_url( wp_get_referer() ); ?>" />
<?php if ( ! empty( $active_post_lock ) ) { ?>
<input type="hidden" id="active_post_lock" value="<?php echo esc_attr( implode( ':', $active_post_lock ) ); ?>" />
<?php

2
wp-admin/edit-form-comment.php
View File

@ -132,7 +132,7 @@ do_meta_boxes(null, 'normal', $comment);
<input type="hidden" name="c" value="<?php echo esc_attr($comment->comment_ID) ?>" />
<input type="hidden" name="p" value="<?php echo esc_attr($comment->comment_post_ID) ?>" />
<input name="referredby" type="hidden" id="referredby" value="<?php echo esc_url(stripslashes(wp_get_referer())); ?>" />
<input name="referredby" type="hidden" id="referredby" value="<?php echo esc_url( wp_get_referer() ); ?>" />
<?php wp_original_referer_field(true, 'previous'); ?>
<input type="hidden" name="noredir" value="1" />

17
wp-admin/edit-tags.php
View File

@ -47,7 +47,9 @@ case 'add-tag':
if ( !current_user_can( $tax->cap->edit_terms ) )
wp_die( __( 'Cheatin&#8217; uh?' ) );
$ret = wp_insert_term( $_POST['tag-name'], $taxonomy, $_POST );
$post_data = wp_unslash( $_POST );
$ret = wp_insert_term( $post_data['tag-name'], $taxonomy, $post_data );
$location = 'edit-tags.php?taxonomy=' . $taxonomy;
if ( 'post' != $post_type )
$location .= '&post_type=' . $post_type;
@ -132,7 +134,10 @@ case 'edit':
break;
case 'editedtag':
$tag_ID = (int) $_POST['tag_ID'];
$post_data = wp_unslash( $_POST );
$tag_ID = (int) $post_data['tag_ID'];
check_admin_referer( 'update-tag_' . $tag_ID );
if ( !current_user_can( $tax->cap->edit_terms ) )
@ -142,7 +147,7 @@ case 'editedtag':
if ( ! $tag )
wp_die( __( 'You attempted to edit an item that doesn&#8217;t exist. Perhaps it was deleted?' ) );
$ret = wp_update_term( $tag_ID, $taxonomy, $_POST );
$ret = wp_update_term( $tag_ID, $taxonomy, $post_data );
$location = 'edit-tags.php?taxonomy=' . $taxonomy;
if ( 'post' != $post_type )
@ -164,7 +169,7 @@ break;
default:
if ( ! empty($_REQUEST['_wp_http_referer']) ) {
$location = remove_query_arg( array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']) );
$location = remove_query_arg( array('_wp_http_referer', '_wpnonce'), wp_unslash( $_SERVER['REQUEST_URI'] ) );
if ( ! empty( $_REQUEST['paged'] ) )
$location = add_query_arg( 'paged', (int) $_REQUEST['paged'] );
@ -264,8 +269,8 @@ $messages[6] = __('Items deleted.');
<div class="wrap nosubsub">
<?php screen_icon(); ?>
<h2><?php echo esc_html( $title );
if ( !empty($_REQUEST['s']) )
printf( '<span class="subtitle">' . __('Search results for &#8220;%s&#8221;') . '</span>', esc_html( stripslashes($_REQUEST['s']) ) ); ?>
if ( ! empty($_REQUEST['s']) )
printf( '<span class="subtitle">' . __('Search results for &#8220;%s&#8221;') . '</span>', esc_html( wp_unslash( $_REQUEST['s'] ) ) ); ?>
</h2>
<?php if ( isset($_REQUEST['message']) && ( $msg = (int) $_REQUEST['message'] ) ) : ?>

2
wp-admin/edit.php
View File

@ -138,7 +138,7 @@ if ( $doaction ) {
wp_redirect($sendback);
exit();
} elseif ( ! empty($_REQUEST['_wp_http_referer']) ) {
wp_redirect( remove_query_arg( array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']) ) );
wp_redirect( remove_query_arg( array('_wp_http_referer', '_wpnonce'), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}

81
wp-admin/includes/ajax-actions.php
View File

@ -59,7 +59,7 @@ function wp_ajax_ajax_tag_search() {
wp_die( 0 );
}
$s = stripslashes( $_GET['q'] );
$s = wp_unslash( $_GET['q'] );
$comma = _x( ',', 'tag delimiter' );
if ( ',' !== $comma )
@ -279,19 +279,21 @@ function _wp_ajax_delete_comment_response( $comment_id, $delta = -1 ) {
*/
function _wp_ajax_add_hierarchical_term() {
$action = $_POST['action'];
$post_data = wp_unslash( $_POST );
$action = $post_data['action'];
$taxonomy = get_taxonomy(substr($action, 4));
check_ajax_referer( $action, '_ajax_nonce-add-' . $taxonomy->name );
if ( !current_user_can( $taxonomy->cap->edit_terms ) )
wp_die( -1 );
$names = explode(',', $_POST['new'.$taxonomy->name]);
$parent = isset($_POST['new'.$taxonomy->name.'_parent']) ? (int) $_POST['new'.$taxonomy->name.'_parent'] : 0;
$names = explode(',', $post_data['new'.$taxonomy->name]);
$parent = isset($post_data['new'.$taxonomy->name.'_parent']) ? (int) $post_data['new'.$taxonomy->name.'_parent'] : 0;
if ( 0 > $parent )
$parent = 0;
if ( $taxonomy->name == 'category' )
$post_category = isset($_POST['post_category']) ? (array) $_POST['post_category'] : array();
$post_category = isset( $post_data['post_category'] ) ? (array) $post_data['post_category'] : array();
else
$post_category = ( isset($_POST['tax_input']) && isset($_POST['tax_input'][$taxonomy->name]) ) ? (array) $_POST['tax_input'][$taxonomy->name] : array();
$post_category = ( isset( $post_data['tax_input'] ) && isset( $post_data['tax_input'][$taxonomy->name] ) ) ? (array) $post_data['tax_input'][$taxonomy->name] : array();
$checked_categories = array_map( 'absint', (array) $post_category );
$popular_ids = wp_popular_terms_checklist($taxonomy->name, 0, 10, false);
@ -559,7 +561,7 @@ function wp_ajax_add_link_category( $action ) {
check_ajax_referer( $action );
if ( !current_user_can( 'manage_categories' ) )
wp_die( -1 );
$names = explode(',', $_POST['newcat']);
$names = explode( ',', wp_unslash( $_POST['newcat'] ) );
$x = new WP_Ajax_Response();
foreach ( $names as $cat_name ) {
$cat_name = trim($cat_name);
@ -572,7 +574,7 @@ function wp_ajax_add_link_category( $action ) {
continue;
else if ( is_array( $cat_id ) )
$cat_id = $cat_id['term_id'];
$cat_name = esc_html(stripslashes($cat_name));
$cat_name = esc_html( wp_unslash( $cat_name ) );
$x->add( array(
'what' => 'link-category',
'id' => $cat_id,
@ -586,9 +588,11 @@ function wp_ajax_add_link_category( $action ) {
function wp_ajax_add_tag() {
global $wp_list_table;
$post_data = wp_unslash( $_POST );
check_ajax_referer( 'add-tag', '_wpnonce_add-tag' );
$post_type = !empty($_POST['post_type']) ? $_POST['post_type'] : 'post';
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
$post_type = !empty($post_data['post_type']) ? $post_data['post_type'] : 'post';
$taxonomy = !empty($post_data['taxonomy']) ? $post_data['taxonomy'] : 'post_tag';
$tax = get_taxonomy($taxonomy);
if ( !current_user_can( $tax->cap->edit_terms ) )
@ -596,7 +600,7 @@ function wp_ajax_add_tag() {
$x = new WP_Ajax_Response();
$tag = wp_insert_term($_POST['tag-name'], $taxonomy, $_POST );
$tag = wp_insert_term( $post_data['tag-name'], $taxonomy, $post_data );
if ( !$tag || is_wp_error($tag) || (!$tag = get_term( $tag['term_id'], $taxonomy )) ) {
$message = __('An error has occurred. Please reload the page and try again.');
@ -610,7 +614,7 @@ function wp_ajax_add_tag() {
$x->send();
}
$wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => $_POST['screen'] ) );
$wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => $post_data['screen'] ) );
$level = 0;
if ( is_taxonomy_hierarchical($taxonomy) ) {
@ -728,10 +732,10 @@ function wp_ajax_replyto_comment( $action ) {
$user = wp_get_current_user();
if ( $user->exists() ) {
$user_ID = $user->ID;
$comment_author = $wpdb->escape($user->display_name);
$comment_author_email = $wpdb->escape($user->user_email);
$comment_author_url = $wpdb->escape($user->user_url);
$comment_content = trim($_POST['content']);
$comment_author = $user->display_name;
$comment_author_email = $user->user_email;
$comment_author_url = $user->user_url;
$comment_content = trim( wp_unslash( $_POST['content'] ) );
if ( current_user_can( 'unfiltered_html' ) ) {
if ( wp_create_nonce( 'unfiltered-html-comment' ) != $_POST['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
@ -957,8 +961,8 @@ function wp_ajax_add_meta() {
) );
} else { // Update?
$mid = (int) key( $_POST['meta'] );
$key = stripslashes( $_POST['meta'][$mid]['key'] );
$value = stripslashes( $_POST['meta'][$mid]['value'] );
$key = wp_unslash( $_POST['meta'][$mid]['key'] );
$value = wp_unslash( $_POST['meta'][$mid]['value'] );
if ( '' == trim($key) )
wp_die( __( 'Please provide a custom field name.' ) );
if ( '' == trim($value) )
@ -1227,7 +1231,7 @@ function wp_ajax_wp_link_ajax() {
$args = array();
if ( isset( $_POST['search'] ) )
$args['s'] = stripslashes( $_POST['search'] );
$args['s'] = wp_unslash( $_POST['search'] );
$args['pagenum'] = ! empty( $_POST['page'] ) ? absint( $_POST['page'] ) : 1;
require(ABSPATH . WPINC . '/class-wp-editor.php');
@ -1328,7 +1332,6 @@ function wp_ajax_inline_save() {
$data = &$_POST;
$post = get_post( $post_ID, ARRAY_A );
$post = add_magic_quotes($post); //since it is from db
$data['content'] = $post['post_content'];
$data['excerpt'] = $post['post_excerpt'];
@ -1376,8 +1379,10 @@ function wp_ajax_inline_save_tax() {
global $wp_list_table;
check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
$post_data = wp_unslash( $_POST );
$taxonomy = sanitize_key( $_POST['taxonomy'] );
$taxonomy = sanitize_key( $post_data['taxonomy'] );
$tax = get_taxonomy( $taxonomy );
if ( ! $tax )
wp_die( 0 );
@ -1387,13 +1392,13 @@ function wp_ajax_inline_save_tax() {
$wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => 'edit-' . $taxonomy ) );
if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
if ( ! isset($post_data['tax_ID']) || ! ( $id = (int) $post_data['tax_ID'] ) )
wp_die( -1 );
$tag = get_term( $id, $taxonomy );
$_POST['description'] = $tag->description;
$post_data['description'] = $tag->description;
$updated = wp_update_term($id, $taxonomy, $_POST);
$updated = wp_update_term($id, $taxonomy, $post_data );
if ( $updated && !is_wp_error($updated) ) {
$tag = get_term( $updated['term_id'], $taxonomy );
if ( !$tag || is_wp_error( $tag ) ) {
@ -1425,7 +1430,7 @@ function wp_ajax_find_posts() {
$post_types = get_post_types( array( 'public' => true ), 'objects' );
unset( $post_types['attachment'] );
$s = stripslashes( $_POST['ps'] );
$s = wp_unslash( $_POST['ps'] );
$searchand = $search = '';
$args = array(
'post_type' => array_keys( $post_types ),
@ -1596,7 +1601,7 @@ function wp_ajax_upload_attachment() {
$post_id = null;
}
$post_data = isset( $_REQUEST['post_data'] ) ? $_REQUEST['post_data'] : array();
$post_data = isset( $_REQUEST['post_data'] ) ? wp_unslash( $_REQUEST['post_data'] ) : array();
// If the context is custom header or background, make sure the uploaded file is an image.
if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) {
@ -1630,10 +1635,10 @@ function wp_ajax_upload_attachment() {
if ( isset( $post_data['context'] ) && isset( $post_data['theme'] ) ) {
if ( 'custom-background' === $post_data['context'] )
update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', $post_data['theme'] );
wp_update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', $post_data['theme'] );
if ( 'custom-header' === $post_data['context'] )
update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', $post_data['theme'] );
wp_update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', $post_data['theme'] );
}
if ( ! $attachment = wp_prepare_attachment_for_js( $attachment_id ) )
@ -1778,7 +1783,7 @@ function wp_ajax_wp_remove_post_lock() {
wp_die( 0 );
$new_lock = ( time() - apply_filters( 'wp_check_post_lock_window', AUTOSAVE_INTERVAL * 2 ) + 5 ) . ':' . $active_lock[1];
update_post_meta( $post_id, '_edit_lock', $new_lock, implode( ':', $active_lock ) );
wp_update_post_meta( $post_id, '_edit_lock', $new_lock, implode( ':', $active_lock ) );
wp_die( 1 );
}
@ -1873,7 +1878,7 @@ function wp_ajax_save_attachment() {
if ( ! current_user_can( 'edit_post', $id ) )
wp_send_json_error();
$changes = $_REQUEST['changes'];
$changes = wp_unslash( $_REQUEST['changes'] );
$post = get_post( $id, ARRAY_A );
if ( 'attachment' != $post['post_type'] )
@ -1890,10 +1895,10 @@ function wp_ajax_save_attachment() {
if ( isset( $changes['alt'] ) ) {
$alt = get_post_meta( $id, '_wp_attachment_image_alt', true );
$new_alt = stripslashes( $changes['alt'] );
$new_alt = $changes['alt'];
if ( $alt != $new_alt ) {
$new_alt = wp_strip_all_tags( $new_alt, true );
update_post_meta( $id, '_wp_attachment_image_alt', addslashes( $new_alt ) );
wp_update_post_meta( $id, '_wp_attachment_image_alt', $new_alt );
}
}
@ -1915,7 +1920,7 @@ function wp_ajax_save_attachment_compat() {
if ( empty( $_REQUEST['attachments'] ) || empty( $_REQUEST['attachments'][ $id ] ) )
wp_send_json_error();
$attachment_data = $_REQUEST['attachments'][ $id ];
$attachment_data = wp_unslash( $_REQUEST['attachments'][ $id ] );
check_ajax_referer( 'update-post_' . $id, 'nonce' );
@ -1959,7 +1964,7 @@ function wp_ajax_save_attachment_order() {
check_ajax_referer( 'update-post_' . $post_id, 'nonce' );
$attachments = $_REQUEST['attachments'];
$attachments = wp_unslash( $_REQUEST['attachments'] );
if ( ! current_user_can( 'edit_post', $post_id ) )
wp_send_json_error();
@ -1990,7 +1995,7 @@ function wp_ajax_save_attachment_order() {
function wp_ajax_send_attachment_to_editor() {
check_ajax_referer( 'media-send-to-editor', 'nonce' );
$attachment = stripslashes_deep( $_POST['attachment'] );
$attachment = wp_unslash( $_POST['attachment'] );
$id = intval( $attachment['id'] );
@ -2045,7 +2050,7 @@ function wp_ajax_send_attachment_to_editor() {
function wp_ajax_send_link_to_editor() {
check_ajax_referer( 'media-send-to-editor', 'nonce' );
if ( ! $src = stripslashes( $_POST['src'] ) )
if ( ! $src = wp_unslash( $_POST['src'] ) )
wp_send_json_error();
if ( ! strpos( $src, '://' ) )
@ -2054,7 +2059,7 @@ function wp_ajax_send_link_to_editor() {
if ( ! $src = esc_url_raw( $src ) )
wp_send_json_error();
if ( ! $title = trim( stripslashes( $_POST['title'] ) ) )
if ( ! $title = trim( wp_unslash( $_POST['title'] ) ) )
$title = wp_basename( $src );
$html = '';
@ -2083,7 +2088,7 @@ function wp_ajax_heartbeat() {
$screen_id = 'site';
if ( ! empty($_POST['data']) ) {
$data = (array) $_POST['data'];
$data = wp_unslash( (array) $_POST['data'] );
// todo: how much to sanitize and preset and what to leave to be accessed from $data or $_POST..?
$user = wp_get_current_user();
$data['user_id'] = $user->exists() ? $user->ID : 0;

9
wp-admin/includes/bookmark.php
View File

@ -39,9 +39,9 @@ function edit_link( $link_id = 0 ) {
if ( !empty( $link_id ) ) {
$_POST['link_id'] = $link_id;
return wp_update_link( $_POST );
return wp_update_link( wp_unslash( $_POST ) );
} else {
return wp_insert_link( $_POST );
return wp_insert_link( wp_unslash( $_POST ) );
}
}
@ -137,7 +137,7 @@ function wp_insert_link( $linkdata, $wp_error = false ) {
$linkdata = wp_parse_args( $linkdata, $defaults );
$linkdata = sanitize_bookmark( $linkdata, 'db' );
extract( stripslashes_deep( $linkdata ), EXTR_SKIP );
extract( $linkdata, EXTR_SKIP );
$update = false;
@ -250,9 +250,6 @@ function wp_update_link( $linkdata ) {
$link = get_bookmark( $link_id, ARRAY_A );
// Escape data pulled from DB.
$link = add_magic_quotes( $link );
// Passed link category list overwrites existing category list if not empty.
if ( isset( $linkdata['link_category'] ) && is_array( $linkdata['link_category'] )
&& 0 != count( $linkdata['link_category'] ) )

2
wp-admin/includes/class-wp-comments-list-table.php
View File

@ -170,7 +170,7 @@ class WP_Comments_List_Table extends WP_List_Table {
/*
// I toyed with this, but decided against it. Leaving it in here in case anyone thinks it is a good idea. ~ Mark
if ( !empty( $_REQUEST['s'] ) )
$link = add_query_arg( 's', esc_attr( stripslashes( $_REQUEST['s'] ) ), $link );
$link = add_query_arg( 's', esc_attr( wp_unslash( $_REQUEST['s'] ) ), $link );
*/
$status_links[$status] = "<a href='$link'$class>" . sprintf(
translate_nooped_plural( $label, $num_comments->$status ),

2
wp-admin/includes/class-wp-ms-sites-list-table.php
View File

@ -29,7 +29,7 @@ class WP_MS_Sites_List_Table extends WP_List_Table {
$pagenum = $this->get_pagenum();
$s = isset( $_REQUEST['s'] ) ? stripslashes( trim( $_REQUEST[ 's' ] ) ) : '';
$s = isset( $_REQUEST['s'] ) ? wp_unslash( trim( $_REQUEST[ 's' ] ) ) : '';
$wild = '';
if ( false !== strpos($s, '*') ) {
$wild = '%';

2
wp-admin/includes/class-wp-ms-themes-list-table.php
View File

@ -126,7 +126,7 @@ class WP_MS_Themes_List_Table extends WP_List_Table {
function _search_callback( $theme ) {
static $term;
if ( is_null( $term ) )
$term = stripslashes( $_REQUEST['s'] );
$term = wp_unslash( $_REQUEST['s'] );
foreach ( array( 'Name', 'Description', 'Author', 'Author', 'AuthorURI' ) as $field ) {
// Don't mark up; Do translate.

