- +
diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index 4cefe1fac..14d5fa801 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -14,7 +14,7 @@ if (0 == $post_ID) { $form_extra = ""; } -$sendto = $_SERVER['HTTP_REFERER']; +$sendto = wp_get_referer(); if ( 0 != $post_ID && $sendto == get_permalink($post_ID) ) $sendto = 'redo'; diff --git a/wp-admin/link.php b/wp-admin/link.php index 6e3056d79..ae61da3de 100644 --- a/wp-admin/link.php +++ b/wp-admin/link.php @@ -76,7 +76,7 @@ switch ($action) { add_link(); - header('Location: '.$_SERVER['HTTP_REFERER'].'?added=true'); + header('Location: '.wp_get_referer().'?added=true'); break; case 'save' : diff --git a/wp-admin/page.php b/wp-admin/page.php index cfa50dbb2..ff867c45b 100644 --- a/wp-admin/page.php +++ b/wp-admin/page.php @@ -98,12 +98,12 @@ case 'editpost': $page_ID = edit_post(); if ($_POST['save']) { - $location = $_SERVER['HTTP_REFERER']; + $location = wp_get_referer(); } elseif ($_POST['updatemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=2#postcustom'; + $location = wp_get_referer() . '&message=2#postcustom'; } elseif ($_POST['deletemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=3#postcustom'; - } elseif (isset($_POST['referredby']) && $_POST['referredby'] != $_SERVER['HTTP_REFERER']) { + $location = wp_get_referer() . '&message=3#postcustom'; + } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) $location = get_permalink( $page_ID ); @@ -134,7 +134,7 @@ case 'delete': die( __('Error in deleting...') ); } - $sendback = $_SERVER['HTTP_REFERER']; + $sendback = wp_get_referer(); if (strstr($sendback, 'page.php')) $sendback = get_settings('siteurl') .'/wp-admin/page.php'; elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); diff --git a/wp-admin/post.php b/wp-admin/post.php index daa707fc5..84f318fac 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -104,12 +104,12 @@ case 'editpost': $post_ID = edit_post(); if ($_POST['save']) { - $location = $_SERVER['HTTP_REFERER']; + $location = wp_get_referer(); } elseif ($_POST['updatemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=2#postcustom'; + $location = wp_get_referer() . '&message=2#postcustom'; } elseif ($_POST['deletemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=3#postcustom'; - } elseif (isset($_POST['referredby']) && $_POST['referredby'] != $_SERVER['HTTP_REFERER']) { + $location = wp_get_referer() . '&message=3#postcustom'; + } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) $location = get_permalink( $post_ID ); @@ -118,6 +118,7 @@ case 'editpost': } else { $location = 'post-new.php'; } + header ('Location: ' . $location); // Send user on their way while we keep working exit(); @@ -140,7 +141,7 @@ case 'delete': die( __('Error in deleting...') ); } - $sendback = $_SERVER['HTTP_REFERER']; + $sendback = wp_get_referer(); if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post-new.php'; elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); diff --git a/wp-admin/upgrade.php b/wp-admin/upgrade.php index 168b6d9e5..f0a503f16 100644 --- a/wp-admin/upgrade.php +++ b/wp-admin/upgrade.php @@ -67,7 +67,7 @@ text-align: center; border-top: 1px solid #ccc; padding-top: 1em; font-style: it switch($step) { case 0: - $goback = wp_specialchars($_SERVER['HTTP_REFERER'], 1); + $goback = wp_specialchars(wp_get_referer()); ?>