sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

base64 cached objects and store within multi-line comment block to avoid CRLF injections into the cache. Props Peter Westwood.

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@3798 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2006-05-26 21:14:36 +00:00
parent a3d2d527f8
commit 73c56126c0
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
wp-includes/cache.php
View File

@ -47,8 +47,8 @@ function wp_cache_set($key, $data, $flag = '', $expire = 0) {
return $wp_object_cache->set($key, $data, $flag, $expire);
}
define('CACHE_SERIAL_HEADER', "<?php\n//");
define('CACHE_SERIAL_FOOTER', "\n?".">");
define('CACHE_SERIAL_HEADER', "<?php\n/*");
define('CACHE_SERIAL_FOOTER', "*/\n?".">");
class WP_Object_Cache {
var $cache_dir;
@ -158,7 +158,7 @@ class WP_Object_Cache {
return false;
}
$this->cache[$group][$id] = unserialize(substr(@ file_get_contents($cache_file), strlen(CACHE_SERIAL_HEADER), -strlen(CACHE_SERIAL_FOOTER)));
$this->cache[$group][$id] = unserialize(base64_decode(substr(@ file_get_contents($cache_file), strlen(CACHE_SERIAL_HEADER), -strlen(CACHE_SERIAL_FOOTER))));
if (false === $this->cache[$group][$id])
$this->cache[$group][$id] = '';
@ -332,7 +332,7 @@ class WP_Object_Cache {
}
$temp_file = tempnam($group_dir, 'tmp');
$serial = CACHE_SERIAL_HEADER.serialize($this->cache[$group][$id]).CACHE_SERIAL_FOOTER;
$serial = CACHE_SERIAL_HEADER.base64_encode(serialize($this->cache[$group][$id])).CACHE_SERIAL_FOOTER;
$fd = @fopen($temp_file, 'w');
if ( false === $fd ) {
$errors++;

4
wp-includes/version.php
View File

@ -3,6 +3,6 @@
// This just holds the version number, in a separate file so we can bump it without cluttering the SVN
$wp_version = '2.1-alpha1';
$wp_db_version = 3767;
$wp_db_version = 3797;
?>
?>