6
wp-admin/includes/class-wp-ms-users-list-table.php
View File

@ -173,10 +173,10 @@ class WP_MS_Users_List_Table extends WP_List_Table {
case 'username':
$avatar = get_avatar( $user->user_email, 32 );
$edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user->ID ) ) );
$edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user->ID ) ) );
echo "<td $attributes>"; ?>
<?php echo $avatar; ?><strong><a href="<?php echo $edit_link; ?>" class="edit"><?php echo stripslashes( $user->user_login ); ?></a><?php
<?php echo $avatar; ?><strong><a href="<?php echo $edit_link; ?>" class="edit"><?php echo $user->user_login; ?></a><?php
if ( in_array( $user->user_login, $super_admins ) )
echo ' - ' . __( 'Super Admin' );
?></strong>
@ -186,7 +186,7 @@ class WP_MS_Users_List_Table extends WP_List_Table {
$actions['edit'] = '<a href="' . $edit_link . '">' . __( 'Edit' ) . '</a>';
if ( current_user_can( 'delete_user', $user->ID ) && ! in_array( $user->user_login, $super_admins ) ) {
$actions['delete'] = '<a href="' . $delete = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'users.php', 'deleteuser' ) . '&amp;action=deleteuser&amp;id=' . $user->ID ) ) ) . '" class="delete">' . __( 'Delete' ) . '</a>';
$actions['delete'] = '<a href="' . $delete = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'users.php', 'deleteuser' ) . '&amp;action=deleteuser&amp;id=' . $user->ID ) ) ) . '" class="delete">' . __( 'Delete' ) . '</a>';
}
$actions = apply_filters( 'ms_user_row_actions', $actions, $user );

6
wp-admin/includes/class-wp-plugin-install-list-table.php
View File

@ -48,8 +48,8 @@ class WP_Plugin_Install_List_Table extends WP_List_Table {
switch ( $tab ) {
case 'search':
$type = isset( $_REQUEST['type'] ) ? stripslashes( $_REQUEST['type'] ) : 'term';
$term = isset( $_REQUEST['s'] ) ? stripslashes( $_REQUEST['s'] ) : '';
$type = isset( $_REQUEST['type'] ) ? wp_unslash( $_REQUEST['type'] ) : 'term';
$term = isset( $_REQUEST['s'] ) ? wp_unslash( $_REQUEST['s'] ) : '';
switch ( $type ) {
case 'tag':
@ -73,7 +73,7 @@ class WP_Plugin_Install_List_Table extends WP_List_Table {
break;
case 'favorites':
$user = isset( $_GET['user'] ) ? stripslashes( $_GET['user'] ) : get_user_option( 'wporg_favorites' );
$user = isset( $_GET['user'] ) ? wp_unslash( $_GET['user'] ) : get_user_option( 'wporg_favorites' );
update_user_meta( get_current_user_id(), 'wporg_favorites', $user );
if ( $user )
$args['user'] = $user;

4
wp-admin/includes/class-wp-plugins-list-table.php
View File

@ -22,7 +22,7 @@ class WP_Plugins_List_Table extends WP_List_Table {
$status = $_REQUEST['plugin_status'];
if ( isset($_REQUEST['s']) )
$_SERVER['REQUEST_URI'] = add_query_arg('s', stripslashes($_REQUEST['s']) );
$_SERVER['REQUEST_URI'] = add_query_arg('s', wp_unslash($_REQUEST['s']) );
$page = $this->get_pagenum();
}
@ -140,7 +140,7 @@ class WP_Plugins_List_Table extends WP_List_Table {
function _search_callback( $plugin ) {
static $term;
if ( is_null( $term ) )
$term = stripslashes( $_REQUEST['s'] );
$term = wp_unslash( $_REQUEST['s'] );
foreach ( $plugin as $value )
if ( stripos( $value, $term ) !== false )

6
wp-admin/includes/class-wp-terms-list-table.php
View File

@ -52,7 +52,7 @@ class WP_Terms_List_Table extends WP_List_Table {
$tags_per_page = apply_filters( 'edit_categories_per_page', $tags_per_page ); // Old filter
}
$search = !empty( $_REQUEST['s'] ) ? trim( stripslashes( $_REQUEST['s'] ) ) : '';
$search = !empty( $_REQUEST['s'] ) ? trim( wp_unslash( $_REQUEST['s'] ) ) : '';
$args = array(
'search' => $search,
@ -61,10 +61,10 @@ class WP_Terms_List_Table extends WP_List_Table {
);
if ( !empty( $_REQUEST['orderby'] ) )
$args['orderby'] = trim( stripslashes( $_REQUEST['orderby'] ) );
$args['orderby'] = trim( wp_unslash( $_REQUEST['orderby'] ) );
if ( !empty( $_REQUEST['order'] ) )
$args['order'] = trim( stripslashes( $_REQUEST['order'] ) );
$args['order'] = trim( wp_unslash( $_REQUEST['order'] ) );
$this->callback_args = $args;

4
wp-admin/includes/class-wp-theme-install-list-table.php
View File

@ -24,7 +24,7 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
$search_terms = array();
$search_string = '';
if ( ! empty( $_REQUEST['s'] ) ){
$search_string = strtolower( stripslashes( $_REQUEST['s'] ) );
$search_string = strtolower( wp_unslash( $_REQUEST['s'] ) );
$search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', $search_string ) ) ) );
}
@ -59,7 +59,7 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
switch ( $tab ) {
case 'search':
$type = isset( $_REQUEST['type'] ) ? stripslashes( $_REQUEST['type'] ) : 'term';
$type = isset( $_REQUEST['type'] ) ? wp_unslash( $_REQUEST['type'] ) : 'term';
switch ( $type ) {
case 'tag':
$args['tag'] = array_map( 'sanitize_key', $search_terms );

4
wp-admin/includes/class-wp-themes-list-table.php
View File

@ -28,7 +28,7 @@ class WP_Themes_List_Table extends WP_List_Table {
$themes = wp_get_themes( array( 'allowed' => true ) );
if ( ! empty( $_REQUEST['s'] ) )
$this->search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', strtolower( stripslashes( $_REQUEST['s'] ) ) ) ) ) );
$this->search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', strtolower( wp_unslash( $_REQUEST['s'] ) ) ) ) ) );
if ( ! empty( $_REQUEST['features'] ) )
$this->features = $_REQUEST['features'];
@ -235,7 +235,7 @@ class WP_Themes_List_Table extends WP_List_Table {
* @uses _pagination_args['total_pages']
*/
function _js_vars( $extra_args = array() ) {
$search_string = isset( $_REQUEST['s'] ) ? esc_attr( stripslashes( $_REQUEST['s'] ) ) : '';
$search_string = isset( $_REQUEST['s'] ) ? esc_attr( wp_unslash( $_REQUEST['s'] ) ) : '';
$args = array(
'search' => $search_string,

2
wp-admin/includes/class-wp-upgrader.php
View File

@ -1427,7 +1427,7 @@ class Plugin_Installer_Skin extends WP_Upgrader_Skin {
$install_actions = array();
$from = isset($_GET['from']) ? stripslashes($_GET['from']) : 'plugins';
$from = isset($_GET['from']) ? wp_unslash( $_GET['from'] ) : 'plugins';
if ( 'import' == $from )
$install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;from=import&amp;plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin &amp; Run Importer') . '</a>';

2
wp-admin/includes/class-wp-users-list-table.php
View File

@ -241,7 +241,7 @@ class WP_Users_List_Table extends WP_List_Table {
// Check if the user for this row is editable
if ( current_user_can( 'list_users' ) ) {
// Set up the user editing link
$edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user_object->ID ) ) );
$edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user_object->ID ) ) );
// Set up the hover actions for this user
$actions = array();

39
wp-admin/includes/comment.php
View File

@ -19,9 +19,6 @@
function comment_exists($comment_author, $comment_date) {
global $wpdb;
$comment_author = stripslashes($comment_author);
$comment_date = stripslashes($comment_date);
return $wpdb->get_var( $wpdb->prepare("SELECT comment_post_ID FROM $wpdb->comments
WHERE comment_author = %s AND comment_date = %s", $comment_author, $comment_date) );
}
@ -33,38 +30,40 @@ function comment_exists($comment_author, $comment_date) {
*/
function edit_comment() {
if ( ! current_user_can( 'edit_comment', (int) $_POST['comment_ID'] ) )
$post_data = wp_unslash( $_POST );
if ( ! current_user_can( 'edit_comment', (int) $post_data['comment_ID'] ) )
wp_die ( __( 'You are not allowed to edit comments on this post.' ) );
$_POST['comment_author'] = $_POST['newcomment_author'];
$_POST['comment_author_email'] = $_POST['newcomment_author_email'];
$_POST['comment_author_url'] = $_POST['newcomment_author_url'];
$_POST['comment_approved'] = $_POST['comment_status'];
$_POST['comment_content'] = $_POST['content'];
$_POST['comment_ID'] = (int) $_POST['comment_ID'];
$post_data['comment_author'] = $post_data['newcomment_author'];
$post_data['comment_author_email'] = $post_data['newcomment_author_email'];
$post_data['comment_author_url'] = $post_data['newcomment_author_url'];
$post_data['comment_approved'] = $post_data['comment_status'];
$post_data['comment_content'] = $post_data['content'];
$post_data['comment_ID'] = (int) $post_data['comment_ID'];
foreach ( array ('aa', 'mm', 'jj', 'hh', 'mn') as $timeunit ) {
if ( !empty( $_POST['hidden_' . $timeunit] ) && $_POST['hidden_' . $timeunit] != $_POST[$timeunit] ) {
if ( !empty( $post_data['hidden_' . $timeunit] ) && $post_data['hidden_' . $timeunit] != $post_data[$timeunit] ) {
$_POST['edit_date'] = '1';
break;
}
}
if ( !empty ( $_POST['edit_date'] ) ) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
if ( !empty ( $post_data['edit_date'] ) ) {
$aa = $post_data['aa'];
$mm = $post_data['mm'];
$jj = $post_data['jj'];
$hh = $post_data['hh'];
$mn = $post_data['mn'];
$ss = $post_data['ss'];
$jj = ($jj > 31 ) ? 31 : $jj;
$hh = ($hh > 23 ) ? $hh -24 : $hh;
$mn = ($mn > 59 ) ? $mn -60 : $mn;
$ss = ($ss > 59 ) ? $ss -60 : $ss;
$_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
$post_data['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
}
wp_update_comment( $_POST );
wp_update_comment( $post_data );
}
/**

2
wp-admin/includes/dashboard.php
View File

@ -1093,7 +1093,7 @@ function wp_dashboard_rss_control( $widget_id, $form_inputs = array() ) {
$widget_options[$widget_id]['number'] = $number;
if ( 'POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['widget-rss'][$number]) ) {
$_POST['widget-rss'][$number] = stripslashes_deep( $_POST['widget-rss'][$number] );
$_POST['widget-rss'][$number] = wp_unslash( $_POST['widget-rss'][$number] );
$widget_options[$widget_id] = wp_widget_rss_process( $_POST['widget-rss'][$number] );
// title is optional. If black, fill it if possible
if ( !$widget_options[$widget_id]['title'] && isset($_POST['widget-rss'][$number]['title']) ) {

7
wp-admin/includes/deprecated.php
View File

@ -472,14 +472,13 @@ class WP_User_Search {
function WP_User_Search ($search_term = '', $page = '', $role = '') {
_deprecated_function( __FUNCTION__, '3.1', 'WP_User_Query' );
$this->search_term = stripslashes( $search_term );
$this->search_term = $search_term;
$this->raw_page = ( '' == $page ) ? false : (int) $page;
$this->page = (int) ( '' == $page ) ? 1 : $page;
$this->role = $role;
$this->prepare_query();
$this->query();
$this->prepare_vars_for_template_usage();
$this->do_paging();
}
@ -550,9 +549,7 @@ class WP_User_Search {
* @since 2.1.0
* @access public
*/
function prepare_vars_for_template_usage() {
$this->search_term = stripslashes($this->search_term); // done with DB, from now on we want slashes gone
}
function prepare_vars_for_template_usage() {}
/**
* {@internal Missing Short Description}}

14
wp-admin/includes/file.php
View File

@ -901,13 +901,13 @@ function request_filesystem_credentials($form_post, $type = '', $error = false,
$credentials = get_option('ftp_credentials', array( 'hostname' => '', 'username' => ''));
// If defined, set it to that, Else, If POST'd, set it to that, If not, Set it to whatever it previously was(saved details in option)
$credentials['hostname'] = defined('FTP_HOST') ? FTP_HOST : (!empty($_POST['hostname']) ? stripslashes($_POST['hostname']) : $credentials['hostname']);
$credentials['username'] = defined('FTP_USER') ? FTP_USER : (!empty($_POST['username']) ? stripslashes($_POST['username']) : $credentials['username']);
$credentials['password'] = defined('FTP_PASS') ? FTP_PASS : (!empty($_POST['password']) ? stripslashes($_POST['password']) : '');
$credentials['hostname'] = defined('FTP_HOST') ? FTP_HOST : (!empty($_POST['hostname']) ? wp_unslash( $_POST['hostname'] ) : $credentials['hostname']);
$credentials['username'] = defined('FTP_USER') ? FTP_USER : (!empty($_POST['username']) ? wp_unslash( $_POST['username'] ) : $credentials['username']);
$credentials['password'] = defined('FTP_PASS') ? FTP_PASS : (!empty($_POST['password']) ? wp_unslash( $_POST['password'] ) : '');
// Check to see if we are setting the public/private keys for ssh
$credentials['public_key'] = defined('FTP_PUBKEY') ? FTP_PUBKEY : (!empty($_POST['public_key']) ? stripslashes($_POST['public_key']) : '');
$credentials['private_key'] = defined('FTP_PRIKEY') ? FTP_PRIKEY : (!empty($_POST['private_key']) ? stripslashes($_POST['private_key']) : '');
$credentials['public_key'] = defined('FTP_PUBKEY') ? FTP_PUBKEY : (!empty($_POST['public_key']) ? wp_unslash( $_POST['public_key'] ) : '');
$credentials['private_key'] = defined('FTP_PRIKEY') ? FTP_PRIKEY : (!empty($_POST['private_key']) ? wp_unslash( $_POST['private_key'] ) : '');
//sanitize the hostname, Some people might pass in odd-data:
$credentials['hostname'] = preg_replace('|\w+://|', '', $credentials['hostname']); //Strip any schemes off
@ -925,7 +925,7 @@ function request_filesystem_credentials($form_post, $type = '', $error = false,
else if ( (defined('FTP_SSL') && FTP_SSL) && 'ftpext' == $type ) //Only the FTP Extension understands SSL
$credentials['connection_type'] = 'ftps';
else if ( !empty($_POST['connection_type']) )
$credentials['connection_type'] = stripslashes($_POST['connection_type']);
$credentials['connection_type'] = wp_unslash( $_POST['connection_type'] );
else if ( !isset($credentials['connection_type']) ) //All else fails (And it's not defaulted to something else saved), Default to FTP
$credentials['connection_type'] = 'ftp';
@ -1050,7 +1050,7 @@ jQuery(function($){
<?php
foreach ( (array) $extra_fields as $field ) {
if ( isset( $_POST[ $field ] ) )
echo '<input type="hidden" name="' . esc_attr( $field ) . '" value="' . esc_attr( stripslashes( $_POST[ $field ] ) ) . '" />';
echo '<input type="hidden" name="' . esc_attr( $field ) . '" value="' . esc_attr( wp_unslash( $_POST[ $field ] ) ) . '" />';
}
submit_button( __( 'Proceed' ), 'button', 'upgrade' );
?>

8
wp-admin/includes/image-edit.php
View File

@ -454,7 +454,7 @@ function stream_preview_image( $post_id ) {
if ( is_wp_error( $img ) )
return false;
$changes = !empty($_REQUEST['history']) ? json_decode( stripslashes($_REQUEST['history']) ) : null;
$changes = !empty($_REQUEST['history']) ? json_decode( wp_unslash( $_REQUEST['history'] ) ) : null;
if ( $changes )
$img = image_edit_apply_changes( $img, $changes );
@ -533,7 +533,7 @@ function wp_restore_image($post_id) {
}
}
if ( !wp_update_attachment_metadata($post_id, $meta) || !update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes) ) {
if ( !wp_update_attachment_metadata($post_id, $meta) || !wp_update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes) ) {
$msg->error = __('Cannot save image metadata.');
return $msg;
}
@ -587,7 +587,7 @@ function wp_save_image( $post_id ) {
return $return;
}
} elseif ( !empty($_REQUEST['history']) ) {
$changes = json_decode( stripslashes($_REQUEST['history']) );
$changes = json_decode( wp_unslash( $_REQUEST['history'] ) );
if ( $changes )
$img = image_edit_apply_changes($img, $changes);
} else {
@ -699,7 +699,7 @@ function wp_save_image( $post_id ) {
if ( $success ) {
wp_update_attachment_metadata( $post_id, $meta );
update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes);
wp_update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes);
if ( $target == 'thumbnail' || $target == 'all' || $target == 'full' ) {
// Check if it's an image edit from attachment edit screen

