Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
647ca60a8c | ||
|
|
216ea4f2d0 | ||
|
32bf48628e | ||
|
|
71f5f5fe6a | ||
|
505af40a68 | ||
|
|
4cad77d676 | ||
|
e3c8323406 |
@@ -1,6 +1,6 @@
|
||||
WordPress - Web publishing software
|
||||
|
||||
Copyright 2017 by the contributors
|
||||
Copyright 2018 by the contributors
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
||||
@@ -36,7 +36,15 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
|
||||
</h2>
|
||||
|
||||
<div class="changelog point-releases">
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 25 ); ?></h3>
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 27 ); ?></h3>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 1 ), '3.7.27' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.7.27' ); ?>
|
||||
</p>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 2 ), '3.7.26' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.7.26' ); ?>
|
||||
</p>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 1 ), '3.7.25' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.7.25' ); ?>
|
||||
|
||||
@@ -1437,6 +1437,43 @@ function path_join( $base, $path ) {
|
||||
return rtrim($base, '/') . '/' . ltrim($path, '/');
|
||||
}
|
||||
|
||||
/**
|
||||
* Normalize a filesystem path.
|
||||
*
|
||||
* On windows systems, replaces backslashes with forward slashes
|
||||
* and forces upper-case drive letters.
|
||||
* Allows for two leading slashes for Windows network shares, but
|
||||
* ensures that all other duplicate slashes are reduced to a single.
|
||||
*
|
||||
* @since 3.9.0
|
||||
* @since 4.4.0 Ensures upper-case drive letters on Windows systems.
|
||||
* @since 4.5.0 Allows for Windows network shares.
|
||||
* @since 4.9.7 Allows for PHP file wrappers.
|
||||
*
|
||||
* @param string $path Path to normalize.
|
||||
* @return string Normalized path.
|
||||
*/
|
||||
function wp_normalize_path( $path ) {
|
||||
$wrapper = '';
|
||||
if ( wp_is_stream( $path ) ) {
|
||||
list( $wrapper, $path ) = explode( '://', $path, 2 );
|
||||
$wrapper .= '://';
|
||||
}
|
||||
|
||||
// Standardise all paths to use /
|
||||
$path = str_replace( '\\', '/', $path );
|
||||
|
||||
// Replace multiple slashes down to a singular, allowing for network shares having two slashes.
|
||||
$path = preg_replace( '|(?<=.)/+|', '/', $path );
|
||||
|
||||
// Windows paths should uppercase the drive letter
|
||||
if ( ':' === substr( $path, 1, 1 ) ) {
|
||||
$path = ucfirst( $path );
|
||||
}
|
||||
|
||||
return $wrapper . $path;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines a writable directory for temporary files.
|
||||
* Function's preference is the return value of <code>sys_get_temp_dir()</code>,
|
||||
@@ -4259,3 +4296,29 @@ function mbstring_binary_safe_encoding( $reset = false ) {
|
||||
function reset_mbstring_encoding() {
|
||||
mbstring_binary_safe_encoding( true );
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes a file if its path is within the given directory.
|
||||
*
|
||||
* @since 4.9.7
|
||||
*
|
||||
* @param string $file Absolute path to the file to delete.
|
||||
* @param string $directory Absolute path to a directory.
|
||||
* @return bool True on success, false on failure.
