golem
/
twentyGOLEM
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add nonce protection for setting/removing featured post image. fixes #13438 

git-svn-id: http://svn.automattic.com/wordpress/trunk@14730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith 2010-05-18 22:08:49 +00:00
parent af59c18f45
commit 20cb3ed21b
8 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/admin-ajax.php
View File

@ -1467,6 +1467,8 @@ case 'set-post-thumbnail':
die( '-1' );
$thumbnail_id = intval( $_POST['thumbnail_id'] );
check_ajax_referer( "set_post_thumbnail-$post_id" );
if ( $thumbnail_id == '-1' ) {
delete_post_meta( $post_id, '_thumbnail_id' );
die( _wp_post_thumbnail_html() );

8
wp-admin/includes/media.php
View File

@ -1286,11 +1286,13 @@ function get_media_item( $attachment_id, $args = null ) {
$thumbnail = '';
$calling_post_id = 0;
if ( isset( $_GET['post_id'] ) )
$calling_post_id = $_GET['post_id'];
$calling_post_id = absint( $_GET['post_id'] );
elseif ( isset( $_POST ) && count( $_POST ) ) // Like for async-upload where $_GET['post_id'] isn't set
$calling_post_id = $post->post_parent;
if ( 'image' == $type && $calling_post_id && current_theme_supports( 'post-thumbnails', get_post_type( $calling_post_id ) ) && get_post_thumbnail_id( $calling_post_id ) != $attachment_id )
$thumbnail = "<a class='wp-post-thumbnail' id='wp-post-thumbnail-" . $attachment_id . "' href='#' onclick='WPSetAsThumbnail(\"$attachment_id\");return false;'>" . esc_html__( "Use as featured image" ) . "</a>";
if ( 'image' == $type && $calling_post_id && current_theme_supports( 'post-thumbnails', get_post_type( $calling_post_id ) ) && get_post_thumbnail_id( $calling_post_id ) != $attachment_id ) {
$ajax_nonce = wp_create_nonce( "set_post_thumbnail-$calling_post_id" );
$thumbnail = "<a class='wp-post-thumbnail' id='wp-post-thumbnail-" . $attachment_id . "' href='#' onclick='WPSetAsThumbnail(\"$attachment_id\", \"$ajax_nonce\");return false;'>" . esc_html__( "Use as featured image" ) . "</a>";
}
if ( ( $send || $thumbnail || $delete ) && !isset( $form_fields['buttons'] ) )
$form_fields['buttons'] = array( 'tr' => "\t\t<tr class='submit'><td></td><td class='savesend'>$send $thumbnail $delete</td></tr>\n" );

6
wp-admin/includes/post.php
View File

@ -1138,8 +1138,7 @@ function get_sample_permalink_html( $id, $new_title = null, $new_slug = null ) {
* @return string html
*/
function _wp_post_thumbnail_html( $thumbnail_id = NULL ) {
global $content_width, $_wp_additional_image_sizes;
global $content_width, $_wp_additional_image_sizes, $post_ID;
$set_thumbnail_link = '<p class="hide-if-no-js"><a title="' . esc_attr__( 'Set featured image' ) . '" href="' . esc_url( get_upload_iframe_src('image') ) . '" id="set-post-thumbnail" class="thickbox">%s</a></p>';
$content = sprintf($set_thumbnail_link, esc_html__( 'Set featured image' ));
@ -1151,8 +1150,9 @@ function _wp_post_thumbnail_html( $thumbnail_id = NULL ) {
else
$thumbnail_html = wp_get_attachment_image( $thumbnail_id, 'post-thumbnail' );
if ( !empty( $thumbnail_html ) ) {
$ajax_nonce = wp_create_nonce( "set_post_thumbnail-$post_ID" );
$content = sprintf($set_thumbnail_link, $thumbnail_html);
$content .= '<p class="hide-if-no-js"><a href="#" id="remove-post-thumbnail" onclick="WPRemoveThumbnail();return false;">' . esc_html__( 'Remove featured image' ) . '</a></p>';
$content .= '<p class="hide-if-no-js"><a href="#" id="remove-post-thumbnail" onclick="WPRemoveThumbnail(\'' . $ajax_nonce . '\');return false;">' . esc_html__( 'Remove featured image' ) . '</a></p>';
}
$content_width = $old_content_width;
}