17
wp-admin/includes/media.php
View File

@ -444,6 +444,8 @@ function media_upload_form_handler() {
}
if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
$attachment = wp_unslash( $attachment );
$post = $_post = get_post($attachment_id, ARRAY_A);
$post_type_object = get_post_type_object( $post[ 'post_type' ] );
@ -468,10 +470,9 @@ function media_upload_form_handler() {
if ( isset($attachment['image_alt']) ) {
$image_alt = get_post_meta($attachment_id, '_wp_attachment_image_alt', true);
if ( $image_alt != stripslashes($attachment['image_alt']) ) {
$image_alt = wp_strip_all_tags( stripslashes($attachment['image_alt']), true );
// update_meta expects slashed
update_post_meta( $attachment_id, '_wp_attachment_image_alt', addslashes($image_alt) );
if ( $image_alt != $attachment['image_alt'] ) {
$image_alt = wp_strip_all_tags( $attachment['image_alt'], true );
wp_update_post_meta( $attachment_id, '_wp_attachment_image_alt', $image_alt );
}
}
@ -501,7 +502,7 @@ function media_upload_form_handler() {
}
if ( isset($send_id) ) {
$attachment = stripslashes_deep( $_POST['attachments'][$send_id] );
$attachment = wp_unslash( $_POST['attachments'][$send_id] );
$html = isset( $attachment['post_title'] ) ? $attachment['post_title'] : '';
if ( !empty($attachment['url']) ) {
@ -546,7 +547,7 @@ function wp_media_upload_handler() {
$src = "http://$src";
if ( isset( $_POST['media_type'] ) && 'image' != $_POST['media_type'] ) {
$title = esc_html( stripslashes( $_POST['title'] ) );
$title = esc_html( wp_unslash( $_POST['title'] ) );
if ( empty( $title ) )
$title = esc_html( basename( $src ) );
@ -561,9 +562,9 @@ function wp_media_upload_handler() {
$html = apply_filters( $type . '_send_to_editor_url', $html, esc_url_raw( $src ), $title );
} else {
$align = '';
$alt = esc_attr( stripslashes( $_POST['alt'] ) );
$alt = esc_attr( wp_unslash( $_POST['alt'] ) );
if ( isset($_POST['align']) ) {
$align = esc_attr( stripslashes( $_POST['align'] ) );
$align = esc_attr( wp_unslash( $_POST['align'] ) );
$class = " class='align$align'";
}
if ( !empty($src) )

10
wp-admin/includes/misc.php
View File

@ -220,7 +220,7 @@ add_action( 'update_option_page_on_front', 'update_home_siteurl', 10, 2 );
* @return string
*/
function url_shorten( $url ) {
$short_url = str_replace( 'http://', '', stripslashes( $url ));
$short_url = str_replace( 'http://', '', $url );
$short_url = str_replace( 'www.', '', $short_url );
$short_url = untrailingslashit( $short_url );
if ( strlen( $short_url ) > 35 )
@ -248,9 +248,9 @@ function wp_reset_vars( $vars ) {
if ( empty( $_GET[$var] ) )
$$var = '';
else
$$var = $_GET[$var];
$$var = wp_unslash( $_GET[$var] );
} else {
$$var = $_POST[$var];
$$var = wp_unslash( $_POST[$var] );
}
}
}
@ -323,8 +323,8 @@ function set_screen_options() {
if ( !$user = wp_get_current_user() )
return;
$option = $_POST['wp_screen_options']['option'];
$value = $_POST['wp_screen_options']['value'];
$option = wp_unslash( $_POST['wp_screen_options']['option'] );
$value = wp_unslash( $_POST['wp_screen_options']['value'] );
if ( $option != sanitize_key( $option ) )
return;

12
wp-admin/includes/plugin-install.php
View File

@ -116,8 +116,8 @@ add_action('install_plugins_dashboard', 'install_dashboard');
* @since 2.7.0
*/
function install_search_form( $type_selector = true ) {
$type = isset($_REQUEST['type']) ? stripslashes( $_REQUEST['type'] ) : 'term';
$term = isset($_REQUEST['s']) ? stripslashes( $_REQUEST['s'] ) : '';
$type = isset($_REQUEST['type']) ? wp_unslash( $_REQUEST['type'] ) : 'term';
$term = isset($_REQUEST['s']) ? wp_unslash( $_REQUEST['s'] ) : '';
?><form id="search-plugins" method="get" action="">
<input type="hidden" name="tab" value="search" />
@ -160,7 +160,7 @@ add_action('install_plugins_upload', 'install_plugins_upload', 10, 1);
*
*/
function install_plugins_favorites_form() {
$user = ! empty( $_GET['user'] ) ? stripslashes( $_GET['user'] ) : get_user_option( 'wporg_favorites' );
$user = ! empty( $_GET['user'] ) ? wp_unslash( $_GET['user'] ) : get_user_option( 'wporg_favorites' );
?>
<p class="install-help"><?php _e( 'If you have marked plugins as favorites on WordPress.org, you can browse them here.' ); ?></p>
<form method="get" action="">
@ -251,7 +251,7 @@ function install_plugin_install_status($api, $loop = false) {
}
}
if ( isset($_GET['from']) )
$url .= '&amp;from=' . urlencode(stripslashes($_GET['from']));
$url .= '&amp;from=' . urlencode( wp_unslash( $_GET['from'] ) );
return compact('status', 'url', 'version');
}
@ -264,7 +264,7 @@ function install_plugin_install_status($api, $loop = false) {
function install_plugin_information() {
global $tab;
$api = plugins_api('plugin_information', array('slug' => stripslashes( $_REQUEST['plugin'] ) ));
$api = plugins_api('plugin_information', array('slug' => wp_unslash( $_REQUEST['plugin'] ) ));
if ( is_wp_error($api) )
wp_die($api);
@ -295,7 +295,7 @@ function install_plugin_information() {
$api->$key = wp_kses( $api->$key, $plugins_allowedtags );
}
$section = isset($_REQUEST['section']) ? stripslashes( $_REQUEST['section'] ) : 'description'; //Default to the Description tab, Do not translate, API returns English.
$section = isset($_REQUEST['section']) ? wp_unslash( $_REQUEST['section'] ) : 'description'; //Default to the Description tab, Do not translate, API returns English.
if ( empty($section) || ! isset($api->sections[ $section ]) )
$section = array_shift( $section_titles = array_keys((array)$api->sections) );

54
wp-admin/includes/post.php
View File

@ -149,8 +149,8 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
*/
function edit_post( $post_data = null ) {
if ( empty($post_data) )
$post_data = &$_POST;
if ( empty( $post_data ) )
$post_data = wp_unslash( $_POST );
// Clear out any data in internal vars.
unset( $post_data['filter'] );
@ -228,10 +228,9 @@ function edit_post( $post_data = null ) {
if ( 'attachment' == $post_data['post_type'] ) {
if ( isset( $post_data[ '_wp_attachment_image_alt' ] ) ) {
$image_alt = get_post_meta( $post_ID, '_wp_attachment_image_alt', true );
if ( $image_alt != stripslashes( $post_data['_wp_attachment_image_alt'] ) ) {
$image_alt = wp_strip_all_tags( stripslashes( $post_data['_wp_attachment_image_alt'] ), true );
// update_meta expects slashed
update_post_meta( $post_ID, '_wp_attachment_image_alt', addslashes( $image_alt ) );
if ( $image_alt != $post_data['_wp_attachment_image_alt'] ) {
$image_alt = wp_strip_all_tags( $post_data['_wp_attachment_image_alt'], true );
wp_update_post_meta( $post_ID, '_wp_attachment_image_alt', $image_alt );
}
}
@ -241,7 +240,7 @@ function edit_post( $post_data = null ) {
add_meta( $post_ID );
update_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
wp_update_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
wp_update_post( $post_data );
@ -422,15 +421,15 @@ function get_default_post_to_edit( $post_type = 'post', $create_in_db = false )
$post_title = '';
if ( !empty( $_REQUEST['post_title'] ) )
$post_title = esc_html( stripslashes( $_REQUEST['post_title'] ));
$post_title = esc_html( wp_unslash( $_REQUEST['post_title'] ));
$post_content = '';
if ( !empty( $_REQUEST['content'] ) )
$post_content = esc_html( stripslashes( $_REQUEST['content'] ));
$post_content = esc_html( wp_unslash( $_REQUEST['content'] ));
$post_excerpt = '';
if ( !empty( $_REQUEST['excerpt'] ) )
$post_excerpt = esc_html( stripslashes( $_REQUEST['excerpt'] ));
$post_excerpt = esc_html( wp_unslash( $_REQUEST['excerpt'] ));
if ( $create_in_db ) {
$post_id = wp_insert_post( array( 'post_title' => __( 'Auto Draft' ), 'post_type' => $post_type, 'post_status' => 'auto-draft' ) );
@ -479,9 +478,9 @@ function get_default_post_to_edit( $post_type = 'post', $create_in_db = false )
function post_exists($title, $content = '', $date = '') {
global $wpdb;
$post_title = stripslashes( sanitize_post_field( 'post_title', $title, 0, 'db' ) );
$post_content = stripslashes( sanitize_post_field( 'post_content', $content, 0, 'db' ) );
$post_date = stripslashes( sanitize_post_field( 'post_date', $date, 0, 'db' ) );
$post_title = sanitize_post_field( 'post_title', $title, 0, 'db' );
$post_content = sanitize_post_field( 'post_content', $content, 0, 'db' );
$post_date = sanitize_post_field( 'post_date', $date, 0, 'db' );
$query = "SELECT ID FROM $wpdb->posts WHERE 1=1";
$args = array();
@ -559,7 +558,7 @@ function wp_write_post() {
}
// Create the post.
$post_ID = wp_insert_post( $_POST );
$post_ID = wp_insert_post( wp_unslash( $_POST ) );
if ( is_wp_error( $post_ID ) )
return $post_ID;
@ -568,7 +567,7 @@ function wp_write_post() {
add_meta( $post_ID );
add_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
wp_add_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
// Now that we have an ID we can fix any attachment anchor hrefs
_fix_attachment_links( $post_ID );
@ -612,9 +611,9 @@ function add_meta( $post_ID ) {
global $wpdb;
$post_ID = (int) $post_ID;
$metakeyselect = isset($_POST['metakeyselect']) ? stripslashes( trim( $_POST['metakeyselect'] ) ) : '';
$metakeyinput = isset($_POST['metakeyinput']) ? stripslashes( trim( $_POST['metakeyinput'] ) ) : '';
$metavalue = isset($_POST['metavalue']) ? $_POST['metavalue'] : '';
$metakeyselect = isset($_POST['metakeyselect']) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : '';
$metakeyinput = isset($_POST['metakeyinput']) ? wp_unslash( trim( $_POST['metakeyinput'] ) ) : '';
$metavalue = isset($_POST['metavalue']) ? wp_unslash( trim( $_POST['metavalue'] ) ) : '';
if ( is_string( $metavalue ) )
$metavalue = trim( $metavalue );
@ -631,9 +630,7 @@ function add_meta( $post_ID ) {
if ( is_protected_meta( $metakey, 'post' ) || ! current_user_can( 'add_post_meta', $post_ID, $metakey ) )
return false;
$metakey = esc_sql( $metakey );
return add_post_meta( $post_ID, $metakey, $metavalue );
return wp_add_post_meta( $post_ID, $metakey, $metavalue );
}
return false;
@ -706,14 +703,11 @@ function has_meta( $postid ) {
* @since 1.2.0
*
* @param unknown_type $meta_id
* @param unknown_type $meta_key Expect Slashed
* @param unknown_type $meta_value Expect Slashed
* @param unknown_type $meta_key
* @param unknown_type $meta_value
* @return unknown
*/
function update_meta( $meta_id, $meta_key, $meta_value ) {
$meta_key = stripslashes( $meta_key );
$meta_value = stripslashes_deep( $meta_value );
return update_metadata_by_mid( 'post', $meta_id, $meta_value, $meta_key );
}
@ -767,8 +761,6 @@ function _fix_attachment_links( $post_ID ) {
if ( $replace ) {
$post['post_content'] = $content;
// Escape data pulled from DB.
$post = add_magic_quotes($post);
return wp_update_post($post);
}
@ -1179,7 +1171,7 @@ function wp_set_post_lock( $post_id ) {
$now = time();
$lock = "$now:$user_id";
update_post_meta( $post->ID, '_edit_lock', $lock );
wp_update_post_meta( $post->ID, '_edit_lock', $lock );
return array( $now, $user_id );
}
@ -1230,14 +1222,14 @@ function wp_create_post_autosave( $post_id ) {
// Only store one autosave. If there is already an autosave, overwrite it.
if ( $old_autosave = wp_get_post_autosave( $post_id ) ) {
$new_autosave = _wp_post_revision_fields( $_POST, true );
$new_autosave = _wp_post_revision_fields( wp_unslash( $_POST ), true );
$new_autosave['ID'] = $old_autosave->ID;
$new_autosave['post_author'] = get_current_user_id();
return wp_update_post( $new_autosave );
}
// _wp_put_post_revision() expects unescaped.
$_POST = stripslashes_deep($_POST);
$_POST = wp_unslash( $_POST );
// Otherwise create the new autosave as a special post revision
return _wp_put_post_revision( $_POST, true );

8
wp-admin/includes/schema.php
View File

@ -505,13 +505,11 @@ function populate_options() {
else
$autoload = 'yes';
$option = $wpdb->escape($option);
if ( is_array($value) )
$value = serialize($value);
$value = $wpdb->escape($value);
if ( !empty($insert) )
$insert .= ', ';
$insert .= "('$option', '$value', '$autoload')";
$insert .= $wpdb->prepare( "(%s, %s, %s)", $option, $value, $autoload );
}
if ( !empty($insert) )
@ -921,13 +919,11 @@ We hope you enjoy your new site. Thanks!
$insert = '';
foreach ( $sitemeta as $meta_key => $meta_value ) {
$meta_key = $wpdb->escape( $meta_key );
if ( is_array( $meta_value ) )
$meta_value = serialize( $meta_value );
$meta_value = $wpdb->escape( $meta_value );
if ( !empty( $insert ) )
$insert .= ', ';
$insert .= "( $network_id, '$meta_key', '$meta_value')";
$insert .= $wpdb->prepare( "( %d, %s, %s)", $network_id, $meta_key, $meta_value );
}
$wpdb->query( "INSERT INTO $wpdb->sitemeta ( site_id, meta_key, meta_value ) VALUES " . $insert );

3
wp-admin/includes/taxonomy.php
View File

@ -157,9 +157,6 @@ function wp_update_category($catarr) {
// First, get all of the original fields
$category = get_category($cat_ID, ARRAY_A);
// Escape data pulled from DB.
$category = add_magic_quotes($category);
// Merge old and new fields with new fields overwriting old ones.
$catarr = array_merge($category, $catarr);

2
wp-admin/includes/template.php
View File

@ -1331,7 +1331,7 @@ function _draft_or_post_title( $post = 0 ) {
*
*/
function _admin_search_query() {
echo isset($_REQUEST['s']) ? esc_attr( stripslashes( $_REQUEST['s'] ) ) : '';
echo isset($_REQUEST['s']) ? esc_attr( wp_unslash( $_REQUEST['s'] ) ) : '';
}
/**

6
wp-admin/includes/theme-install.php
View File

@ -50,8 +50,8 @@ function install_themes_feature_list() {
* @since 2.8.0
*/
function install_theme_search_form( $type_selector = true ) {
$type = isset( $_REQUEST['type'] ) ? stripslashes( $_REQUEST['type'] ) : 'term';
$term = isset( $_REQUEST['s'] ) ? stripslashes( $_REQUEST['s'] ) : '';
$type = isset( $_REQUEST['type'] ) ? wp_unslash( $_REQUEST['type'] ) : 'term';
$term = isset( $_REQUEST['s'] ) ? wp_unslash( $_REQUEST['s'] ) : '';
if ( ! $type_selector )
echo '<p class="install-help">' . __( 'Search for themes by keyword.' ) . '</p>';
?>
@ -179,7 +179,7 @@ add_action('install_themes_updated', 'display_themes');
function install_theme_information() {
global $tab, $themes_allowedtags, $wp_list_table;
$theme = themes_api( 'theme_information', array( 'slug' => stripslashes( $_REQUEST['theme'] ) ) );
$theme = themes_api( 'theme_information', array( 'slug' => wp_unslash( $_REQUEST['theme'] ) ) );
if ( is_wp_error( $theme ) )
wp_die( $theme );

20
wp-admin/includes/upgrade.php
View File

@ -132,7 +132,7 @@ function wp_install_defaults($user_id) {
$first_post = get_site_option( 'first_post' );
if ( empty($first_post) )
$first_post = stripslashes( __( 'Welcome to <a href="SITE_URL">SITE_NAME</a>. This is your first post. Edit or delete it, then start blogging!' ) );
$first_post = __( 'Welcome to <a href="SITE_URL">SITE_NAME</a>. This is your first post. Edit or delete it, then start blogging!' );
$first_post = str_replace( "SITE_URL", esc_url( network_home_url() ), $first_post );
$first_post = str_replace( "SITE_NAME", $current_site->site_name, $first_post );
@ -636,23 +636,23 @@ function upgrade_160() {
$users = $wpdb->get_results("SELECT * FROM $wpdb->users");
foreach ( $users as $user ) :
if ( !empty( $user->user_firstname ) )
update_user_meta( $user->ID, 'first_name', $wpdb->escape($user->user_firstname) );
update_user_meta( $user->ID, 'first_name', $user->user_firstname );
if ( !empty( $user->user_lastname ) )
update_user_meta( $user->ID, 'last_name', $wpdb->escape($user->user_lastname) );
update_user_meta( $user->ID, 'last_name', $user->user_lastname );
if ( !empty( $user->user_nickname ) )
update_user_meta( $user->ID, 'nickname', $wpdb->escape($user->user_nickname) );
update_user_meta( $user->ID, 'nickname', $user->user_nickname );
if ( !empty( $user->user_level ) )
update_user_meta( $user->ID, $wpdb->prefix . 'user_level', $user->user_level );
if ( !empty( $user->user_icq ) )
update_user_meta( $user->ID, 'icq', $wpdb->escape($user->user_icq) );
update_user_meta( $user->ID, 'icq', $user->user_icq );
if ( !empty( $user->user_aim ) )
update_user_meta( $user->ID, 'aim', $wpdb->escape($user->user_aim) );
update_user_meta( $user->ID, 'aim', $user->user_aim );
if ( !empty( $user->user_msn ) )
update_user_meta( $user->ID, 'msn', $wpdb->escape($user->user_msn) );
update_user_meta( $user->ID, 'msn', $user->user_msn );
if ( !empty( $user->user_yim ) )
update_user_meta( $user->ID, 'yim', $wpdb->escape($user->user_icq) );
update_user_meta( $user->ID, 'yim', $user->user_icq );
if ( !empty( $user->user_description ) )
update_user_meta( $user->ID, 'description', $wpdb->escape($user->user_description) );
update_user_meta( $user->ID, 'description', $user->user_description );
if ( isset( $user->user_idmode ) ):
$idmode = $user->user_idmode;
@ -854,7 +854,7 @@ function upgrade_230() {
foreach ( $link_cats as $category) {
$cat_id = (int) $category->cat_id;
$term_id = 0;
$name = $wpdb->escape($category->cat_name);
$name = $category->cat_name;
$slug = sanitize_title($name);
$term_group = 0;

