diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php index 734409fe1f..82d8abc27f 100644 --- a/src/wp-admin/includes/ajax-actions.php +++ b/src/wp-admin/includes/ajax-actions.php @@ -241,10 +241,11 @@ function wp_ajax_logged_in() { * @return die */ function _wp_ajax_delete_comment_response( $comment_id, $delta = -1 ) { - $total = (int) @$_POST['_total']; - $per_page = (int) @$_POST['_per_page']; - $page = (int) @$_POST['_page']; - $url = esc_url_raw( @$_POST['_url'] ); + $total = isset( $_POST['_total'] ) ? (int) $_POST['_total'] : 0; + $per_page = isset( $_POST['_per_page'] ) ? (int) $_POST['_per_page'] : 0; + $page = isset( $_POST['_page'] ) ? (int) $_POST['_page'] : 0; + $url = isset( $_POST['_url'] ) ? esc_url_raw( $_POST['_url'] ) : ''; + // JS didn't send us everything we need to know. Just die with success message if ( !$total || !$per_page || !$page || !$url ) wp_die( time() ); diff --git a/src/wp-admin/includes/media.php b/src/wp-admin/includes/media.php index 4b6417f861..c37dc0b1c4 100644 --- a/src/wp-admin/includes/media.php +++ b/src/wp-admin/includes/media.php @@ -2077,17 +2077,18 @@ $arc_query = "SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmon $arc_result = $wpdb->get_results( $arc_query ); $month_count = count($arc_result); +$selected_month = isset( $_GET['m'] ) ? $_GET['m'] : 0; if ( $month_count && !( 1 == $month_count && 0 == $arc_result[0]->mmonth ) ) { ?>