sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow Apostrophes in Post Passwords. $_POST and $_COOKIE are always slashed. Fixes #17145

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@18712 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dion Hulse 2011-09-19 04:17:26 +00:00
parent 56c20818e5
commit ad6fac44d4
2 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/post-template.php
View File

@ -564,7 +564,7 @@ function post_password_required( $post = null ) {
if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )
return true;
if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password )
if ( stripslashes( $_COOKIE['wp-postpass_' . COOKIEHASH] ) != $post->post_password )
return true;
return false;

5
wp-pass.php
View File

@ -9,11 +9,8 @@
/** Make sure that the WordPress bootstrap has run before continuing. */
require( dirname(__FILE__) . '/wp-load.php');
if ( get_magic_quotes_gpc() )
$_POST['post_password'] = stripslashes($_POST['post_password']);
// 10 days
setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
setcookie('wp-postpass_' . COOKIEHASH, stripslashes( $_POST['post_password'] ), time() + 864000, COOKIEPATH);
wp_safe_redirect(wp_get_referer());
exit;