71
wp-admin/includes/user.php
View File

@ -34,22 +34,25 @@ function edit_user( $user_id = 0 ) {
$update = true;
$user->ID = (int) $user_id;
$userdata = get_userdata( $user_id );
$user->user_login = $wpdb->escape( $userdata->user_login );
$user->user_login = $userdata->user_login;
} else {
$update = false;
}
if ( !$update && isset( $_POST['user_login'] ) )
$user->user_login = sanitize_user($_POST['user_login'], true);
// get clean data before we get started.
$post_data = wp_unslash( $_POST );
if ( !$update && isset( $post_data['user_login'] ) )
$user->user_login = sanitize_user($post_data['user_login'], true);
$pass1 = $pass2 = '';
if ( isset( $_POST['pass1'] ))
$pass1 = $_POST['pass1'];
if ( isset( $_POST['pass2'] ))
$pass2 = $_POST['pass2'];
if ( isset( $post_data['pass1'] ))
$pass1 = $post_data['pass1'];
if ( isset( $post_data['pass2'] ))
$pass2 = $post_data['pass2'];
if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
$new_role = sanitize_text_field( $_POST['role'] );
if ( isset( $post_data['role'] ) && current_user_can( 'edit_users' ) ) {
$new_role = sanitize_text_field( $post_data['role'] );
$potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
// Multisite super admins can freely edit their blog roles -- they possess all caps.
@ -62,44 +65,44 @@ function edit_user( $user_id = 0 ) {
wp_die(__('You can&#8217;t give users that role.'));
}
if ( isset( $_POST['email'] ))
$user->user_email = sanitize_text_field( $_POST['email'] );
if ( isset( $_POST['url'] ) ) {
if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
if ( isset( $post_data['email'] ))
$user->user_email = sanitize_text_field( $post_data['email'] );
if ( isset( $post_data['url'] ) ) {
if ( empty ( $post_data['url'] ) || $post_data['url'] == 'http://' ) {
$user->user_url = '';
} else {
$user->user_url = esc_url_raw( $_POST['url'] );
$user->user_url = esc_url_raw( $post_data['url'] );
$protocols = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
$user->user_url = preg_match('/^(' . $protocols . '):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
}
}
if ( isset( $_POST['first_name'] ) )
$user->first_name = sanitize_text_field( $_POST['first_name'] );
if ( isset( $_POST['last_name'] ) )
$user->last_name = sanitize_text_field( $_POST['last_name'] );
if ( isset( $_POST['nickname'] ) )
$user->nickname = sanitize_text_field( $_POST['nickname'] );
if ( isset( $_POST['display_name'] ) )
$user->display_name = sanitize_text_field( $_POST['display_name'] );
if ( isset( $post_data['first_name'] ) )
$user->first_name = sanitize_text_field( $post_data['first_name'] );
if ( isset( $post_data['last_name'] ) )
$user->last_name = sanitize_text_field( $post_data['last_name'] );
if ( isset( $post_data['nickname'] ) )
$user->nickname = sanitize_text_field( $post_data['nickname'] );
if ( isset( $post_data['display_name'] ) )
$user->display_name = sanitize_text_field( $post_data['display_name'] );
if ( isset( $_POST['description'] ) )
$user->description = trim( $_POST['description'] );
if ( isset( $post_data['description'] ) )
$user->description = trim( $post_data['description'] );
foreach ( _wp_get_user_contactmethods( $user ) as $method => $name ) {
if ( isset( $_POST[$method] ))
$user->$method = sanitize_text_field( $_POST[$method] );
if ( isset( $post_data[$method] ))
$user->$method = sanitize_text_field( $post_data[$method] );
}
if ( $update ) {
$user->rich_editing = isset( $_POST['rich_editing'] ) && 'false' == $_POST['rich_editing'] ? 'false' : 'true';
$user->admin_color = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh';
$user->show_admin_bar_front = isset( $_POST['admin_bar_front'] ) ? 'true' : 'false';
$user->rich_editing = isset( $post_data['rich_editing'] ) && 'false' == $post_data['rich_editing'] ? 'false' : 'true';
$user->admin_color = isset( $post_data['admin_color'] ) ? sanitize_text_field( $post_data['admin_color'] ) : 'fresh';
$user->show_admin_bar_front = isset( $post_data['admin_bar_front'] ) ? 'true' : 'false';
}
$user->comment_shortcuts = isset( $_POST['comment_shortcuts'] ) && 'true' == $_POST['comment_shortcuts'] ? 'true' : '';
$user->comment_shortcuts = isset( $post_data['comment_shortcuts'] ) && 'true' == $post_data['comment_shortcuts'] ? 'true' : '';
$user->use_ssl = 0;
if ( !empty($_POST['use_ssl']) )
if ( !empty($post_data['use_ssl']) )
$user->use_ssl = 1;
$errors = new WP_Error();
@ -124,7 +127,7 @@ function edit_user( $user_id = 0 ) {
}
/* Check for "\" in password */
if ( false !== strpos( stripslashes($pass1), "\\" ) )
if ( false !== strpos( $pass1, "\\" ) )
$errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) );
/* checking the password has been typed twice the same */
@ -134,7 +137,7 @@ function edit_user( $user_id = 0 ) {
if ( !empty( $pass1 ) )
$user->user_pass = $pass1;
if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
if ( !$update && isset( $post_data['user_login'] ) && !validate_username( $post_data['user_login'] ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
if ( !$update && username_exists( $user->user_login ) )
@ -159,7 +162,7 @@ function edit_user( $user_id = 0 ) {
$user_id = wp_update_user( $user );
} else {
$user_id = wp_insert_user( $user );
wp_new_user_notification( $user_id, isset($_POST['send_password']) ? $pass1 : '' );
wp_new_user_notification( $user_id, isset($post_data['send_password']) ? $pass1 : '' );
}
return $user_id;
}

18
wp-admin/install.php
View File

@ -84,10 +84,10 @@ function display_setup_form( $error = null ) {
if ( ! empty( $_POST ) )
$blog_public = isset( $_POST['blog_public'] );
$weblog_title = isset( $_POST['weblog_title'] ) ? trim( stripslashes( $_POST['weblog_title'] ) ) : '';
$user_name = isset($_POST['user_name']) ? trim( stripslashes( $_POST['user_name'] ) ) : 'admin';
$admin_password = isset($_POST['admin_password']) ? trim( stripslashes( $_POST['admin_password'] ) ) : '';
$admin_email = isset( $_POST['admin_email'] ) ? trim( stripslashes( $_POST['admin_email'] ) ) : '';
$weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
$user_name = isset($_POST['user_name']) ? trim( wp_unslash( $_POST['user_name'] ) ) : 'admin';
$admin_password = isset($_POST['admin_password']) ? trim( wp_unslash( $_POST['admin_password'] ) ) : '';
$admin_email = isset( $_POST['admin_email'] ) ? trim( wp_unslash( $_POST['admin_email'] ) ) : '';
if ( ! is_null( $error ) ) {
?>
@ -189,11 +189,11 @@ switch($step) {
display_header();
// Fill in the data we gathered
$weblog_title = isset( $_POST['weblog_title'] ) ? trim( stripslashes( $_POST['weblog_title'] ) ) : '';
$user_name = isset($_POST['user_name']) ? trim( stripslashes( $_POST['user_name'] ) ) : 'admin';
$admin_password = isset($_POST['admin_password']) ? $_POST['admin_password'] : '';
$admin_password_check = isset($_POST['admin_password2']) ? $_POST['admin_password2'] : '';
$admin_email = isset( $_POST['admin_email'] ) ?trim( stripslashes( $_POST['admin_email'] ) ) : '';
$weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
$user_name = isset($_POST['user_name']) ? trim( wp_unslash( $_POST['user_name'] ) ) : 'admin';
$admin_password = isset($_POST['admin_password']) ? wp_unslash( $_POST['admin_password'] ) : '';
$admin_password_check = isset($_POST['admin_password2']) ? wp_unslash( $_POST['admin_password2'] ) : '';
$admin_email = isset( $_POST['admin_email'] ) ?trim( wp_unslash( $_POST['admin_email'] ) ) : '';
$public = isset( $_POST['blog_public'] ) ? (int) $_POST['blog_public'] : 0;
// check e-mail address
$error = false;

4
wp-admin/link-manager.php
View File

@ -31,7 +31,7 @@ if ( $doaction && isset( $_REQUEST['linkcheck'] ) ) {
exit;
}
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes( $_SERVER['REQUEST_URI'] ) ) );
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}
@ -72,7 +72,7 @@ if ( ! current_user_can('manage_links') )
<?php screen_icon(); ?>
<h2><?php echo esc_html( $title ); ?> <a href="link-add.php" class="add-new-h2"><?php echo esc_html_x('Add New', 'link'); ?></a> <?php
if ( !empty($_REQUEST['s']) )
printf( '<span class="subtitle">' . __('Search results for &#8220;%s&#8221;') . '</span>', esc_html( stripslashes($_REQUEST['s']) ) ); ?>
printf( '<span class="subtitle">' . __('Search results for &#8220;%s&#8221;') . '</span>', esc_html( wp_unslash($_REQUEST['s']) ) ); ?>
</h2>
<?php

2
wp-admin/media.php
View File

@ -32,7 +32,7 @@ case 'editattachment' :
}
if ( false !== strpos($location, 'upload.php') ) {
$location = remove_query_arg('message', $location);
$location = add_query_arg('posted', $attachment_id, $location);
$location = add_query_arg('posted', $attachment_id, $location);
} elseif ( false !== strpos($location, 'media.php') ) {
$location = add_query_arg('message', 'updated', $location);
}

10
wp-admin/nav-menus.php
View File

@ -93,7 +93,7 @@ switch ( $action ) {
if ( ! is_wp_error( $parent_object ) ) {
$parent_data = (array) $parent_object;
$menu_item_data['menu_item_parent'] = $parent_data['menu_item_parent'];
update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
}
@ -103,7 +103,7 @@ switch ( $action ) {
$menu_item_data['menu_order'] = $menu_item_data['menu_order'] + 1;
$menu_item_data['menu_item_parent'] = $next_item_data['ID'];
update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post($menu_item_data);
wp_update_post($next_item_data);
@ -115,7 +115,7 @@ switch ( $action ) {
in_array( $menu_item_data['menu_item_parent'], $orders_to_dbids )
) {
$menu_item_data['menu_item_parent'] = (int) get_post_meta( $menu_item_data['menu_item_parent'], '_menu_item_menu_item_parent', true);
update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
}
}
}
@ -190,7 +190,7 @@ switch ( $action ) {
$menu_item_data['menu_order'] = $menu_item_data['menu_order'] - 1;
// save changes
update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post($menu_item_data);
wp_update_post($parent_data);
}
@ -205,7 +205,7 @@ switch ( $action ) {
) {
// just make it a child of the previous; keep the order
$menu_item_data['menu_item_parent'] = (int) $orders_to_dbids[$dbids_to_orders[$menu_item_id] - 1];
update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post_meta( $menu_item_data['ID'], '_menu_item_menu_item_parent', (int) $menu_item_data['menu_item_parent'] );
wp_update_post($menu_item_data);
}
}

2
wp-admin/network.php
View File

@ -520,7 +520,7 @@ if ( $_POST ) {
$base = parse_url( trailingslashit( get_option( 'home' ) ), PHP_URL_PATH );
$subdomain_install = allow_subdomain_install() ? !empty( $_POST['subdomain_install'] ) : false;
if ( ! network_domain_check() ) {
$result = populate_network( 1, get_clean_basedomain(), sanitize_email( $_POST['email'] ), stripslashes( $_POST['sitename'] ), $base, $subdomain_install );
$result = populate_network( 1, get_clean_basedomain(), sanitize_email( $_POST['email'] ), wp_unslash( $_POST['sitename'] ), $base, $subdomain_install );
if ( is_wp_error( $result ) ) {
if ( 1 == count( $result->get_error_codes() ) && 'no_wildcard_dns' == $result->get_error_code() )
network_step2( $result );

12
wp-admin/network/settings.php
View File

@ -61,7 +61,7 @@ if ( $_POST ) {
foreach ( $options as $option_name ) {
if ( ! isset($_POST[$option_name]) )
continue;
$value = stripslashes_deep( $_POST[$option_name] );
$value = wp_unslash( $_POST[$option_name] );
update_site_option( $option_name, $value );
}
@ -181,7 +181,7 @@ if ( isset( $_GET['updated'] ) ) {
<th scope="row"><label for="welcome_email"><?php _e( 'Welcome Email' ) ?></label></th>
<td>
<textarea name="welcome_email" id="welcome_email" rows="5" cols="45" class="large-text">
<?php echo esc_textarea( stripslashes( get_site_option( 'welcome_email' ) ) ) ?></textarea>
<?php echo esc_textarea( get_site_option( 'welcome_email' ) ) ?></textarea>
<br />
<?php _e( 'The welcome email sent to new site owners.' ) ?>
</td>
@ -190,7 +190,7 @@ if ( isset( $_GET['updated'] ) ) {
<th scope="row"><label for="welcome_user_email"><?php _e( 'Welcome User Email' ) ?></label></th>
<td>
<textarea name="welcome_user_email" id="welcome_user_email" rows="5" cols="45" class="large-text">
<?php echo esc_textarea( stripslashes( get_site_option( 'welcome_user_email' ) ) ) ?></textarea>
<?php echo esc_textarea( get_site_option( 'welcome_user_email' ) ) ?></textarea>
<br />
<?php _e( 'The welcome email sent to new users.' ) ?>
</td>
@ -199,7 +199,7 @@ if ( isset( $_GET['updated'] ) ) {
<th scope="row"><label for="first_post"><?php _e( 'First Post' ) ?></label></th>
<td>
<textarea name="first_post" id="first_post" rows="5" cols="45" class="large-text">
<?php echo esc_textarea( stripslashes( get_site_option( 'first_post' ) ) ) ?></textarea>
<?php echo esc_textarea( get_site_option( 'first_post' ) ) ?></textarea>
<br />
<?php _e( 'The first post on a new site.' ) ?>
</td>
@ -208,7 +208,7 @@ if ( isset( $_GET['updated'] ) ) {
<th scope="row"><label for="first_page"><?php _e( 'First Page' ) ?></label></th>
<td>
<textarea name="first_page" id="first_page" rows="5" cols="45" class="large-text">
<?php echo esc_textarea( stripslashes( get_site_option('first_page') ) ) ?></textarea>
<?php echo esc_textarea( get_site_option( 'first_page' ) ) ?></textarea>
<br />
<?php _e( 'The first page on a new site.' ) ?>
</td>
@ -217,7 +217,7 @@ if ( isset( $_GET['updated'] ) ) {
<th scope="row"><label for="first_comment"><?php _e( 'First Comment' ) ?></label></th>
<td>
<textarea name="first_comment" id="first_comment" rows="5" cols="45" class="large-text">
<?php echo esc_textarea( stripslashes( get_site_option('first_comment') ) ) ?></textarea>
<?php echo esc_textarea( get_site_option( 'first_comment' ) ) ?></textarea>
<br />
<?php _e( 'The first comment on a new site.' ) ?>
</td>

2
wp-admin/network/site-info.php
View File

@ -62,7 +62,7 @@ if ( isset($_REQUEST['action']) && 'update-site' == $_REQUEST['action'] ) {
delete_option( 'rewrite_rules' );
// update blogs table
$blog_data = stripslashes_deep( $_POST['blog'] );
$blog_data = wp_unslash( $_POST['blog'] );
$existing_details = get_blog_details( $id, false );
$blog_data_checkboxes = array( 'public', 'archived', 'spam', 'mature', 'deleted' );
foreach ( $blog_data_checkboxes as $c ) {

4
wp-admin/network/site-new.php
View File

@ -38,7 +38,7 @@ if ( isset($_REQUEST['action']) && 'add-site' == $_REQUEST['action'] ) {
if ( ! is_array( $_POST['blog'] ) )
wp_die( __( 'Can&#8217;t create an empty site.' ) );
$blog = $_POST['blog'];
$blog = wp_unslash( $_POST['blog'] );
$domain = '';
if ( preg_match( '|^([a-zA-Z0-9-])+$|', $blog['domain'] ) )
$domain = strtolower( $blog['domain'] );
@ -88,7 +88,7 @@ if ( isset($_REQUEST['action']) && 'add-site' == $_REQUEST['action'] ) {
$content_mail = sprintf( __( 'New site created by %1$s
Address: %2$s
Name: %3$s' ), $current_user->user_login , get_site_url( $id ), stripslashes( $title ) );
Name: %3$s' ), $current_user->user_login , get_site_url( $id ), $title );
wp_mail( get_site_option('admin_email'), sprintf( __( '[%s] New Site Created' ), $current_site->site_name ), $content_mail, 'From: "Site Admin" <' . get_site_option( 'admin_email' ) . '>' );
wpmu_welcome_notification( $id, $user_id, $password, $title, array( 'public' => 1 ) );
wp_redirect( add_query_arg( array( 'update' => 'added', 'id' => $id ), 'site-new.php' ) );

6
wp-admin/network/site-settings.php
View File

@ -53,12 +53,14 @@ if ( isset($_REQUEST['action']) && 'update-site' == $_REQUEST['action'] && is_ar
$count = count( $_POST['option'] );
$skip_options = array( 'allowedthemes' ); // Don't update these options since they are handled elsewhere in the form.
foreach ( (array) $_POST['option'] as $key => $val ) {
$key = wp_unslash( $key );
$val = wp_unslash( $val );
if ( $key === 0 || is_array( $val ) || in_array($key, $skip_options) )
continue; // Avoids "0 is a protected WP option and may not be modified" error when edit blog options
if ( $c == $count )
update_option( $key, stripslashes( $val ) );
update_option( $key, $val );
else
update_option( $key, stripslashes( $val ), false ); // no need to refresh blog details yet
update_option( $key, $val, false ); // no need to refresh blog details yet
$c++;
}