|
||||
*/
|
||||
function wp_delete_file_from_directory( $file, $directory ) {
|
||||
$real_file = realpath( wp_normalize_path( $file ) );
|
||||
$real_directory = realpath( wp_normalize_path( $directory ) );
|
||||
|
||||
if ( false === $real_file || false === $real_directory || strpos( wp_normalize_path( $real_file ), trailingslashit( wp_normalize_path( $real_directory ) ) ) !== 0 ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
/** This filter is documented in wp-admin/custom-header.php */
|
||||
$delete = apply_filters( 'wp_delete_file', $file );
|
||||
if ( ! empty( $delete ) ) {
|
||||
@unlink( $delete );
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -2255,25 +2255,25 @@ function get_the_generator( $type = '' ) {
|
||||
|
||||
switch ( $type ) {
|
||||
case 'html':
|
||||
$gen = '<meta name="generator" content="WordPress ' . get_bloginfo( 'version' ) . '">';
|
||||
$gen = '<meta name="generator" content="WordPress ' . esc_attr( get_bloginfo( 'version' ) ) . '">';
|
||||
break;
|
||||
case 'xhtml':
|
||||
$gen = '<meta name="generator" content="WordPress ' . get_bloginfo( 'version' ) . '" />';
|
||||
$gen = '<meta name="generator" content="WordPress ' . esc_attr( get_bloginfo( 'version' ) ) . '" />';
|
||||
break;
|
||||
case 'atom':
|
||||
$gen = '<generator uri="http://wordpress.org/" version="' . get_bloginfo_rss( 'version' ) . '">WordPress</generator>';
|
||||
$gen = '<generator uri="https://wordpress.org/" version="' . esc_attr( get_bloginfo_rss( 'version' ) ) . '">WordPress</generator>';
|
||||
break;
|
||||
case 'rss2':
|
||||
$gen = '<generator>http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '</generator>';
|
||||
$gen = '<generator>' . esc_url_raw( 'https://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) ) . '</generator>';
|
||||
break;
|
||||
case 'rdf':
|
||||
$gen = '<admin:generatorAgent rdf:resource="http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '" />';
|
||||
$gen = '<admin:generatorAgent rdf:resource="' . esc_url_raw( 'https://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) ) . '" />';
|
||||
break;
|
||||
case 'comment':
|
||||
$gen = '<!-- generator="WordPress/' . get_bloginfo( 'version' ) . '" -->';
|
||||
$gen = '<!-- generator="WordPress/' . esc_attr( get_bloginfo( 'version' ) ) . '" -->';
|
||||
break;
|
||||
case 'export':
|
||||
$gen = '<!-- generator="WordPress/' . get_bloginfo_rss('version') . '" created="'. date('Y-m-d H:i') . '" -->';
|
||||
$gen = '<!-- generator="WordPress/' . esc_attr( get_bloginfo_rss( 'version' ) ) . '" created="' . date( 'Y-m-d H:i' ) . '" -->';
|
||||
break;
|
||||
}
|
||||
return apply_filters( "get_the_generator_{$type}", $gen, $type );
|
||||
|
||||
@@ -4157,12 +4157,6 @@ function wp_delete_attachment( $post_id, $force_delete = false ) {
|
||||
$backup_sizes = get_post_meta( $post->ID, '_wp_attachment_backup_sizes', true );
|
||||
$file = get_attached_file( $post_id );
|
||||
|
||||
$intermediate_sizes = array();
|
||||
foreach ( get_intermediate_image_sizes() as $size ) {
|
||||
if ( $intermediate = image_get_intermediate_size( $post_id, $size ) )
|
||||
$intermediate_sizes[] = $intermediate;
|
||||
}
|
||||
|
||||
if ( is_multisite() )
|
||||
delete_transient( 'dirsize_cache' );
|
||||
|
||||
@@ -4185,43 +4179,79 @@ function wp_delete_attachment( $post_id, $force_delete = false ) {
|
||||
$wpdb->delete( $wpdb->posts, array( 'ID' => $post_id ) );
|
||||
do_action( 'deleted_post', $post_id );
|
||||
|
||||
wp_delete_attachment_files( $post_id, $meta, $backup_sizes, $file );
|
||||
|
||||
clean_post_cache( $post );
|
||||
|
||||
return $post;
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes all files that belong to the given attachment.
|
||||
*
|
||||
* @since 4.9.7
|
||||
*
|
||||
* @param int $post_id Attachment ID.
|
||||
* @param array $meta The attachment's meta data.
|
||||
* @param array $backup_sizes The meta data for the attachment's backup images.
|
||||
* @param string $file Absolute path to the attachment's file.
|
||||
* @return bool True on success, false on failure.
