From 51b498aec239a7ff7c5f36b7ef32d73c18ed2cef Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Wed, 12 Jan 2011 17:24:34 +0000 Subject: [PATCH] Force get_pagenum to validate max pages. Add sanity redirect code to upload.php. see #16187. props MarkJaquith, greuben. git-svn-id: https://develop.svn.wordpress.org/trunk@17271 602fd350-edb4-49c9-b593-d223f7449a82 --- wp-admin/includes/class-wp-list-table.php | 3 +++ wp-admin/upload.php | 7 +++++++ 2 files changed, 10 insertions(+) diff --git a/wp-admin/includes/class-wp-list-table.php b/wp-admin/includes/class-wp-list-table.php index 7adc3ee6d8..fd4cf8df88 100644 --- a/wp-admin/includes/class-wp-list-table.php +++ b/wp-admin/includes/class-wp-list-table.php @@ -438,6 +438,9 @@ class WP_List_Table { function get_pagenum() { $pagenum = isset( $_REQUEST['paged'] ) ? absint( $_REQUEST['paged'] ) : 0; + if( isset( $this->_pagination_args['total_pages'] ) && $pagenum > $this->_pagination_args['total_pages'] ) + $pagenum = $this->_pagination_args['total_pages']; + return max( 1, $pagenum ); } diff --git a/wp-admin/upload.php b/wp-admin/upload.php index fb85154680..629be5b8a2 100644 --- a/wp-admin/upload.php +++ b/wp-admin/upload.php @@ -13,6 +13,7 @@ if ( !current_user_can('upload_files') ) wp_die( __( 'You do not have permission to upload files.' ) ); $wp_list_table = get_list_table('WP_Media_List_Table'); +$pagenum = $wp_list_table->get_pagenum(); // Handle bulk actions $doaction = $wp_list_table->current_action(); @@ -131,6 +132,12 @@ if ( $doaction ) { $wp_list_table->prepare_items(); +$total_pages = $wp_list_table->get_pagination_arg( 'total_pages' ); +if ( $pagenum > $total_pages && $total_pages > 0 ) { + wp_redirect( add_query_arg( 'paged', $total_pages ) ); + exit; +} + $title = __('Media Library'); $parent_file = 'upload.php';