mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-01 07:40:07 +00:00
xmlrpc filename sanitation. Props donncha. fixes #3395
git-svn-id: https://develop.svn.wordpress.org/trunk@4537 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -817,7 +817,7 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||
$user_pass = $wpdb->escape($args[2]);
|
||||
$data = $args[3];
|
||||
|
||||
$name = $data['name'];
|
||||
$name = sanitize_file( $data['name'] );
|
||||
$type = $data['type'];
|
||||
$bits = $data['bits'];
|
||||
|
||||
@@ -841,7 +841,7 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||
logIO('O', '(MW) Could not write file '.$name);
|
||||
return new IXR_Error(500, 'Could not write file '.$name);
|
||||
}
|
||||
return apply_filters( 'wp_handle_upload', array( 'file' => $name, 'url' => $upload[ 'url' ], 'type' => $type ) );
|
||||
return apply_filters( 'wp_handle_upload', array( 'file' => $upload[ 'file' ], 'url' => $upload[ 'url' ], 'type' => $type ) );
|
||||
}
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user