|
||||
*/
|
||||
function wp_delete_attachment_files( $post_id, $meta, $backup_sizes, $file ) {
|
||||
global $wpdb;
|
||||
|
||||
$uploadpath = wp_upload_dir();
|
||||
$deleted = true;
|
||||
|
||||
if ( ! empty($meta['thumb']) ) {
|
||||
// Don't delete the thumb if another attachment uses it
|
||||
if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%' . $meta['thumb'] . '%', $post_id)) ) {
|
||||
$thumbfile = str_replace(basename($file), $meta['thumb'], $file);
|
||||
/** This filter is documented in wp-admin/custom-header.php */
|
||||
$thumbfile = apply_filters('wp_delete_file', $thumbfile);
|
||||
@ unlink( path_join($uploadpath['basedir'], $thumbfile) );
|
||||
if ( ! empty( $thumbfile ) ) {
|
||||
$thumbfile = path_join( $uploadpath['basedir'], $thumbfile );
|
||||
$thumbdir = path_join( $uploadpath['basedir'], dirname( $file ) );
|
||||
|
||||
if ( ! wp_delete_file_from_directory( $thumbfile, $thumbdir ) ) {
|
||||
$deleted = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// remove intermediate and backup images if there are any
|
||||
foreach ( $intermediate_sizes as $intermediate ) {
|
||||
/** This filter is documented in wp-admin/custom-header.php */
|
||||
$intermediate_file = apply_filters( 'wp_delete_file', $intermediate['path'] );
|
||||
@ unlink( path_join($uploadpath['basedir'], $intermediate_file) );
|
||||
}
|
||||
if ( isset( $meta['sizes'] ) && is_array( $meta['sizes'] ) ) {
|
||||
$intermediate_dir = path_join( $uploadpath['basedir'], dirname( $file ) );
|
||||
foreach ( $meta['sizes'] as $size => $sizeinfo ) {
|
||||
$intermediate_file = str_replace( basename( $file ), $sizeinfo['file'], $file );
|
||||
if ( ! empty( $intermediate_file ) ) {
|
||||
$intermediate_file = path_join( $uploadpath['basedir'], $intermediate_file );
|
||||
|
||||
if ( is_array($backup_sizes) ) {
|
||||
foreach ( $backup_sizes as $size ) {
|
||||
$del_file = path_join( dirname($meta['file']), $size['file'] );
|
||||
/** This filter is documented in wp-admin/custom-header.php */
|
||||
$del_file = apply_filters('wp_delete_file', $del_file);
|
||||
@ unlink( path_join($uploadpath['basedir'], $del_file) );
|
||||
if ( ! wp_delete_file_from_directory( $intermediate_file, $intermediate_dir ) ) {
|
||||
$deleted = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/** This filter is documented in wp-admin/custom-header.php */
|
||||
$file = apply_filters('wp_delete_file', $file);
|
||||
if ( is_array($backup_sizes) ) {
|
||||
$del_dir = path_join( $uploadpath['basedir'], dirname( $meta['file'] ) );
|
||||
foreach ( $backup_sizes as $size ) {
|
||||
$del_file = path_join( dirname( $meta['file'] ), $size['file'] );
|
||||
if ( ! empty( $del_file ) ) {
|
||||
$del_file = path_join( $uploadpath['basedir'], $del_file );
|
||||
|
||||
if ( ! empty($file) )
|
||||
@ unlink($file);
|
||||
if ( ! wp_delete_file_from_directory( $del_file, $del_dir ) ) {
|
||||
$deleted = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
clean_post_cache( $post );
|
||||
if ( ! wp_delete_file_from_directory( $file, $uploadpath['basedir'] ) ) {
|
||||
$deleted = false;
|
||||
}
|
||||
|
||||
return $post;
|
||||
return $deleted;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '3.7.25';
|
||||
$wp_version = '3.7.27';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
||||
@@ -14,10 +14,10 @@ require( dirname(__FILE__) . '/wp-load.php' );
|
||||
// Redirect to https login if forced to use SSL
|
||||
if ( force_ssl_admin() && ! is_ssl() ) {
|
||||
if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
|
||||
wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
|
||||
wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
|
||||
exit();
|
||||
} else {
|
||||
wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
|
||||
wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user