2
wp-admin/network/sites.php
View File

@ -79,7 +79,7 @@ if ( isset( $_GET['action'] ) ) {
<input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
<input type="hidden" name="_wp_http_referer" value="<?php echo esc_attr( wp_get_referer() ); ?>" />
<?php wp_nonce_field( $_GET['action2'], '_wpnonce', false ); ?>
<p><?php echo esc_html( stripslashes( $_GET['msg'] ) ); ?></p>
<p><?php echo esc_html( wp_unslash( $_GET['msg'] ) ); ?></p>
<?php submit_button( __('Confirm'), 'button' ); ?>
</form>
</body>

8
wp-admin/options.php
View File

@ -120,16 +120,16 @@ if ( 'update' == $action ) {
if ( 'options' == $option_page ) {
if ( is_multisite() && ! is_super_admin() )
wp_die( __( 'You do not have sufficient permissions to modify unregistered settings for this site.' ) );
$options = explode( ',', stripslashes( $_POST[ 'page_options' ] ) );
$options = explode( ',', wp_unslash( $_POST[ 'page_options' ] ) );
} else {
$options = $whitelist_options[ $option_page ];
}
// Handle custom date/time formats
if ( 'general' == $option_page ) {
if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['date_format'] ) )
if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['date_format'] ) )
$_POST['date_format'] = $_POST['date_format_custom'];
if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['time_format'] ) )
if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['time_format'] ) )
$_POST['time_format'] = $_POST['time_format_custom'];
// Map UTC+- timezones to gmt_offsets and set timezone_string to empty.
if ( !empty($_POST['timezone_string']) && preg_match('/^UTC[+-]/', $_POST['timezone_string']) ) {
@ -150,7 +150,7 @@ if ( 'update' == $action ) {
$value = $_POST[ $option ];
if ( ! is_array( $value ) )
$value = trim( $value );
$value = stripslashes_deep( $value );
$value = wp_unslash( $value );
}
update_option( $option, $value );
}

6
wp-admin/plugin-editor.php
View File

@ -28,7 +28,7 @@ if ( empty($plugins) )
wp_die( __('There are no plugins installed on this site.') );
if ( isset($_REQUEST['file']) )
$plugin = stripslashes($_REQUEST['file']);
$plugin = wp_unslash($_REQUEST['file']);
if ( empty($plugin) ) {
$plugin = array_keys($plugins);
@ -40,7 +40,7 @@ $plugin_files = get_plugin_files($plugin);
if ( empty($file) )
$file = $plugin_files[0];
else
$file = stripslashes($file);
$file = wp_unslash($file);
$file = validate_file_to_edit($file, $plugin_files);
$real_file = WP_PLUGIN_DIR . '/' . $file;
@ -52,7 +52,7 @@ case 'update':
check_admin_referer('edit-plugin_' . $file);
$newcontent = stripslashes($_POST['newcontent']);
$newcontent = wp_unslash( $_POST['newcontent'] );
if ( is_writeable($real_file) ) {
$f = fopen($real_file, 'w+');
fwrite($f, $newcontent);

4
wp-admin/press-this.php
View File

@ -91,11 +91,11 @@ if ( isset($_REQUEST['action']) && 'post' == $_REQUEST['action'] ) {
}
// Set Variables
$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( stripslashes( $_GET['t'] ) , ENT_QUOTES) ) ) : '';
$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( wp_unslash( $_GET['t'] ) , ENT_QUOTES) ) ) : '';
$selection = '';
if ( !empty($_GET['s']) ) {
$selection = str_replace('&apos;', "'", stripslashes($_GET['s']));
$selection = str_replace('&apos;', "'", wp_unslash($_GET['s']));
$selection = trim( htmlspecialchars( html_entity_decode($selection, ENT_QUOTES) ) );
}

2
wp-admin/setup-config.php
View File

@ -164,7 +164,7 @@ switch($step) {
case 2:
foreach ( array( 'dbname', 'uname', 'pwd', 'dbhost', 'prefix' ) as $key )
$$key = trim( stripslashes( $_POST[ $key ] ) );
$$key = trim( wp_unslash( $_POST[ $key ] ) );
$tryagain_link = '</p><p class="step"><a href="setup-config.php?step=1" onclick="javascript:history.go(-1);return false;" class="button button-large">' . __( 'Try again' ) . '</a>';

4
wp-admin/theme-editor.php
View File

@ -68,7 +68,7 @@ if ( empty( $file ) ) {
$relative_file = 'style.css';
$file = $allowed_files['style.css'];
} else {
$relative_file = stripslashes( $file );
$relative_file = wp_unslash( $file );
$file = $theme->get_stylesheet_directory() . '/' . $relative_file;
}
@ -78,7 +78,7 @@ $scrollto = isset( $_REQUEST['scrollto'] ) ? (int) $_REQUEST['scrollto'] : 0;
switch( $action ) {
case 'update':
check_admin_referer( 'edit-theme_' . $file . $stylesheet );
$newcontent = stripslashes( $_POST['newcontent'] );
$newcontent = wp_unslash( $_POST['newcontent'] );
$location = 'theme-editor.php?file=' . urlencode( $relative_file ) . '&theme=' . urlencode( $stylesheet ) . '&scrollto=' . $scrollto;
if ( is_writeable( $file ) ) {
//is_writable() not always reliable, check return value. see comments @ http://uk.php.net/is_writable

6
wp-admin/update.php
View File

@ -26,7 +26,7 @@ if ( isset($_GET['action']) ) {
check_admin_referer( 'bulk-update-plugins' );
if ( isset( $_GET['plugins'] ) )
$plugins = explode( ',', stripslashes($_GET['plugins']) );
$plugins = explode( ',', wp_unslash($_GET['plugins']) );
elseif ( isset( $_POST['checked'] ) )
$plugins = (array) $_POST['checked'];
else
@ -109,7 +109,7 @@ if ( isset($_GET['action']) ) {
$nonce = 'install-plugin_' . $plugin;
$url = 'update.php?action=install-plugin&plugin=' . $plugin;
if ( isset($_GET['from']) )
$url .= '&from=' . urlencode(stripslashes($_GET['from']));
$url .= '&from=' . urlencode( wp_unslash( $_GET['from'] ) );
$type = 'web'; //Install plugin type, From Web or an Upload.
@ -173,7 +173,7 @@ if ( isset($_GET['action']) ) {
check_admin_referer( 'bulk-update-themes' );
if ( isset( $_GET['themes'] ) )
$themes = explode( ',', stripslashes($_GET['themes']) );
$themes = explode( ',', wp_unslash( $_GET['themes'] ) );
elseif ( isset( $_POST['checked'] ) )
$themes = (array) $_POST['checked'];
else

4
wp-admin/upgrade.php
View File

@ -77,7 +77,7 @@ else
<?php else :
switch ( $step ) :
case 0:
$goback = stripslashes( wp_get_referer() );
$goback = wp_get_referer();
$goback = esc_url_raw( $goback );
$goback = urlencode( $goback );
?>
@ -90,7 +90,7 @@ switch ( $step ) :
case 1:
wp_upgrade();
$backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
$backto = !empty($_GET['backto']) ? wp_unslash( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
$backto = esc_url( $backto );
$backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
?>

2
wp-admin/upload.php
View File

@ -132,7 +132,7 @@ if ( $doaction ) {
wp_redirect( $location );
exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes( $_SERVER['REQUEST_URI'] ) ) );
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}

2
wp-admin/user-edit.php
View File

@ -54,7 +54,7 @@ get_current_screen()->set_help_sidebar(
'<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
);
$wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
$wp_http_referer = remove_query_arg(array('update', 'delete_count'), wp_unslash( $wp_http_referer ) );
$user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' );

8
wp-admin/user-new.php
View File

@ -112,15 +112,15 @@ Please click the following link to confirm the invite:
}
} else {
// Adding a new user to this blog
$user_details = wpmu_validate_user_signup( $_REQUEST[ 'user_login' ], $_REQUEST[ 'email' ] );
$user_details = wpmu_validate_user_signup( wp_unslash( $_REQUEST[ 'user_login' ] ), wp_unslash( $_REQUEST[ 'email' ] ) );
if ( is_wp_error( $user_details[ 'errors' ] ) && !empty( $user_details[ 'errors' ]->errors ) ) {
$add_user_errors = $user_details[ 'errors' ];
} else {
$new_user_login = apply_filters('pre_user_login', sanitize_user(stripslashes($_REQUEST['user_login']), true));
$new_user_login = apply_filters('pre_user_login', sanitize_user( wp_unslash( $_REQUEST['user_login'] ), true ) );
if ( isset( $_POST[ 'noconfirmation' ] ) && is_super_admin() ) {
add_filter( 'wpmu_signup_user_notification', '__return_false' ); // Disable confirmation email
}
wpmu_signup_user( $new_user_login, $_REQUEST[ 'email' ], array( 'add_to_blog' => $wpdb->blogid, 'new_role' => $_REQUEST[ 'role' ] ) );
wpmu_signup_user( $new_user_login, wp_unslash( $_REQUEST[ 'email' ] ), array( 'add_to_blog' => $wpdb->blogid, 'new_role' => $_REQUEST[ 'role' ] ) );
if ( isset( $_POST[ 'noconfirmation' ] ) && is_super_admin() ) {
$key = $wpdb->get_var( $wpdb->prepare( "SELECT activation_key FROM {$wpdb->signups} WHERE user_login = %s AND user_email = %s", $new_user_login, $_REQUEST[ 'email' ] ) );
wpmu_activate_signup( $key );
@ -309,7 +309,7 @@ foreach ( array( 'user_login' => 'login', 'first_name' => 'firstname', 'last_nam
$var = "new_user_$var";
if( isset( $_POST['createuser'] ) ) {
if ( ! isset($$var) )
$$var = isset( $_POST[$post_field] ) ? stripslashes( $_POST[$post_field] ) : '';
$$var = isset( $_POST[$post_field] ) ? wp_unslash( $_POST[$post_field] ) : '';
} else {
$$var = false;
}

8
wp-admin/users.php
View File

@ -64,9 +64,9 @@ get_current_screen()->set_help_sidebar(
);
if ( empty($_REQUEST) ) {
$referer = '<input type="hidden" name="wp_http_referer" value="'. esc_attr(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
$referer = '<input type="hidden" name="wp_http_referer" value="'. esc_attr( wp_unslash( $_SERVER['REQUEST_URI'] ) ) . '" />';
} elseif ( isset($_REQUEST['wp_http_referer']) ) {
$redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), stripslashes($_REQUEST['wp_http_referer']));
$redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), wp_unslash( $_REQUEST['wp_http_referer'] ) );
$referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr($redirect) . '" />';
} else {
$redirect = 'users.php';
@ -357,7 +357,7 @@ break;
default:
if ( !empty($_GET['_wp_http_referer']) ) {
wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce'), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}
@ -381,7 +381,7 @@ default:
case 'add':
if ( isset( $_GET['id'] ) && ( $user_id = $_GET['id'] ) && current_user_can( 'edit_user', $user_id ) ) {
$messages[] = '<div id="message" class="updated"><p>' . sprintf( __( 'New user created. <a href="%s">Edit user</a>' ),
esc_url( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ),
esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ),
self_admin_url( 'user-edit.php?user_id=' . $user_id ) ) ) ) . '</p></div>';
} else {
$messages[] = '<div id="message" class="updated"><p>' . __( 'New user created.' ) . '</p></div>';

26
wp-comments-post.php
View File

@ -17,7 +17,9 @@ require( dirname(__FILE__) . '/wp-load.php' );
nocache_headers();
$comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0;
$post_data = wp_unslash( $_POST );
$comment_post_ID = isset($post_data['comment_post_ID']) ? (int) $post_data['comment_post_ID'] : 0;
$post = get_post($comment_post_ID);
@ -47,21 +49,21 @@ if ( !comments_open($comment_post_ID) ) {
do_action('pre_comment_on_post', $comment_post_ID);
}
$comment_author = ( isset($_POST['author']) ) ? trim(strip_tags($_POST['author'])) : null;
$comment_author_email = ( isset($_POST['email']) ) ? trim($_POST['email']) : null;
$comment_author_url = ( isset($_POST['url']) ) ? trim($_POST['url']) : null;
$comment_content = ( isset($_POST['comment']) ) ? trim($_POST['comment']) : null;
$comment_author = ( isset( $post_data['author'] ) ) ? trim( strip_tags( $post_data['author'] ) ) : null;
$comment_author_email = ( isset( $post_data['email'] ) ) ? trim( $post_data['email'] ) : null;
$comment_author_url = ( isset( $post_data['url'] ) ) ? trim( $post_data['url'] ) : null;
$comment_content = ( isset( $post_data['comment'] ) ) ? trim( $post_data['comment'] ) : null;
// If the user is logged in
$user = wp_get_current_user();
if ( $user->exists() ) {
if ( empty( $user->display_name ) )
$user->display_name=$user->user_login;
$comment_author = $wpdb->escape($user->display_name);
$comment_author_email = $wpdb->escape($user->user_email);
$comment_author_url = $wpdb->escape($user->user_url);
$user->display_name = $user->user_login;
$comment_author = $user->display_name;
$comment_author_email = $user->user_email;
$comment_author_url = $user->user_url;
if ( current_user_can('unfiltered_html') ) {
if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) {
if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $post_data['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
kses_init_filters(); // set up the filters
}
@ -83,7 +85,7 @@ if ( get_option('require_name_email') && !$user->exists() ) {
if ( '' == $comment_content )
wp_die( __('<strong>ERROR</strong>: please type a comment.') );
$comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0;
$comment_parent = isset($post_data['comment_parent']) ? absint($post_data['comment_parent']) : 0;
$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID');
@ -92,7 +94,7 @@ $comment_id = wp_new_comment( $commentdata );
$comment = get_comment($comment_id);
do_action('set_comment_cookies', $comment, $user);
$location = empty($_POST['redirect_to']) ? get_comment_link($comment_id) : $_POST['redirect_to'] . '#comment-' . $comment_id;
$location = empty($post_data['redirect_to']) ? get_comment_link($comment_id) : $post_data['redirect_to'] . '#comment-' . $comment_id;
$location = apply_filters('comment_post_redirect', $location, $comment);
wp_safe_redirect( $location );

2
wp-includes/class-wp-customize-manager.php
View File

@ -310,7 +310,7 @@ final class WP_Customize_Manager {
public function post_value( $setting ) {
if ( ! isset( $this->_post_values ) ) {
if ( isset( $_POST['customized'] ) )
$this->_post_values = json_decode( stripslashes( $_POST['customized'] ), true );
$this->_post_values = json_decode( wp_unslash( $_POST['customized'] ), true );
else
$this->_post_values = false;
}

2
wp-includes/class-wp-customize-setting.php
View File

@ -144,7 +144,7 @@ class WP_Customize_Setting {
* @return mixed Null if an input isn't valid, otherwise the sanitized value.
*/
public function sanitize( $value ) {
$value = stripslashes_deep( $value );
$value = wp_unslash( $value );
return apply_filters( "customize_sanitize_{$this->id}", $value, $this );
}

