Ensure we have a valid timezone identifier before trying to use it.

Validate the new timezone identifier during option update.
Fixes #17840.

git-svn-id: https://develop.svn.wordpress.org/trunk@18323 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Peter Westwood 2011-06-20 14:58:50 +00:00
parent e1af5b5cb2
commit 41d548231e
2 changed files with 13 additions and 2 deletions

View File

@ -162,7 +162,7 @@ if ( empty($tzstring) ) { // Create a UTC+- zone if no timezone string exists
<?php echo wp_timezone_choice($tzstring); ?>
</select>
<span id="utc-time"><?php printf(__('<abbr title="Coordinated Universal Time">UTC</abbr> time is <code>%s</code>'), date_i18n($timezone_format, false, 'gmt')); ?></span>
<span id="utc-time"><?php printf(__('<abbr title="Coordinated Universal Time">UTC</abbr> time is <code>%s</code>'), date_i18n($timezone_format, false, 'gmt')); ?></span>
<?php if ( get_option('timezone_string') || !empty($current_offset) ) : ?>
<span id="local-time"><?php printf(__('Local time is <code>%1$s</code>'), date_i18n($timezone_format)); ?></span>
<?php endif; ?>
@ -182,7 +182,9 @@ if ( empty($tzstring) ) { // Create a UTC+- zone if no timezone string exists
?>
<br />
<?php
if ( function_exists('timezone_transitions_get') ) {
$allowed_zones = timezone_identifiers_list();
if ( in_array( $tzstring, $allowed_zones) ) {
$found = false;
$date_time_zone_selected = new DateTimeZone($tzstring);
$tz_offset = timezone_offset_get($date_time_zone_selected, date_create());

View File

@ -2521,6 +2521,15 @@ function sanitize_option($option, $value) {
}
break;
case 'timezone_string':
$allowed_zones = timezone_identifiers_list();
if ( ! in_array( $value, $allowed_zones ) && ! empty( $value ) ) {
$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
if ( function_exists('add_settings_error') )
add_settings_error('timezone_string', 'invalid_timezone_string', __('The timezone you have entered is not valid. Please select a valid timezone.') );
}
break;
default :
$value = apply_filters("sanitize_option_{$option}", $value, $option);
break;