sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Loosen validation regex to use sanitize_key() in a few AJAX locations for things like pages, orders, columns. Change return value to 0 for failure, as -1 is reserved for authentication/intention. props ocean90, azaozz, fixes #18637. 

git-svn-id: https://develop.svn.wordpress.org/trunk@18663 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2011-09-12 21:48:44 +00:00
parent 598184f98c
commit 226635ed73
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
wp-admin/admin-ajax.php
View File

@ -1025,8 +1025,8 @@ case 'closed-postboxes' :
$page = isset( $_POST['page'] ) ? $_POST['page'] : '';
if ( !preg_match( '/^[a-z_-]+$/', $page ) )
die('-1');
if ( $page != sanitize_key( $page ) )
die('0');
if ( ! $user = wp_get_current_user() )
die('-1');
@ -1047,8 +1047,8 @@ case 'hidden-columns' :
$hidden = explode( ',', $_POST['hidden'] );
$page = isset( $_POST['page'] ) ? $_POST['page'] : '';
if ( !preg_match( '/^[a-z_-]+$/', $page ) )
die('-1');
if ( $page != sanitize_key( $page ) )
die('0');
if ( ! $user = wp_get_current_user() )
die('-1');
@ -1146,8 +1146,8 @@ case 'meta-box-order':
$page = isset( $_POST['page'] ) ? $_POST['page'] : '';
if ( !preg_match( '/^[a-z_-]+$/', $page ) )
die('-1');
if ( $page != sanitize_key( $page ) )
die('0');
if ( ! $user = wp_get_current_user() )
die('-1');