205
wp-includes/class-wp-xmlrpc-server.php
View File

@ -280,17 +280,15 @@ class wp_xmlrpc_server extends IXR_Server {
$meta['id'] = (int) $meta['id'];
$pmeta = get_metadata_by_mid( 'post', $meta['id'] );
if ( isset($meta['key']) ) {
$meta['key'] = stripslashes( $meta['key'] );
if ( $meta['key'] != $pmeta->meta_key )
continue;
$meta['value'] = stripslashes_deep( $meta['value'] );
if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) )
update_metadata_by_mid( 'post', $meta['id'], $meta['value'] );
} elseif ( current_user_can( 'delete_post_meta', $post_id, $pmeta->meta_key ) ) {
delete_metadata_by_mid( 'post', $meta['id'] );
}
} elseif ( current_user_can( 'add_post_meta', $post_id, stripslashes( $meta['key'] ) ) ) {
add_post_meta( $post_id, $meta['key'], $meta['value'] );
} elseif ( current_user_can( 'add_post_meta', $post_id, $meta['key'] ) ) {
wp_add_post_meta( $post_id, $meta['key'], $meta['value'] );
}
}
}
@ -462,8 +460,6 @@ class wp_xmlrpc_server extends IXR_Server {
return $this->blogger_getUsersBlogs( $args );
}
$this->escape( $args );
$username = $args[0];
$password = $args[1];
@ -955,8 +951,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1239,8 +1233,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 5 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1274,7 +1266,6 @@ class wp_xmlrpc_server extends IXR_Server {
else
$post['post_date_gmt'] = $this->_convert_date( $post['post_date_gmt'] );
$this->escape( $post );
$merged_content_struct = array_merge( $post, $content_struct );
$retval = $this->_insert_post( $user, $merged_content_struct );
@ -1301,8 +1292,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1377,8 +1366,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1434,8 +1421,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 3 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1529,8 +1514,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1616,8 +1599,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 5 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1708,8 +1689,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 5 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1775,8 +1754,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 5 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1828,8 +1805,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1903,8 +1878,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -1947,8 +1920,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 3 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2016,8 +1987,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2069,8 +2038,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 3 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2137,8 +2104,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 3 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2184,8 +2149,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2249,8 +2212,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getPage($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$page_id = (int) $args[1];
$username = $args[2];
@ -2292,8 +2253,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getPages($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2336,9 +2295,8 @@ class wp_xmlrpc_server extends IXR_Server {
* @return unknown
*/
function wp_newPage($args) {
// Items not escaped here will be escaped in newPost.
$username = $this->escape($args[1]);
$password = $this->escape($args[2]);
$username = $args[1];
$password = $args[2];
$page = $args[3];
$publish = $args[4];
@ -2363,8 +2321,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return bool True, if success.
*/
function wp_deletePage($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2404,11 +2360,10 @@ class wp_xmlrpc_server extends IXR_Server {
* @return unknown
*/
function wp_editPage($args) {
// Items not escaped here will be escaped in editPost.
$blog_id = (int) $args[0];
$page_id = (int) $this->escape($args[1]);
$username = $this->escape($args[2]);
$password = $this->escape($args[3]);
$page_id = (int) $args[1];
$username = $args[2];
$password = $args[3];
$content = $args[4];
$publish = $args[5];
@ -2453,8 +2408,6 @@ class wp_xmlrpc_server extends IXR_Server {
function wp_getPageList($args) {
global $wpdb;
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2503,9 +2456,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getAuthors($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2539,8 +2489,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getTags( $args ) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2580,8 +2528,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return int Category ID.
*/
function wp_newCategory($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2641,8 +2587,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return mixed See {@link wp_delete_term()} for return info.
*/
function wp_deleteCategory($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2673,8 +2617,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_suggestCategories($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2710,8 +2652,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getComment($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2751,8 +2691,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array. Contains a collection of comments. See {@link wp_xmlrpc_server::wp_getComment()} for a description of each item contents
*/
function wp_getComments($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2811,8 +2749,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return mixed {@link wp_delete_comment()}
*/
function wp_deleteComment($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2865,8 +2801,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return bool True, on success.
*/
function wp_editComment($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2942,8 +2876,6 @@ class wp_xmlrpc_server extends IXR_Server {
function wp_newComment($args) {
global $wpdb;
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -2978,9 +2910,9 @@ class wp_xmlrpc_server extends IXR_Server {
$comment['comment_post_ID'] = $post_id;
if ( $logged_in ) {
$comment['comment_author'] = $wpdb->escape( $user->display_name );
$comment['comment_author_email'] = $wpdb->escape( $user->user_email );
$comment['comment_author_url'] = $wpdb->escape( $user->user_url );
$comment['comment_author'] = $user->display_name;
$comment['comment_author_email'] = $user->user_email;
$comment['comment_author_url'] = $user->user_url;
$comment['user_ID'] = $user->ID;
} else {
$comment['comment_author'] = '';
@ -3027,8 +2959,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getCommentStatusList($args) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3053,8 +2983,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getCommentCount( $args ) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3086,8 +3014,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getPostStatusList( $args ) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3112,8 +3038,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getPageStatusList( $args ) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3138,8 +3062,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getPageTemplates( $args ) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3165,8 +3087,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getOptions( $args ) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3215,8 +3135,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return unknown
*/
function wp_setOptions( $args ) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3264,8 +3182,6 @@ class wp_xmlrpc_server extends IXR_Server {
* - 'metadata'
*/
function wp_getMediaItem($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3309,8 +3225,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array. Contains a collection of media items. See {@link wp_xmlrpc_server::wp_getMediaItem()} for a description of each item contents
*/
function wp_getMediaLibrary($args) {
$this->escape($args);
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3351,8 +3265,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function wp_getPostFormats( $args ) {
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3411,8 +3323,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3457,8 +3367,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 3 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3511,8 +3419,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 4 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3577,8 +3483,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( ! $this->minimum_args( $args, 3 ) )
return $this->error;
$this->escape( $args );
$blog_id = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -3628,8 +3532,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( is_multisite() )
return $this->_multisite_getUsersBlogs($args);
$this->escape($args);
$username = $args[1];
$password = $args[2];
@ -3691,9 +3593,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function blogger_getUserInfo($args) {
$this->escape($args);
$username = $args[1];
$password = $args[2];
@ -3725,9 +3624,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function blogger_getPost($args) {
$this->escape($args);
$post_ID = (int) $args[1];
$username = $args[2];
$password = $args[3];
@ -3746,9 +3642,9 @@ class wp_xmlrpc_server extends IXR_Server {
$categories = implode(',', wp_get_post_categories($post_ID));
$content = '<title>'.stripslashes($post_data['post_title']).'</title>';
$content = '<title>'.$post_data['post_title'].'</title>';
$content .= '<category>'.$categories.'</category>';
$content .= stripslashes($post_data['post_content']);
$content .= $post_data['post_content'];
$struct = array(
'userid' => (string) $post_data['post_author'],
@ -3769,9 +3665,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function blogger_getRecentPosts($args) {
$this->escape($args);
// $args[0] = appkey - ignored
$blog_ID = (int) $args[1]; /* though we don't use it yet */
$username = $args[2];
@ -3800,9 +3693,9 @@ class wp_xmlrpc_server extends IXR_Server {
$post_date = $this->_convert_date( $entry['post_date'] );
$categories = implode(',', wp_get_post_categories($entry['ID']));
$content = '<title>'.stripslashes($entry['post_title']).'</title>';
$content = '<title>'.$entry['post_title'].'</title>';
$content .= '<category>'.$categories.'</category>';
$content .= stripslashes($entry['post_content']);
$content .= $entry['post_content'];
$struct[] = array(
'userid' => (string) $entry['post_author'],
@ -3850,9 +3743,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return int
*/
function blogger_newPost($args) {
$this->escape($args);
$blog_ID = (int) $args[1]; /* though we don't use it yet */
$username = $args[2];
$password = $args[3];
@ -3904,9 +3794,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return bool true when done.
*/
function blogger_editPost($args) {
$this->escape($args);
$post_ID = (int) $args[1];
$username = $args[2];
$password = $args[3];
@ -3923,8 +3810,6 @@ class wp_xmlrpc_server extends IXR_Server {
if ( !$actual_post || $actual_post['post_type'] != 'post' )
return new IXR_Error(404, __('Sorry, no such post.'));
$this->escape($actual_post);
if ( !current_user_can('edit_post', $post_ID) )
return new IXR_Error(401, __('Sorry, you do not have the right to edit this post.'));
@ -3960,8 +3845,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return bool True when post is deleted.
*/
function blogger_deletePost($args) {
$this->escape($args);
$post_ID = (int) $args[1];
$username = $args[2];
$password = $args[3];
@ -4030,13 +3913,11 @@ class wp_xmlrpc_server extends IXR_Server {
* @return int
*/
function mw_newPost($args) {
$this->escape($args);
$blog_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
$blog_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
$content_struct = $args[3];
$publish = isset( $args[4] ) ? $args[4] : 0;
$publish = isset( $args[4] ) ? $args[4] : 0;
if ( !$user = $this->login($username, $password) )
return $this->error;
@ -4316,7 +4197,7 @@ class wp_xmlrpc_server extends IXR_Server {
}
}
if (!$found)
add_post_meta( $post_ID, 'enclosure', $encstring );
wp_add_post_meta( $post_ID, 'enclosure', $encstring );
}
}
@ -4350,9 +4231,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return bool True on success.
*/
function mw_editPost($args) {
$this->escape($args);
$post_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -4391,7 +4269,6 @@ class wp_xmlrpc_server extends IXR_Server {
}
}
$this->escape($postdata);
extract($postdata, EXTR_SKIP);
// Let WordPress manage slug if none was provided.
@ -4619,9 +4496,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function mw_getPost($args) {
$this->escape($args);
$post_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -4743,9 +4617,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function mw_getRecentPosts($args) {
$this->escape($args);
$blog_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -4858,9 +4729,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function mw_getCategories($args) {
$this->escape($args);
$blog_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -4907,10 +4775,10 @@ class wp_xmlrpc_server extends IXR_Server {
function mw_newMediaObject($args) {
global $wpdb;
$blog_ID = (int) $args[0];
$username = $wpdb->escape($args[1]);
$password = $wpdb->escape($args[2]);
$data = $args[3];
$blog_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
$data = $args[3];
$name = sanitize_file_name( $data['name'] );
$type = $data['type'];
@ -4997,9 +4865,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function mt_getRecentPostTitles($args) {
$this->escape($args);
$blog_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -5057,9 +4922,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function mt_getCategoryList($args) {
$this->escape($args);
$blog_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -5095,9 +4957,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function mt_getPostCategories($args) {
$this->escape($args);
$post_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -5138,9 +4997,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return bool True on success.
*/
function mt_setPostCategories($args) {
$this->escape($args);
$post_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -5250,9 +5106,6 @@ class wp_xmlrpc_server extends IXR_Server {
* @return int
*/
function mt_publishPost($args) {
$this->escape($args);
$post_ID = (int) $args[0];
$username = $args[1];
$password = $args[2];
@ -5274,7 +5127,6 @@ class wp_xmlrpc_server extends IXR_Server {
// retain old cats
$cats = wp_get_post_categories($post_ID);
$postdata['post_category'] = $cats;
$this->escape($postdata);
$result = wp_update_post($postdata);
@ -5298,8 +5150,6 @@ class wp_xmlrpc_server extends IXR_Server {
do_action('xmlrpc_call', 'pingback.ping');
$this->escape($args);
$pagelinkedfrom = $args[0];
$pagelinkedto = $args[1];
@ -5435,15 +5285,15 @@ class wp_xmlrpc_server extends IXR_Server {
$pagelinkedfrom = str_replace('&', '&amp;', $pagelinkedfrom);
$context = '[...] ' . esc_html( $excerpt ) . ' [...]';
$pagelinkedfrom = $wpdb->escape( $pagelinkedfrom );
$pagelinkedfrom = $pagelinkedfrom;
$comment_post_ID = (int) $post_ID;
$comment_author = $title;
$comment_author_email = '';
$this->escape($comment_author);
$comment_author;
$comment_author_url = $pagelinkedfrom;
$comment_content = $context;
$this->escape($comment_content);
$comment_content;
$comment_type = 'pingback';
$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_content', 'comment_type');
@ -5465,13 +5315,10 @@ class wp_xmlrpc_server extends IXR_Server {
* @return array
*/
function pingback_extensions_getPingbacks($args) {
global $wpdb;
do_action('xmlrpc_call', 'pingback.extensions.getPingbacks');
$this->escape($args);
$url = $args;
$post_ID = url_to_postid($url);

12
wp-includes/class-wp.php
View File

@ -142,15 +142,15 @@ class WP {
$this->did_permalink = true;
if ( isset($_SERVER['PATH_INFO']) )
$pathinfo = $_SERVER['PATH_INFO'];
$pathinfo = wp_unslash( $_SERVER['PATH_INFO'] );
else
$pathinfo = '';
$pathinfo_array = explode('?', $pathinfo);
$pathinfo = str_replace("%", "%25", $pathinfo_array[0]);
$req_uri = $_SERVER['REQUEST_URI'];
$req_uri = wp_unslash( $_SERVER['REQUEST_URI'] );
$req_uri_array = explode('?', $req_uri);
$req_uri = $req_uri_array[0];
$self = $_SERVER['PHP_SELF'];
$self = wp_unslash( $_SERVER['PHP_SELF'] );
$home_path = parse_url(home_url());
if ( isset($home_path['path']) )
$home_path = $home_path['path'];
@ -255,9 +255,9 @@ class WP {
if ( isset( $this->extra_query_vars[$wpvar] ) )
$this->query_vars[$wpvar] = $this->extra_query_vars[$wpvar];
elseif ( isset( $_POST[$wpvar] ) )
$this->query_vars[$wpvar] = $_POST[$wpvar];
$this->query_vars[$wpvar] = wp_unslash( $_POST[$wpvar] );
elseif ( isset( $_GET[$wpvar] ) )
$this->query_vars[$wpvar] = $_GET[$wpvar];
$this->query_vars[$wpvar] = wp_unslash( $_GET[$wpvar] );
elseif ( isset( $perma_query_vars[$wpvar] ) )
$this->query_vars[$wpvar] = $perma_query_vars[$wpvar];
@ -356,7 +356,7 @@ class WP {
// Support for Conditional GET
if (isset($_SERVER['HTTP_IF_NONE_MATCH']))
$client_etag = stripslashes(stripslashes($_SERVER['HTTP_IF_NONE_MATCH']));
$client_etag = stripslashes( wp_unslash( $_SERVER['HTTP_IF_NONE_MATCH'] ) ); // Retain extra strip. See #2597
else $client_etag = false;
$client_last_modified = empty($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? '' : trim($_SERVER['HTTP_IF_MODIFIED_SINCE']);

26
wp-includes/comment.php
View File

@ -633,22 +633,22 @@ function wp_set_comment_cookies($comment, $user) {
*/
function sanitize_comment_cookies() {
if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
$comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
$comment_author = stripslashes($comment_author);
$comment_author = wp_unslash( $_COOKIE['comment_author_'.COOKIEHASH] );
$comment_author = apply_filters('pre_comment_author_name', $comment_author);
$comment_author = esc_attr($comment_author);
$_COOKIE['comment_author_'.COOKIEHASH] = $comment_author;
}
if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
$comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
$comment_author_email = stripslashes($comment_author_email);
$comment_author_email = wp_unslash( $_COOKIE['comment_author_email_'.COOKIEHASH] );
$comment_author_email = apply_filters('pre_comment_author_email', $comment_author_email);
$comment_author_email = esc_attr($comment_author_email);
$_COOKIE['comment_author_email_'.COOKIEHASH] = $comment_author_email;
}
if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {
$comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
$comment_author_url = stripslashes($comment_author_url);
$comment_author_url = wp_unslash( $_COOKIE['comment_author_url_'.COOKIEHASH] );
$comment_author_url = apply_filters('pre_comment_author_url', $comment_author_url);
$_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url;
}
}
@ -670,11 +670,10 @@ function wp_allow_comment($commentdata) {
extract($commentdata, EXTR_SKIP);
// Simple duplicate check
// expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content)
$dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_parent = '$comment_parent' AND comment_approved != 'trash' AND ( comment_author = '$comment_author' ";
$dupe = $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_parent = %s AND comment_approved != 'trash' AND ( comment_author = %s ", $comment_post_ID, $comment_parent, $comment_author );
if ( $comment_author_email )
$dupe .= "OR comment_author_email = '$comment_author_email' ";
$dupe .= ") AND comment_content = '$comment_content' LIMIT 1";
$dupe .= $wpdb->prepare( "OR comment_author_email = %s ", $comment_author_email );
$dupe .= $wpdb->prepare( ") AND comment_content = %s LIMIT 1", $comment_content );
if ( $wpdb->get_var($dupe) ) {
do_action( 'comment_duplicate_trigger', $commentdata );
if ( defined('DOING_AJAX') )
@ -1262,7 +1261,7 @@ function wp_get_current_commenter() {
*/
function wp_insert_comment($commentdata) {
global $wpdb;
extract(stripslashes_deep($commentdata), EXTR_SKIP);
extract($commentdata, EXTR_SKIP);
if ( ! isset($comment_author_IP) )
$comment_author_IP = '';
@ -1491,9 +1490,6 @@ function wp_update_comment($commentarr) {
// First, get all of the original fields
$comment = get_comment($commentarr['comment_ID'], ARRAY_A);
// Escape data pulled from DB.
$comment = esc_sql($comment);
$old_status = $comment['comment_approved'];
// Merge old and new fields with new fields overwriting old ones.
@ -1502,7 +1498,7 @@ function wp_update_comment($commentarr) {
$commentarr = wp_filter_comment( $commentarr );
// Now extract the merged array.
extract(stripslashes_deep($commentarr), EXTR_SKIP);
extract($commentarr, EXTR_SKIP);
$comment_content = apply_filters('comment_save_pre', $comment_content);

2
wp-includes/cron.php
View File

@ -230,7 +230,7 @@ function spawn_cron( $gmt_time = 0 ) {
set_transient( 'doing_cron', $doing_wp_cron );
ob_start();
wp_redirect( add_query_arg('doing_wp_cron', $doing_wp_cron, stripslashes($_SERVER['REQUEST_URI'])) );
wp_redirect( add_query_arg( 'doing_wp_cron', $doing_wp_cron, wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
echo ' ';
// flush any buffers and send the headers

8
wp-includes/default-filters.php
View File

@ -14,8 +14,8 @@
// Strip, trim, kses, special chars for string saves
foreach ( array( 'pre_term_name', 'pre_comment_author_name', 'pre_link_name', 'pre_link_target', 'pre_link_rel', 'pre_user_display_name', 'pre_user_first_name', 'pre_user_last_name', 'pre_user_nickname' ) as $filter ) {
add_filter( $filter, 'sanitize_text_field' );
add_filter( $filter, 'wp_filter_kses' );
add_filter( $filter, 'sanitize_text_field' );
add_filter( $filter, 'wp_kses_data' );
add_filter( $filter, '_wp_specialchars', 30 );
}
@ -31,7 +31,7 @@ foreach ( array( 'term_name', 'comment_author_name', 'link_name', 'link_target',
// Kses only for textarea saves
foreach ( array( 'pre_term_description', 'pre_link_description', 'pre_link_notes', 'pre_user_description' ) as $filter ) {
add_filter( $filter, 'wp_filter_kses' );
add_filter( $filter, 'wp_kses_data' );
}
// Kses only for textarea admin displays
@ -46,7 +46,7 @@ if ( is_admin() ) {
foreach ( array( 'pre_comment_author_email', 'pre_user_email' ) as $filter ) {
add_filter( $filter, 'trim' );
add_filter( $filter, 'sanitize_email' );
add_filter( $filter, 'wp_filter_kses' );
add_filter( $filter, 'wp_kses_data' );
}
// Email admin display

8
wp-includes/default-widgets.php
View File

@ -412,7 +412,7 @@ class WP_Widget_Text extends WP_Widget {
if ( current_user_can('unfiltered_html') )
$instance['text'] = $new_instance['text'];
else
$instance['text'] = stripslashes( wp_filter_post_kses( addslashes($new_instance['text']) ) ); // wp_filter_post_kses() expects slashed
$instance['text'] = wp_kses_post( $new_instance['text'] );
$instance['filter'] = isset($new_instance['filter']);
return $instance;
}
@ -1056,8 +1056,8 @@ class WP_Widget_Tag_Cloud extends WP_Widget {
}
function update( $new_instance, $old_instance ) {
$instance['title'] = strip_tags(stripslashes($new_instance['title']));
$instance['taxonomy'] = stripslashes($new_instance['taxonomy']);
$instance['title'] = strip_tags( $new_instance['title'] );
$instance['taxonomy'] = $new_instance['taxonomy'];
return $instance;
}
@ -1118,7 +1118,7 @@ class WP_Widget_Tag_Cloud extends WP_Widget {
}
function update( $new_instance, $old_instance ) {
$instance['title'] = strip_tags( stripslashes($new_instance['title']) );
$instance['title'] = strip_tags( $new_instance['title'] );
$instance['nav_menu'] = (int) $new_instance['nav_menu'];
return $instance;
}

