Changeset 3908

Show
Ignore:
Timestamp:
06/24/06 05:38:37 (3 years ago)
Author:
ryan
Message:

wp_get_referer() and friends from robmiller and markjaquith. fixes #2800

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/wp-admin/options.php

    r3759 r3908  
    7878    } 
    7979     
    80     $referred = remove_query_arg('updated' , $_SERVER['HTTP_REFERER']); 
    81     $goback = add_query_arg('updated', 'true', $_SERVER['HTTP_REFERER']); 
     80    $referred = remove_query_arg('updated' , wp_get_referer()); 
     81    $goback = add_query_arg('updated', 'true', wp_get_referer()); 
    8282    $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback); 
    8383    wp_redirect($goback); 

  • trunk/wp-includes/functions.php

    r3904 r3908  
    812812function wp_nonce_field($action = -1) { 
    813813    echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />'; 
     814    wp_referer_field(); 
     815} 
     816 
     817function wp_referer_field() { 
     818    $ref = ( false === wp_get_referer() ) ? $_SERVER['REQUEST_URI'] : wp_get_referer(); 
     819    $ref = wp_specialchars(stripslashes($ref)); 
     820    echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />'; 
     821    if ( wp_get_original_referer() ) { 
     822        $original_ref = wp_specialchars(stripslashes(wp_get_original_referer())); 
     823        echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />'; 
     824    } 
     825} 
     826 
     827function wp_original_referer_field() { 
     828    echo '<input type="hidden" name="_wp_original_http_referer" value="' . wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; 
     829} 
     830 
     831function wp_get_referer() { 
     832    foreach ( array($_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER']) as $ref ) 
     833        if ( !empty($ref) ) 
     834            return $ref; 
     835    return false; 
     836} 
     837 
     838function wp_get_original_referer() { 
     839    if ( !empty($_REQUEST['_wp_original_http_referer']) ) 
     840        return $_REQUEST['_wp_original_http_referer']; 
     841    return false; 
    814842} 
    815843 

  • trunk/wp-includes/pluggable.php

    r3862 r3908  
    232232    global $pagenow, $menu, $submenu, $parent_file, $submenu_file;; 
    233233    $adminurl = strtolower(get_settings('siteurl')).'/wp-admin'; 
    234     $referer = strtolower($_SERVER['HTTP_REFERER']); 
     234    $referer = strtolower(wp_get_referer()); 
    235235    if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) && 
    236236        !(-1 == $action && strstr($referer, $adminurl)) ) {