Changeset 3627 for branches/1.5/wp-admin

Timestamp:

03/07/06 01:47:45 (3 years ago)

Author:

ryan

Message:

Security back ports from masquerade and MarkJaquith?.

Files:

• branches/1.5/wp-admin/admin.php (modified) (1 diff)
• branches/1.5/wp-admin/post.php (modified) (6 diffs)
• branches/1.5/wp-admin/profile.php (modified) (1 diff)
• branches/1.5/wp-admin/user-edit.php (modified) (1 diff)

branches/1.5/wp-admin/admin.php

@@ -56 +56 @@
-        
-        if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page"))
-$plugin_page
+htmlentities($plugin_page)
-
-        if (! isset($_GET['noheader']))

branches/1.5/wp-admin/post.php

@@ -30 +30 @@
-switch($action) {
-case 'post':
-
+
-    if ( !user_can_create_draft($user_ID) )
-        die( __('You are not allowed to create posts or drafts on this blog.') );
@@ -269 +269 @@
-
-case 'editpost':
+    check_admin_referer();
-    // die(var_dump('<pre>', $_POST));
-    if (!isset($blog_ID)) {
@@ -496 +497 @@
-
-case 'confirmdeletecomment':
-
+
-    require_once('./admin-header.php');
-
@@ -591 +592 @@
-
-case 'mailapprovecomment':
-
+
-    $comment = (int) $_GET['comment'];
-
@@ -611 +612 @@
-
-case 'approvecomment':
-
+
-    $comment = (int) $_GET['comment'];
-    $p = (int) $_GET['p'];
@@ -640 +641 @@
-
-case 'editedcomment':
-
+
-    $comment_ID = (int) $_POST['comment_ID'];
-    $comment_post_ID = (int) $_POST['comment_post_ID'];

branches/1.5/wp-admin/profile.php

@@ -65 +65 @@
-        if ( $pass1 != $pass2 )
-            die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
-pass1
+wpdb->escape($pass1)
-        $updatepassword = "user_pass=MD5('$newuser_pass'), ";
-        wp_clearcookie();
-newuser_pass
+pass1
-    }
-

branches/1.5/wp-admin/user-edit.php

@@ -24 +24 @@
-switch ($action) {
-case 'update':
+
+check_admin_referer();
-
-get_currentuserinfo();