2
wp-includes/deprecated.php
View File

@ -2383,7 +2383,7 @@ function update_usermeta( $user_id, $meta_key, $meta_value ) {
/** @todo Might need fix because usermeta data is assumed to be already escaped */
if ( is_string($meta_value) )
$meta_value = stripslashes($meta_value);
$meta_value = $meta_value;
$meta_value = maybe_serialize($meta_value);
if (empty($meta_value)) {

2
wp-includes/feed.php
View File

@ -488,7 +488,7 @@ function prep_atom_text_construct($data) {
*/
function self_link() {
$host = @parse_url(home_url());
echo esc_url( set_url_scheme( 'http://' . $host['host'] . stripslashes($_SERVER['REQUEST_URI']) ) );
echo esc_url( set_url_scheme( 'http://' . $host['host'] . wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
}
/**

53
wp-includes/formatting.php
View File

@ -1716,10 +1716,7 @@ function _split_str_by_whitespace( $string, $goal ) {
* @return string Converted content.
*/
function wp_rel_nofollow( $text ) {
// This is a pre save filter, so text is already escaped.
$text = stripslashes($text);
$text = preg_replace_callback('|<a (.+?)>|i', 'wp_rel_nofollow_callback', $text);
$text = esc_sql($text);
return $text;
}
@ -3342,3 +3339,53 @@ function sanitize_trackback_urls( $to_ping ) {
$urls_to_ping = implode( "\n", $urls_to_ping );
return apply_filters( 'sanitize_trackback_urls', $urls_to_ping, $to_ping );
}
/**
* Conditionally add slashes to a string or array of strings. When GPCS
* slashing is turned on, slashes are added. When GPCS slashing is turned off,
* slashes are not added.
*
* This should be used when preparing data for core API that deal directly with GPCS data.
* Outside of unit tests, this should be rare. At a future date GPCS will no longer
* be slashed and this function will noop. Do not use it in situations where adding slashes
* is always required regardless of whether GPCS is slashed.
*
* @since 3.6.0
*
* @param string|array $value String or array of strings to slash.
* @return string|array Slashed $value
*/
function wp_slash( $value ) {
if ( is_array( $value ) ) {
foreach ( $value as $k => $v ) {
if ( is_array( $v ) ) {
$value[$k] = wp_slash( $v );
} else {
$value[$k] = addslashes( $v );
}
}
} else {
$value = addslashes( $value );
}
return $value;
}
/**
* Conditionally removes slashes from a string or array of strings. When GPCS
* slashing is turned on, slashes are stripped. When GPCS slashing is turned off,
* slashes are not stripped.
*
* This should be used for GPCS data before passing it along to core API. At a future
* date GPCS will no longer be slashed and this function will noop. Do not use it
* in situations where slash stripping is always required regardless of whether GPCS
* is slashed.
*
* @since 3.6.0
*
* @param string|array $value String or array of strings to unslash.
* @return string|array Unslashed $value
*/
function wp_unslash( $value ) {
return stripslashes_deep( $value );
}

16
wp-includes/functions.php
View File

@ -468,7 +468,7 @@ function do_enclose( $content, $post_ID ) {
}
if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) {
add_post_meta( $post_ID, 'enclosure', "$url\n$len\n$mime\n" );
wp_add_post_meta( $post_ID, 'enclosure', "$url\n$len\n$mime\n" );
}
}
}
@ -1256,9 +1256,9 @@ function wp_referer_field( $echo = true ) {
* @return string Original referer field.
*/
function wp_original_referer_field( $echo = true, $jump_back_to = 'current' ) {
$jump_back_to = ( 'previous' == $jump_back_to ) ? wp_get_referer() : $_SERVER['REQUEST_URI'];
$jump_back_to = ( 'previous' == $jump_back_to ) ? wp_get_referer() : wp_unslash( $_SERVER['REQUEST_URI'] );
$ref = ( wp_get_original_referer() ) ? wp_get_original_referer() : $jump_back_to;
$orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . esc_attr( stripslashes( $ref ) ) . '" />';
$orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . esc_attr( $ref ) . '" />';
if ( $echo )
echo $orig_referer_field;
return $orig_referer_field;
@ -1277,11 +1277,11 @@ function wp_original_referer_field( $echo = true, $jump_back_to = 'current' ) {
function wp_get_referer() {
$ref = false;
if ( ! empty( $_REQUEST['_wp_http_referer'] ) )
$ref = $_REQUEST['_wp_http_referer'];
$ref = wp_unslash( $_REQUEST['_wp_http_referer'] );
else if ( ! empty( $_SERVER['HTTP_REFERER'] ) )
$ref = $_SERVER['HTTP_REFERER'];
$ref = wp_unslash( $_SERVER['HTTP_REFERER'] );
if ( $ref && $ref !== $_SERVER['REQUEST_URI'] )
if ( $ref && $ref !== wp_unslash( $_SERVER['REQUEST_URI'] ) )
return $ref;
return false;
}
@ -1297,7 +1297,7 @@ function wp_get_referer() {
*/
function wp_get_original_referer() {
if ( !empty( $_REQUEST['_wp_original_http_referer'] ) )
return $_REQUEST['_wp_original_http_referer'];
return wp_unslash( $_REQUEST['_wp_original_http_referer'] );
return false;
}
@ -3879,4 +3879,4 @@ function wp_is_stream( $path ) {
*/
function wp_checkdate( $month, $day, $year, $source_date ) {
return apply_filters( 'wp_checkdate', checkdate( $month, $day, $year ), $source_date );
}
}

24
wp-includes/kses.php
View File

@ -1326,18 +1326,18 @@ function wp_filter_nohtml_kses( $data ) {
*/
function kses_init_filters() {
// Normal filtering
add_filter('title_save_pre', 'wp_filter_kses');
add_filter('title_save_pre', 'wp_kses_data');
// Comment filtering
if ( current_user_can( 'unfiltered_html' ) )
add_filter( 'pre_comment_content', 'wp_filter_post_kses' );
add_filter( 'pre_comment_content', 'wp_kses_post' );
else
add_filter( 'pre_comment_content', 'wp_filter_kses' );
add_filter( 'pre_comment_content', 'wp_kses_data' );
// Post filtering
add_filter('content_save_pre', 'wp_filter_post_kses');
add_filter('excerpt_save_pre', 'wp_filter_post_kses');
add_filter('content_filtered_save_pre', 'wp_filter_post_kses');
add_filter('content_save_pre', 'wp_kses_post');
add_filter('excerpt_save_pre', 'wp_kses_post');
add_filter('content_filtered_save_pre', 'wp_kses_post');
}
/**
@ -1354,16 +1354,16 @@ function kses_init_filters() {
*/
function kses_remove_filters() {
// Normal filtering
remove_filter('title_save_pre', 'wp_filter_kses');
remove_filter('title_save_pre', 'wp_kses_data');
// Comment filtering
remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
remove_filter( 'pre_comment_content', 'wp_filter_kses' );
remove_filter( 'pre_comment_content', 'wp_kses_post' );
remove_filter( 'pre_comment_content', 'wp_kses_data' );
// Post filtering
remove_filter('content_save_pre', 'wp_filter_post_kses');
remove_filter('excerpt_save_pre', 'wp_filter_post_kses');
remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
remove_filter('content_save_pre', 'wp_kses_post');
remove_filter('excerpt_save_pre', 'wp_kses_post');
remove_filter('content_filtered_save_pre', 'wp_kses_post');
}
/**

2
wp-includes/link-template.php
View File

@ -746,7 +746,7 @@ function get_search_link( $query = '' ) {
if ( empty($query) )
$search = get_search_query( false );
else
$search = stripslashes($query);
$search = $query;
$permastruct = $wp_rewrite->get_search_permastruct();

9
wp-includes/meta.php
View File

@ -42,9 +42,6 @@ function add_metadata($meta_type, $object_id, $meta_key, $meta_value, $unique =
$column = esc_sql($meta_type . '_id');
// expected_slashed ($meta_key)
$meta_key = stripslashes($meta_key);
$meta_value = stripslashes_deep($meta_value);
$meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
$check = apply_filters( "add_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $unique );
@ -113,10 +110,7 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v
$column = esc_sql($meta_type . '_id');
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
// expected_slashed ($meta_key)
$meta_key = stripslashes($meta_key);
$passed_value = $meta_value;
$meta_value = stripslashes_deep($meta_value);
$meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
$check = apply_filters( "update_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $prev_value );
@ -195,9 +189,6 @@ function delete_metadata($meta_type, $object_id, $meta_key, $meta_value = '', $d
$type_column = esc_sql($meta_type . '_id');
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
// expected_slashed ($meta_key)
$meta_key = stripslashes($meta_key);
$meta_value = stripslashes_deep($meta_value);
$check = apply_filters( "delete_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $delete_all );
if ( null !== $check )

2
wp-includes/ms-files.php
View File

@ -58,7 +58,7 @@ header( 'ETag: ' . $etag );
header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + 100000000 ) . ' GMT' );
// Support for Conditional GET
$client_etag = isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ? stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) : false;
$client_etag = isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ? wp_unslash( $_SERVER['HTTP_IF_NONE_MATCH'] ) : false;
if( ! isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) )
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = false;

28
wp-includes/ms-functions.php
View File

@ -279,9 +279,6 @@ function remove_user_from_blog($user_id, $blog_id = '', $reassign = '') {
* @return int The ID of the newly created blog
*/
function create_empty_blog( $domain, $path, $weblog_title, $site_id = 1 ) {
$domain = addslashes( $domain );
$weblog_title = addslashes( $weblog_title );
if ( empty($path) )
$path = '/';
@ -582,7 +579,7 @@ function wpmu_validate_blog_signup($blogname, $blog_title, $user = '') {
$blogname = apply_filters( 'newblogname', $blogname );
$blog_title = stripslashes( $blog_title );
$blog_title = $blog_title;
if ( empty( $blog_title ) )
$errors->add('blog_title', __( 'Please enter a site title.' ) );
@ -635,10 +632,7 @@ function wpmu_signup_blog($domain, $path, $title, $user, $user_email, $meta = ''
global $wpdb;
$key = substr( md5( time() . rand() . $domain ), 0, 16 );
$meta = serialize($meta);
$domain = $wpdb->escape($domain);
$path = $wpdb->escape($path);
$title = $wpdb->escape($title);
$meta = serialize( $meta );
$wpdb->insert( $wpdb->signups, array(
'domain' => $domain,
@ -651,7 +645,7 @@ function wpmu_signup_blog($domain, $path, $title, $user, $user_email, $meta = ''
'meta' => $meta
) );
wpmu_signup_blog_notification($domain, $path, $title, $user, $user_email, $key, $meta);
wpmu_signup_blog_notification( $domain, $path, $title, $user, $user_email, $key, $meta );
}
/**
@ -841,8 +835,8 @@ function wpmu_activate_signup($key) {
}
$meta = maybe_unserialize($signup->meta);
$user_login = $wpdb->escape($signup->user_login);
$user_email = $wpdb->escape($signup->user_email);
$user_login = $signup->user_login;
$user_email = $signup->user_email;
$password = wp_generate_password( 12, false );
$user_id = username_exists($user_login);
@ -1159,7 +1153,7 @@ function install_blog($blog_id, $blog_title = '') {
else
update_option( 'upload_path', get_blog_option( $current_site->blog_id, 'upload_path' ) );
update_option( 'blogname', stripslashes( $blog_title ) );
update_option( 'blogname', $blog_title );
update_option( 'admin_email', '' );
// remove all perms
@ -1216,9 +1210,9 @@ function wpmu_welcome_notification($blog_id, $user_id, $password, $title, $meta
if ( !apply_filters('wpmu_welcome_notification', $blog_id, $user_id, $password, $title, $meta) )
return false;
$welcome_email = stripslashes( get_site_option( 'welcome_email' ) );
$welcome_email = get_site_option( 'welcome_email' );
if ( $welcome_email == false )
$welcome_email = stripslashes( __( 'Dear User,
$welcome_email = __( 'Dear User,
Your new SITE_NAME site has been successfully set up at:
BLOG_URL
@ -1230,7 +1224,7 @@ Log in here: BLOG_URLwp-login.php
We hope you enjoy your new site. Thanks!
--The Team @ SITE_NAME' ) );
--The Team @ SITE_NAME' );
$url = get_blogaddress_by_id($blog_id);
$user = get_userdata( $user_id );
@ -1254,7 +1248,7 @@ We hope you enjoy your new site. Thanks!
if ( empty( $current_site->site_name ) )
$current_site->site_name = 'WordPress';
$subject = apply_filters( 'update_welcome_subject', sprintf(__('New %1$s Site: %2$s'), $current_site->site_name, stripslashes( $title ) ) );
$subject = apply_filters( 'update_welcome_subject', sprintf(__('New %1$s Site: %2$s'), $current_site->site_name, $title ) );
wp_mail($user->user_email, $subject, $message, $message_headers);
return true;
}
@ -1509,7 +1503,7 @@ function update_posts_count( $deprecated = '' ) {
function wpmu_log_new_registrations( $blog_id, $user_id ) {
global $wpdb;
$user = get_userdata( (int) $user_id );
$wpdb->insert( $wpdb->registration_log, array('email' => $user->user_email, 'IP' => preg_replace( '/[^0-9., ]/', '',$_SERVER['REMOTE_ADDR'] ), 'blog_id' => $blog_id, 'date_registered' => current_time('mysql')) );
$wpdb->insert( $wpdb->registration_log, array('email' => $user->user_email, 'IP' => preg_replace( '/[^0-9., ]/', '', wp_unslash( $_SERVER['REMOTE_ADDR'] ) ), 'blog_id' => $blog_id, 'date_registered' => current_time('mysql')) );
}
/**

18
wp-includes/nav-menu.php
View File

@ -369,20 +369,20 @@ function wp_update_nav_menu_item( $menu_id = 0, $menu_item_db_id = 0, $menu_item
$menu_item_db_id = (int) $menu_item_db_id;
update_post_meta( $menu_item_db_id, '_menu_item_type', sanitize_key($args['menu-item-type']) );
update_post_meta( $menu_item_db_id, '_menu_item_menu_item_parent', strval( (int) $args['menu-item-parent-id'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_object_id', strval( (int) $args['menu-item-object-id'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_object', sanitize_key($args['menu-item-object']) );
update_post_meta( $menu_item_db_id, '_menu_item_target', sanitize_key($args['menu-item-target']) );
wp_update_post_meta( $menu_item_db_id, '_menu_item_type', sanitize_key($args['menu-item-type']) );
wp_update_post_meta( $menu_item_db_id, '_menu_item_menu_item_parent', strval( (int) $args['menu-item-parent-id'] ) );
wp_update_post_meta( $menu_item_db_id, '_menu_item_object_id', strval( (int) $args['menu-item-object-id'] ) );
wp_update_post_meta( $menu_item_db_id, '_menu_item_object', sanitize_key($args['menu-item-object']) );
wp_update_post_meta( $menu_item_db_id, '_menu_item_target', sanitize_key($args['menu-item-target']) );
$args['menu-item-classes'] = array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-classes'] ) );
$args['menu-item-xfn'] = implode( ' ', array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-xfn'] ) ) );
update_post_meta( $menu_item_db_id, '_menu_item_classes', $args['menu-item-classes'] );
update_post_meta( $menu_item_db_id, '_menu_item_xfn', $args['menu-item-xfn'] );
update_post_meta( $menu_item_db_id, '_menu_item_url', esc_url_raw($args['menu-item-url']) );
wp_update_post_meta( $menu_item_db_id, '_menu_item_classes', $args['menu-item-classes'] );
wp_update_post_meta( $menu_item_db_id, '_menu_item_xfn', $args['menu-item-xfn'] );
wp_update_post_meta( $menu_item_db_id, '_menu_item_url', esc_url_raw($args['menu-item-url']) );
if ( 0 == $menu_id )
update_post_meta( $menu_item_db_id, '_menu_item_orphaned', (string) time() );
wp_update_post_meta( $menu_item_db_id, '_menu_item_orphaned', (string) time() );
elseif ( get_post_meta( $menu_item_db_id, '_menu_item_orphaned' ) )
delete_post_meta( $menu_item_db_id, '_menu_item_orphaned' );

6
wp-includes/pluggable.php
View File

@ -782,7 +782,7 @@ function auth_redirect() {
// The cookie is no good so force login
nocache_headers();
$redirect = ( strpos( $_SERVER['REQUEST_URI'], '/options.php' ) && wp_get_referer() ) ? wp_get_referer() : set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
$redirect = ( strpos( $_SERVER['REQUEST_URI'], '/options.php' ) && wp_get_referer() ) ? wp_get_referer() : set_url_scheme( 'http://' . wp_unslash( $_SERVER['HTTP_HOST'] ) . wp_unslash( $_SERVER['REQUEST_URI'] ) );
$login_url = wp_login_url($redirect, true);
@ -1197,8 +1197,8 @@ if ( !function_exists('wp_new_user_notification') ) :
function wp_new_user_notification($user_id, $plaintext_pass = '') {
$user = get_userdata( $user_id );
$user_login = stripslashes($user->user_login);
$user_email = stripslashes($user->user_email);
$user_login = $user->user_login;
$user_email = $user->user_email;
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.

