WP_Screen: Whitelist -new and -add screens, and prevent edit-comments and edit-tags from being mashed on. fixes #19353.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
b6b8a588bb
commit
65fde75e85
|
@ -233,7 +233,7 @@ final class WP_Screen {
|
||||||
* @var string
|
* @var string
|
||||||
* @access public
|
* @access public
|
||||||
*/
|
*/
|
||||||
public $action = '';
|
public $action;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The base type of the screen. This is typically the same as $id but with any post types and taxonomies stripped.
|
* The base type of the screen. This is typically the same as $id but with any post types and taxonomies stripped.
|
||||||
|
@ -387,8 +387,9 @@ final class WP_Screen {
|
||||||
if ( is_a( $hook_name, 'WP_Screen' ) )
|
if ( is_a( $hook_name, 'WP_Screen' ) )
|
||||||
return $hook_name;
|
return $hook_name;
|
||||||
|
|
||||||
$action = $post_type = $taxonomy = null;
|
$post_type = $taxonomy = null;
|
||||||
$is_network = $is_user = false;
|
$is_network = $is_user = false;
|
||||||
|
$action = '';
|
||||||
|
|
||||||
if ( $hook_name )
|
if ( $hook_name )
|
||||||
$id = $hook_name;
|
$id = $hook_name;
|
||||||
|
@ -400,12 +401,10 @@ final class WP_Screen {
|
||||||
$post_type = $id;
|
$post_type = $id;
|
||||||
$id = 'post'; // changes later. ends up being $base.
|
$id = 'post'; // changes later. ends up being $base.
|
||||||
} else {
|
} else {
|
||||||
$last_four = substr( $id, -4 );
|
if ( '.php' == substr( $id, -4 ) )
|
||||||
if ( '.php' == $last_four ) {
|
|
||||||
$id = substr( $id, 0, -4 );
|
$id = substr( $id, 0, -4 );
|
||||||
$last_four = substr( $id, -4 );
|
|
||||||
}
|
if ( 'post-new' == $id || 'link-add' == $id || 'media-new' == $id || 'user-new' == $id ) {
|
||||||
if ( '-add' == $last_four || '-new' == $last_four ) {
|
|
||||||
$id = substr( $id, 0, -4 );
|
$id = substr( $id, 0, -4 );
|
||||||
$action = 'add';
|
$action = 'add';
|
||||||
}
|
}
|
||||||
|
@ -421,7 +420,7 @@ final class WP_Screen {
|
||||||
}
|
}
|
||||||
|
|
||||||
$id = sanitize_key( $id );
|
$id = sanitize_key( $id );
|
||||||
if ( 'edit-' == substr( $id, 0, 5 ) ) {
|
if ( 'edit-comments' != $id && 'edit-tags' != $id && 'edit-' == substr( $id, 0, 5 ) ) {
|
||||||
$maybe = substr( $id, 5 );
|
$maybe = substr( $id, 5 );
|
||||||
if ( taxonomy_exists( $maybe ) ) {
|
if ( taxonomy_exists( $maybe ) ) {
|
||||||
$id = 'edit-tags';
|
$id = 'edit-tags';
|
||||||
|
@ -486,10 +485,6 @@ final class WP_Screen {
|
||||||
$taxonomy = 'post_tag';
|
$taxonomy = 'post_tag';
|
||||||
$id = 'edit-' . $taxonomy;
|
$id = 'edit-' . $taxonomy;
|
||||||
break;
|
break;
|
||||||
case 'upload' :
|
|
||||||
if ( null === $post_type )
|
|
||||||
$post_type = 'attachment';
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $is_network ) {
|
if ( $is_network ) {
|
||||||
|
|
Loading…
Reference in New Issue