4
wp-admin/js/post.dev.js
View File

@ -218,9 +218,9 @@ WPSetThumbnailID = function(id){
}
};
WPRemoveThumbnail = function(){
WPRemoveThumbnail = function(nonce){
$.post(ajaxurl, {
action:"set-post-thumbnail", post_id: $('#post_ID').val(), thumbnail_id: -1, cookie: encodeURIComponent(document.cookie)
action:"set-post-thumbnail", post_id: $('#post_ID').val(), thumbnail_id: -1, _ajax_nonce: nonce, cookie: encodeURIComponent(document.cookie)
}, function(str){
if ( str == '0' ) {
alert( setPostThumbnailL10n.error );

2
wp-admin/js/post.js
View File

File diff suppressed because one or more lines are too long

4
wp-admin/js/set-post-thumbnail.dev.js
View File

@ -1,9 +1,9 @@
function WPSetAsThumbnail(id){
function WPSetAsThumbnail(id, nonce){
var $link = jQuery('a#wp-post-thumbnail-' + id);
$link.text( setPostThumbnailL10n.saving );
jQuery.post(ajaxurl, {
action:"set-post-thumbnail", post_id: post_id, thumbnail_id: id, cookie: encodeURIComponent(document.cookie)
action:"set-post-thumbnail", post_id: post_id, thumbnail_id: id, _ajax_nonce: nonce, cookie: encodeURIComponent(document.cookie)
}, function(str){
var win = window.dialogArguments || opener || parent || top;
$link.text( setPostThumbnailL10n.setThumbnail );

2
wp-admin/js/set-post-thumbnail.js
View File

@ -1 +1 @@
function WPSetAsThumbnail(id){var $link=jQuery("a#wp-post-thumbnail-"+id);$link.text(setPostThumbnailL10n.saving);jQuery.post(ajaxurl,{action:"set-post-thumbnail",post_id:post_id,thumbnail_id:id,cookie:encodeURIComponent(document.cookie)},function(str){var win=window.dialogArguments||opener||parent||top;$link.text(setPostThumbnailL10n.setThumbnail);if(str=="0"){alert(setPostThumbnailL10n.error)}else{jQuery("a.wp-post-thumbnail").show();$link.text(setPostThumbnailL10n.done);$link.fadeOut(2000);win.WPSetThumbnailID(id);win.WPSetThumbnailHTML(str)}})};
function WPSetAsThumbnail(id,nonce){var $link=jQuery("a#wp-post-thumbnail-"+id);$link.text(setPostThumbnailL10n.saving);jQuery.post(ajaxurl,{action:"set-post-thumbnail",post_id:post_id,thumbnail_id:id,_ajax_nonce:nonce,cookie:encodeURIComponent(document.cookie)},function(str){var win=window.dialogArguments||opener||parent||top;$link.text(setPostThumbnailL10n.setThumbnail);if(str=="0"){alert(setPostThumbnailL10n.error)}else{jQuery("a.wp-post-thumbnail").show();$link.text(setPostThumbnailL10n.done);$link.fadeOut(2000);win.WPSetThumbnailID(id);win.WPSetThumbnailHTML(str)}})};

4
wp-includes/script-loader.php
View File

@ -274,7 +274,7 @@ function wp_default_scripts( &$scripts ) {
$scripts->add( 'postbox', "/wp-admin/js/postbox$suffix.js", array('jquery-ui-sortable'), '20091012' );
$scripts->add_data( 'postbox', 'group', 1 );
$scripts->add( 'post', "/wp-admin/js/post$suffix.js", array('suggest', 'wp-lists', 'postbox'), '20100418' );
$scripts->add( 'post', "/wp-admin/js/post$suffix.js", array('suggest', 'wp-lists', 'postbox'), '20100518' );
$scripts->add_data( 'post', 'group', 1 );
$scripts->localize( 'post', 'postL10n', array(
'tagsUsed' => __('Tags used on this post:'),
@ -374,7 +374,7 @@ function wp_default_scripts( &$scripts ) {
$scripts->add( 'image-edit', "/wp-admin/js/image-edit$suffix.js", array('jquery', 'json2', 'imgareaselect'), '20091111' );
$scripts->add_data( 'image-edit', 'group', 1 );
$scripts->add( 'set-post-thumbnail', "/wp-admin/js/set-post-thumbnail$suffix.js", array( 'jquery' ), '20091210b' );
$scripts->add( 'set-post-thumbnail', "/wp-admin/js/set-post-thumbnail$suffix.js", array( 'jquery' ), '20100518' );
$scripts->add_data( 'set-post-thumbnail', 'group', 1 );
$scripts->localize( 'set-post-thumbnail', 'setPostThumbnailL10n', array(
'setThumbnail' => __( 'Use as featured image' ),