Changeset 1751
- Timestamp:
- 10/05/04 16:22:31 (4 years ago)
- Files:
-
- trunk/wp-admin/options.php (modified) (1 diff)
- trunk/wp-admin/post.php (modified) (1 diff)
- trunk/wp-comments-post.php (modified) (2 diffs)
- trunk/wp-login.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/wp-admin/options.php
r1748 r1751 87 87 $referred = str_replace('?updated=true' , '', $_SERVER['HTTP_REFERER']); 88 88 $goback = str_replace('?updated=true', '', $_SERVER['HTTP_REFERER']) . '?updated=true'; 89 $goback = preg_replace('|[^a-z ?=&/~.:_-]|i', '', $goback);89 $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback); 90 90 header('Location: ' . $goback); 91 91 break; trunk/wp-admin/post.php
r1748 r1751 459 459 $sendback = $_SERVER['HTTP_REFERER']; 460 460 if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php'; 461 $sendback = preg_replace('|[^a-z ?=&/~.:_-]|i', '', $sendback);461 $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); 462 462 header ('Location: ' . $sendback); 463 463 do_action('delete_post', $post_id); trunk/wp-comments-post.php
r1748 r1751 90 90 } 91 91 92 setcookie('comment_author_' . $cookiehash, stripslashes($author), time() + 30000000, COOKIEPATH);93 setcookie('comment_author_email_' . $cookiehash, stripslashes($email), time() + 30000000, COOKIEPATH);94 setcookie('comment_author_url_' . $cookiehash, stripslashes($url), time() + 30000000, COOKIEPATH);92 setcookie('comment_author_' . COOKIEHASH, stripslashes($author), time() + 30000000, COOKIEPATH); 93 setcookie('comment_author_email_' . COOKIEHASH, stripslashes($email), time() + 30000000, COOKIEPATH); 94 setcookie('comment_author_url_' . COOKIEHASH, stripslashes($url), time() + 30000000, COOKIEPATH); 95 95 96 96 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); … … 98 98 header('Cache-Control: no-cache, must-revalidate'); 99 99 header('Pragma: no-cache'); 100 $location = (empty($_POST['redirect_to'])) ? $_SERVER["HTTP_REFERER"] : $_POST['redirect_to']; 101 $location = preg_replace('|[^a-z?=&/~.:_-]|i', '', $location);100 101 $location = get_permalink($comment_ID); 102 102 103 103 if ($is_IIS) { trunk/wp-login.php
r1748 r1751 140 140 $log = $_POST['log']; 141 141 $pwd = $_POST['pwd']; 142 $redirect_to = preg_replace('|[^a-z ?=&/~.:_-]|i', '', $_POST['redirect_to']);142 $redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_POST['redirect_to']); 143 143 } 144 144
