sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Docs: Improve the docs for `validate_file()` and `validate_file_to_edit()`. 

See #42016, #36170, #41017


git-svn-id: https://develop.svn.wordpress.org/trunk@42007 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
John Blackbourn 2017-10-24 22:49:13 +00:00
parent 80fd300ebf
commit 7329816301
2 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/wp-admin/includes/file.php
View File

@ -653,14 +653,14 @@ function wp_tempnam( $filename = '', $dir = '' ) {
} }
/** /**
* Make sure that the file that was requested to edit, is allowed to be edited * Makes sure that the file that was requested to be edited is allowed to be edited.
* *
* Function will die if you are not allowed to edit the file * Function will die if you are not allowed to edit the file.
* *
* @since 1.5.0 * @since 1.5.0
* *
* @param string $file file the users is attempting to edit * @param string $file File the user is attempting to edit.
* @param array $allowed_files Array of allowed files to edit, $file must match an entry exactly * @param array $allowed_files Optional. Array of allowed files to edit, $file must match an entry exactly.
* @return string|null * @return string|null
*/ */
function validate_file_to_edit( $file, $allowed_files = '' ) { function validate_file_to_edit( $file, $allowed_files = '' ) {

15
src/wp-includes/functions.php
View File

@ -4238,17 +4238,18 @@ function iis7_supports_permalinks() {
} }
/** /**
* File validates against allowed set of defined rules. * Validates a file name and path against an allowed set of rules.
* *
* A return value of '1' means that the $file contains either '..' or './'. A * A return value of `1` means the file path contains directory traversal.
* return value of '2' means that the $file contains ':' after the first *
* character. A return value of '3' means that the file is not in the allowed * A return value of `2` means the file path contains a Windows drive path.
* files list. *
* A return value of `3` means the file is not in the allowed files list.
* *
* @since 1.2.0 * @since 1.2.0
* *
* @param string $file File path. * @param string $file File path.
* @param array $allowed_files List of allowed files. * @param array $allowed_files Optional. List of allowed files.
* @return int 0 means nothing is wrong, greater than 0 means something was wrong. * @return int 0 means nothing is wrong, greater than 0 means something was wrong.
*/ */
function validate_file( $file, $allowed_files = '' ) { function validate_file( $file, $allowed_files = '' ) {