2
wp-includes/post-template.php
View File

@ -583,7 +583,7 @@ function post_password_required( $post = null ) {
$wp_hasher = new PasswordHash(8, true);
}
$hash = stripslashes( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] );
$hash = wp_unslash( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] );
return ! $wp_hasher->CheckPassword( $post->post_password, $hash );
}

109
wp-includes/post.php
View File

@ -1742,17 +1742,41 @@ function get_posts($args = null) {
* @link http://codex.wordpress.org/Function_Reference/add_post_meta
*
* @param int $post_id Post ID.
* @param string $meta_key Metadata name.
* @param mixed $meta_value Metadata value.
* @param string $meta_key Metadata name (expected slashed).
* @param mixed $meta_value Metadata value (expected slashed).
* @param bool $unique Optional, default is false. Whether the same key should not be added.
* @return bool False for failure. True for success.
*/
function add_post_meta($post_id, $meta_key, $meta_value, $unique = false) {
function add_post_meta( $post_id, $meta_key, $meta_value, $unique = false ) {
//_deprecated_function( __FUNCTION__, '3.6', 'wp_add_post_meta() (expects unslashed data)' );
// expected slashed
$meta_key = stripslashes( $meta_key );
$meta_value = stripslashes_deep( $meta_value );
return wp_add_post_meta( $post_id, $meta_key, $meta_value, $unique );
}
/**
* Add meta data field to a post.
*
* Post meta data is called "Custom Fields" on the Administration Screen.
*
* @since 3.6.0
* @link http://codex.wordpress.org/Function_Reference/wp_add_post_meta
*
* @param int $post_id Post ID.
* @param string $meta_key Metadata name (clean, slashes already stripped).
* @param mixed $meta_value Metadata value (clean, slashes already stripped).
* @param bool $unique Optional, default is false. Whether the same key should not be added.
* @return bool False for failure. True for success.
*/
function wp_add_post_meta( $post_id, $meta_key, $meta_value, $unique = false ) {
// make sure meta is added to the post, not a revision
if ( $the_post = wp_is_post_revision($post_id) )
if ( $the_post = wp_is_post_revision( $post_id ) )
$post_id = $the_post;
return add_metadata('post', $post_id, $meta_key, $meta_value, $unique);
return add_metadata( 'post', $post_id, $meta_key, $meta_value, $unique );
}
/**
@ -1809,17 +1833,45 @@ function get_post_meta($post_id, $key = '', $single = false) {
* @link http://codex.wordpress.org/Function_Reference/update_post_meta
*
* @param int $post_id Post ID.
* @param string $meta_key Metadata key.
* @param mixed $meta_value Metadata value.
* @param string $meta_key Metadata key (expected slashed).
* @param mixed $meta_value Metadata value (expected slashed).
* @param mixed $prev_value Optional. Previous value to check before removing.
* @return bool False on failure, true if success.
*/
function update_post_meta($post_id, $meta_key, $meta_value, $prev_value = '') {
function update_post_meta( $post_id, $meta_key, $meta_value, $prev_value = '' ) {
//_deprecated_function( __FUNCTION__, '3.6', 'wp_update_post_meta() (expects unslashed data)' );
// expected slashed
$meta_key = stripslashes( $meta_key );
$meta_value = stripslashes_deep( $meta_value );
return wp_update_post_meta( $post_id, $meta_key, $meta_value, $prev_value );
}
/**
* Update post meta field based on post ID.
*
* Use the $prev_value parameter to differentiate between meta fields with the
* same key and post ID.
*
* If the meta field for the post does not exist, it will be added.
*
* @since 3.6.0
* @uses $wpdb
* @link http://codex.wordpress.org/Function_Reference/wp_update_post_meta
*
* @param int $post_id Post ID.
* @param string $meta_key Metadata key (clean, slashes already stripped).
* @param mixed $meta_value Metadata value (clean, slashes already stripped).
* @param mixed $prev_value Optional. Previous value to check before removing.
* @return bool False on failure, true if success.
*/
function wp_update_post_meta( $post_id, $meta_key, $meta_value, $prev_value = '' ) {
// make sure meta is added to the post, not a revision
if ( $the_post = wp_is_post_revision($post_id) )
if ( $the_post = wp_is_post_revision( $post_id ) )
$post_id = $the_post;
return update_metadata('post', $post_id, $meta_key, $meta_value, $prev_value);
return update_metadata( 'post', $post_id, $meta_key, $meta_value, $prev_value );
}
/**
@ -2406,8 +2458,8 @@ function wp_trash_post($post_id = 0) {
do_action('wp_trash_post', $post_id);
add_post_meta($post_id,'_wp_trash_meta_status', $post['post_status']);
add_post_meta($post_id,'_wp_trash_meta_time', time());
wp_add_post_meta($post_id,'_wp_trash_meta_status', $post['post_status']);
wp_add_post_meta($post_id,'_wp_trash_meta_time', time());
$post['post_status'] = 'trash';
wp_insert_post($post);
@ -2483,7 +2535,7 @@ function wp_trash_post_comments($post = null) {
$statuses = array();
foreach ( $comments as $comment )
$statuses[$comment->comment_ID] = $comment->comment_approved;
add_post_meta($post_id, '_wp_trash_meta_comments_status', $statuses);
wp_add_post_meta($post_id, '_wp_trash_meta_comments_status', $statuses);
// Set status for all comments to post-trashed
$result = $wpdb->update($wpdb->comments, array('comment_approved' => 'post-trashed'), array('comment_post_ID' => $post_id));
@ -2859,10 +2911,8 @@ function wp_insert_post($postarr, $wp_error = false) {
$post_name = wp_unique_post_slug($post_name, $post_ID, $post_status, $post_type, $post_parent);
// expected_slashed (everything!)
$data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'guid' ) );
$data = apply_filters('wp_insert_post_data', $data, $postarr);
$data = stripslashes_deep( $data );
$where = array( 'ID' => $post_ID );
if ( $update ) {
@ -2875,7 +2925,7 @@ function wp_insert_post($postarr, $wp_error = false) {
}
} else {
if ( isset($post_mime_type) )
$data['post_mime_type'] = stripslashes( $post_mime_type ); // This isn't in the update
$data['post_mime_type'] = $post_mime_type; // This isn't in the update
// If there is a suggested ID, use it if not already present
if ( !empty($import_id) ) {
$import_id = (int) $import_id;
@ -2936,7 +2986,7 @@ function wp_insert_post($postarr, $wp_error = false) {
else
return 0;
}
update_post_meta($post_ID, '_wp_page_template', $page_template);
wp_update_post_meta($post_ID, '_wp_page_template', $page_template);
}
wp_transition_post_status($data['post_status'], $previous_status, $post);
@ -2969,15 +3019,11 @@ function wp_update_post( $postarr = array(), $wp_error = false ) {
if ( is_object($postarr) ) {
// non-escaped post was passed
$postarr = get_object_vars($postarr);
$postarr = add_magic_quotes($postarr);
}
// First, get all of the original fields
$post = get_post($postarr['ID'], ARRAY_A);
// Escape data pulled from DB.
$post = add_magic_quotes($post);
// Passed post category list overwrites existing category list if not empty.
if ( isset($postarr['post_category']) && is_array($postarr['post_category'])
&& 0 != count($postarr['post_category']) )
@ -3392,7 +3438,7 @@ function trackback_url_list($tb_list, $post_id) {
$trackback_urls = explode(',', $tb_list);
foreach( (array) $trackback_urls as $tb_url) {
$tb_url = trim($tb_url);
trackback($tb_url, stripslashes($post_title), $excerpt, $post_id);
trackback($tb_url, $post_title, $excerpt, $post_id);
}
}
}
@ -3735,9 +3781,6 @@ function get_pages($args = '') {
if ( ! empty( $meta_key ) || ! empty( $meta_value ) ) {
$join = " LEFT JOIN $wpdb->postmeta ON ( $wpdb->posts.ID = $wpdb->postmeta.post_id )";
// meta_key and meta_value might be slashed
$meta_key = stripslashes($meta_key);
$meta_value = stripslashes($meta_value);
if ( ! empty( $meta_key ) )
$where .= $wpdb->prepare(" AND $wpdb->postmeta.meta_key = %s", $meta_key);
if ( ! empty( $meta_value ) )
@ -3962,7 +4005,6 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
else
$post_name = sanitize_title($post_name);
// expected_slashed ($post_name)
$post_name = wp_unique_post_slug($post_name, $post_ID, $post_status, $post_type, $post_parent);
if ( empty($post_date) )
@ -4005,9 +4047,7 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
if ( ! isset($pinged) )
$pinged = '';
// expected_slashed (everything!)
$data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'post_mime_type', 'guid' ) );
$data = stripslashes_deep( $data );
if ( $update ) {
$wpdb->update( $wpdb->posts, $data, array( 'ID' => $post_ID ) );
@ -4052,7 +4092,7 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
clean_post_cache( $post_ID );
if ( ! empty( $context ) )
add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
wp_add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
if ( $update) {
do_action('edit_attachment', $post_ID);
@ -4439,7 +4479,7 @@ function wp_check_for_changed_slugs($post_id, $post, $post_before) {
// if we haven't added this old slug before, add it now
if ( !empty( $post_before->post_name ) && !in_array($post_before->post_name, $old_slugs) )
add_post_meta($post_id, '_wp_old_slug', $post_before->post_name);
wp_add_post_meta($post_id, '_wp_old_slug', $post_before->post_name);
// if the new slug was used previously, delete it from the list
if ( in_array($post->post_name, $old_slugs) )
@ -4856,8 +4896,8 @@ function _publish_post_hook($post_id) {
return;
if ( get_option('default_pingback_flag') )
add_post_meta( $post_id, '_pingme', '1' );
add_post_meta( $post_id, '_encloseme', '1' );
wp_add_post_meta( $post_id, '_pingme', '1' );
wp_add_post_meta( $post_id, '_encloseme', '1' );
wp_schedule_single_event(time(), 'do_pings');
}
@ -5097,7 +5137,6 @@ function _wp_put_post_revision( $post = null, $autosave = false ) {
return new WP_Error( 'post_type', __( 'Cannot create a revision of a revision' ) );
$post = _wp_post_revision_fields( $post, $autosave );
$post = add_magic_quotes($post); //since data is from db
$revision_id = wp_insert_post( $post );
if ( is_wp_error($revision_id) )
@ -5176,8 +5215,6 @@ function wp_restore_post_revision( $revision_id, $fields = null ) {
$update['ID'] = $revision['post_parent'];
$update = add_magic_quotes( $update ); //since data is from db
$post_id = wp_update_post( $update );
if ( is_wp_error( $post_id ) )
return $post_id;
@ -5399,7 +5436,7 @@ function set_post_thumbnail( $post, $thumbnail_id ) {
$thumbnail_id = absint( $thumbnail_id );
if ( $post && $thumbnail_id && get_post( $thumbnail_id ) ) {
if ( $thumbnail_html = wp_get_attachment_image( $thumbnail_id, 'thumbnail' ) )
return update_post_meta( $post->ID, '_thumbnail_id', $thumbnail_id );
return wp_update_post_meta( $post->ID, '_thumbnail_id', $thumbnail_id );
else
return delete_post_meta( $post->ID, '_thumbnail_id' );
}

5
wp-includes/query.php
View File

@ -1733,7 +1733,6 @@ class WP_Query {
// Category stuff
if ( !empty($q['cat']) && '0' != $q['cat'] && !$this->is_singular && $this->query_vars_changed ) {
$q['cat'] = ''.urldecode($q['cat']).'';
$q['cat'] = addslashes_gpc($q['cat']);
$cat_array = preg_split('/[,\s]+/', $q['cat']);
$q['cat'] = '';
$req_cats = array();
@ -2180,8 +2179,6 @@ class WP_Query {
// If a search pattern is specified, load the posts that match
if ( !empty($q['s']) ) {
// added slashes screw with quote grouping when done early, so done later
$q['s'] = stripslashes($q['s']);
if ( empty( $_GET['s'] ) && $this->is_main_query() )
$q['s'] = urldecode($q['s']);
if ( !empty($q['sentence']) ) {
@ -2290,7 +2287,6 @@ class WP_Query {
$whichauthor = '';
} else {
$q['author'] = (string)urldecode($q['author']);
$q['author'] = addslashes_gpc($q['author']);
if ( strpos($q['author'], '-') !== false ) {
$eq = '!=';
$andor = 'AND';
@ -2352,7 +2348,6 @@ class WP_Query {
$allowed_keys[] = 'meta_value_num';
}
$q['orderby'] = urldecode($q['orderby']);
$q['orderby'] = addslashes_gpc($q['orderby']);
$orderby_array = array();
foreach ( explode( ' ', $q['orderby'] ) as $i => $orderby ) {

15
wp-includes/taxonomy.php
View File

@ -953,8 +953,6 @@ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw
if ( empty($value) )
return false;
} else if ( 'name' == $field ) {
// Assume already escaped
$value = stripslashes($value);
$field = 't.name';
} else {
$term = get_term( (int) $value, $taxonomy, $output, $filter);
@ -1494,7 +1492,7 @@ function term_exists($term, $taxonomy = '', $parent = 0) {
return $wpdb->get_var( $wpdb->prepare( $select . $where, $term ) );
}
$term = trim( stripslashes( $term ) );
$term = trim( $term );
if ( '' === $slug = sanitize_title($term) )
return 0;
@ -2056,10 +2054,6 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) {
$args = sanitize_term($args, $taxonomy, 'db');
extract($args, EXTR_SKIP);
// expected_slashed ($name)
$name = stripslashes($name);
$description = stripslashes($description);
if ( empty($slug) )
$slug = sanitize_title($name);
@ -2439,9 +2433,6 @@ function wp_update_term( $term_id, $taxonomy, $args = array() ) {
if ( is_wp_error( $term ) )
return $term;
// Escape data pulled from DB.
$term = add_magic_quotes($term);
// Merge old and new args with new args overwriting old ones.
$args = array_merge($term, $args);
@ -2450,10 +2441,6 @@ function wp_update_term( $term_id, $taxonomy, $args = array() ) {
$args = sanitize_term($args, $taxonomy, 'db');
extract($args, EXTR_SKIP);
// expected_slashed ($name)
$name = stripslashes($name);
$description = stripslashes($description);
if ( '' == trim($name) )
return new WP_Error('empty_term_name', __('A name is required for this term'));

8
wp-includes/user.php
View File

@ -1390,7 +1390,6 @@ function wp_insert_user( $userdata ) {
}
$data = compact( 'user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name', 'user_registered' );
$data = stripslashes_deep( $data );
if ( $update ) {
$wpdb->update( $wpdb->users, $data, compact( 'ID' ) );
@ -1462,9 +1461,6 @@ function wp_update_user($userdata) {
$user[ $key ] = get_user_meta( $ID, $key, true );
}
// Escape data pulled from DB.
$user = add_magic_quotes( $user );
// If password is changing, hash it now.
if ( ! empty($userdata['user_pass']) ) {
$plaintext_pass = $userdata['user_pass'];
@ -1504,8 +1500,8 @@ function wp_update_user($userdata) {
* @return int The new user's ID.
*/
function wp_create_user($username, $password, $email = '') {
$user_login = esc_sql( $username );
$user_email = esc_sql( $email );
$user_login = $username;
$user_email = $email;
$user_pass = $password;
$userdata = compact('user_login', 'user_email', 'user_pass');

2
wp-includes/widgets.php
View File

@ -224,7 +224,7 @@ class WP_Widget {
}
foreach ( $settings as $number => $new_instance ) {
$new_instance = stripslashes_deep($new_instance);
$new_instance = wp_unslash($new_instance);
$this->_set($number);
$old_instance = isset($all_instances[$number]) ? $all_instances[$number] : array();

14
wp-login.php
View File

@ -396,7 +396,7 @@ case 'postpass' :
}
// 10 days
setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 10 * DAY_IN_SECONDS, COOKIEPATH );
setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), time() + 10 * DAY_IN_SECONDS, COOKIEPATH );
wp_safe_redirect( wp_get_referer() );
exit();
@ -431,7 +431,7 @@ case 'retrievepassword' :
do_action('lost_password');
login_header(__('Lost Password'), '<p class="message">' . __('Please enter your username or email address. You will receive a link to create a new password via email.') . '</p>', $errors);
$user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
$user_login = isset($_POST['user_login']) ? wp_unslash($_POST['user_login']) : '';
?>
@ -530,8 +530,8 @@ case 'register' :
$user_login = '';
$user_email = '';
if ( $http_post ) {
$user_login = $_POST['user_login'];
$user_email = $_POST['user_email'];
$user_login = wp_unslash( $_POST['user_login'] );
$user_email = wp_unslash( $_POST['user_email'] );
$errors = register_new_user($user_login, $user_email);
if ( !is_wp_error($errors) ) {
$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'wp-login.php?checkemail=registered';
@ -547,11 +547,11 @@ case 'register' :
<form name="registerform" id="registerform" action="<?php echo esc_url( site_url('wp-login.php?action=register', 'login_post') ); ?>" method="post">
<p>
<label for="user_login"><?php _e('Username') ?><br />
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(stripslashes($user_login)); ?>" size="20" /></label>
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" /></label>
</p>
<p>
<label for="user_email"><?php _e('E-mail') ?><br />
<input type="text" name="user_email" id="user_email" class="input" value="<?php echo esc_attr(stripslashes($user_email)); ?>" size="25" /></label>
<input type="text" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( $user_email ); ?>" size="25" /></label>
</p>
<?php do_action('register_form'); ?>
<p id="reg_passmail"><?php _e('A password will be e-mailed to you.') ?></p>
@ -673,7 +673,7 @@ default:
login_header(__('Log In'), '', $errors);
if ( isset($_POST['log']) )
$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr(stripslashes($_POST['log'])) : '';
$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : '';
$rememberme = ! empty( $_POST['rememberme'] );
?>

1
wp-mail.php
View File

@ -202,7 +202,6 @@ for ( $i = 1; $i <= $count; $i++ ) {
$post_category = array(get_option('default_email_category'));
$post_data = compact('post_content','post_title','post_date','post_date_gmt','post_author','post_category', 'post_status');
$post_data = add_magic_quotes($post_data);
$post_ID = wp_insert_post($post_data);
if ( is_wp_error( $post_ID ) )

11
wp-trackback.php
View File

@ -45,9 +45,9 @@ $tb_url = isset($_POST['url']) ? $_POST['url'] : '';
$charset = isset($_POST['charset']) ? $_POST['charset'] : '';
// These three are stripslashed here so that they can be properly escaped after mb_convert_encoding()
$title = isset($_POST['title']) ? stripslashes($_POST['title']) : '';
$excerpt = isset($_POST['excerpt']) ? stripslashes($_POST['excerpt']) : '';
$blog_name = isset($_POST['blog_name']) ? stripslashes($_POST['blog_name']) : '';
$title = isset($_POST['title']) ? wp_unslash( $_POST['title'] ) : '';
$excerpt = isset($_POST['excerpt']) ? wp_unslash( $_POST['excerpt'] ) : '';
$blog_name = isset($_POST['blog_name']) ? wp_unslash( $_POST['blog_name'] ) : '';
if ($charset)
$charset = str_replace( array(',', ' '), '', strtoupper( trim($charset) ) );
@ -64,11 +64,6 @@ if ( function_exists('mb_convert_encoding') ) { // For international trackbacks
$blog_name = mb_convert_encoding($blog_name, get_option('blog_charset'), $charset);
}
// Now that mb_convert_encoding() has been given a swing, we need to escape these three
$title = $wpdb->escape($title);
$excerpt = $wpdb->escape($excerpt);
$blog_name = $wpdb->escape($blog_name);
if ( is_single() || is_page() )
$tb_id = $posts[0]->ID;