diff --git a/wp-admin/upload.php b/wp-admin/upload.php
index e121207010..0f3e5ddac9 100644
--- a/wp-admin/upload.php
+++ b/wp-admin/upload.php
@@ -155,36 +155,35 @@ require_once('./admin-header.php');
' . __('Search results for “%s”') . '', get_search_query() ); ?>
' . __('Undo') . '';
$_SERVER['REQUEST_URI'] = remove_query_arg(array('trashed'), $_SERVER['REQUEST_URI']);
}
-if ( isset($_GET['untrashed']) && (int) $_GET['untrashed'] ) {
- $message = sprintf( _n( 'Media attachment restored from the trash.', '%d media attachments restored from the trash.', $_GET['untrashed'] ), number_format_i18n( $_GET['untrashed'] ) );
+if ( ! empty( $_GET['untrashed'] ) && $untrashed = absint( $_GET['untrashed'] ) ) {
+ $message = sprintf( _n( 'Media attachment restored from the trash.', '%d media attachments restored from the trash.', $untrashed ), number_format_i18n( $_GET['untrashed'] ) );
$_SERVER['REQUEST_URI'] = remove_query_arg(array('untrashed'), $_SERVER['REQUEST_URI']);
}
@@ -194,8 +193,8 @@ $messages[3] = __('Error saving media attachment.');
$messages[4] = __('Media moved to the trash.') . '
' . __('Undo') . '';
$messages[5] = __('Media restored from the trash.');
-if ( isset($_GET['message']) && (int) $_GET['message'] ) {
- $message = $messages[$_GET['message']];
+if ( ! empty( $_GET['message'] ) && isset( $messages[ $_GET['message'] ] ) ) {
+ $message = $messages[ $_GET['message'] ];
$_SERVER['REQUEST_URI'] = remove_query_arg(array('message'), $_SERVER['REQUEST_URI']);
}