diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-11-27 17:02:17 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-11-27 17:02:17 +0000 |
| commit | 927321af4de1801f8fcbdcad320bc7500cde8f00 (patch) | |
| tree | 81c692cd9b0dfa510fdd9b3a20b0d6a4b86736d1 /xmlrpc.php | |
| parent | 5447f131269541ea942ae9239c95b4e1188fb57c (diff) | |
| download | wordpress-mu-927321af4de1801f8fcbdcad320bc7500cde8f00.tar.gz wordpress-mu-927321af4de1801f8fcbdcad320bc7500cde8f00.tar.xz wordpress-mu-927321af4de1801f8fcbdcad320bc7500cde8f00.zip | |
Sanitize filename and pass the right one to the handler
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@812 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'xmlrpc.php')
| -rw-r--r-- | xmlrpc.php | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -827,7 +827,7 @@ class wp_xmlrpc_server extends IXR_Server { $user_pass = $wpdb->escape($args[2]); $data = $args[3]; - $name = $data['name']; + $name = sanitize_file( $data['name'] ); $type = $data['type']; $bits = $data['bits']; @@ -851,7 +851,7 @@ class wp_xmlrpc_server extends IXR_Server { logIO('O', '(MW) Could not write file '.$name); return new IXR_Error(500, 'Could not write file '.$name); } - return apply_filters( 'wp_handle_upload', array( 'file' => $name, 'url' => $upload[ 'url' ], 'type' => $type ) ); + return apply_filters( 'wp_handle_upload', array( 'file' => $upload[ 'file' ], 'url' => $upload[ 'url' ], 'type' => $type ) ); } |