diff options
| -rw-r--r-- | wp-admin/admin-functions.php | 4 | ||||
| -rw-r--r-- | wp-admin/comment.php | 12 | ||||
| -rw-r--r-- | wp-admin/edit-form-advanced.php | 9 | ||||
| -rw-r--r-- | wp-admin/edit-form-comment.php | 2 | ||||
| -rw-r--r-- | wp-admin/edit-form.php | 2 | ||||
| -rw-r--r-- | wp-admin/edit-page-form.php | 4 | ||||
| -rw-r--r-- | wp-admin/index.php | 4 | ||||
| -rw-r--r-- | wp-admin/link-manager.php | 2 | ||||
| -rw-r--r-- | wp-admin/link.php | 2 | ||||
| -rw-r--r-- | wp-admin/options.php | 4 | ||||
| -rw-r--r-- | wp-admin/page.php | 10 | ||||
| -rw-r--r-- | wp-admin/post.php | 11 | ||||
| -rw-r--r-- | wp-admin/update-links.php | 2 | ||||
| -rw-r--r-- | wp-admin/upgrade.php | 2 | ||||
| -rw-r--r-- | wp-includes/classes.php | 1 | ||||
| -rw-r--r-- | wp-includes/formatting.php | 4 | ||||
| -rw-r--r-- | wp-includes/functions.php | 27 | ||||
| -rw-r--r-- | wp-includes/pluggable.php | 2 | ||||
| -rw-r--r-- | wp-includes/vars.php | 2 | ||||
| -rw-r--r-- | wp-pass.php | 4 |
20 files changed, 70 insertions, 40 deletions
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index d229073..3cae3ae 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -664,7 +664,7 @@ function cat_rows($parent = 0, $level = 0, $categories = 0) { $default_link_cat_id = get_option('default_link_category'); if ( ($category->cat_ID != $default_cat_id) && ($category->cat_ID != $default_link_cat_id) ) - $edit .= "<td><a href='" . wp_nonce_url("categories.php?action=delete&cat_ID=$category->cat_ID", 'delete-category_' . $category->cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . sprintf(__("You are about to delete the category "%s".\\nAll of its posts will go into the default category of "%s"\\nAll of its bookmarks will go into the default category of "%s".\\n"OK" to delete, "Cancel" to stop."), addslashes($category->cat_name), js_escape(get_catname($default_cat_id)), js_escape(get_catname($default_link_cat_id))) . "' );\" class='delete'>".__('Delete')."</a>"; + $edit .= "<td><a href='" . wp_nonce_url("categories.php?action=delete&cat_ID=$category->cat_ID", 'delete-category_' . $category->cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . sprintf(__("You are about to delete the category "%s".\\nAll of its posts will go into the default category of "%s"\\nAll of its bookmarks will go into the default category of "%s".\\n"OK" to delete, "Cancel" to stop."), js_escape($category->cat_name), js_escape(get_catname($default_cat_id)), js_escape(get_catname($default_link_cat_id))) . "' );\" class='delete'>".__('Delete')."</a>"; else $edit .= "<td style='text-align:center'>".__("Default"); } @@ -718,7 +718,7 @@ function page_rows($parent = 0, $level = 0, $pages = 0, $hierarchy = true) { <td><?php echo mysql2date('Y-m-d g:i a', $post->post_modified); ?></td> <td><a href="<?php the_permalink(); ?>" rel="permalink" class="edit"><?php _e('View'); ?></a></td> <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='page.php?action=edit&post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td> - <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='" . wp_nonce_url("page.php?action=delete&post=$id", 'delete-page_' . $id) . "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the "%s" page.\\n"OK" to delete, "Cancel" to stop."), addslashes(wp_specialchars(get_the_title(),'double')) ) . "' );\">" . __('Delete') . "</a>"; } ?></td> + <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='" . wp_nonce_url("page.php?action=delete&post=$id", 'delete-page_' . $id) . "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the "%s" page.\\n"OK" to delete, "Cancel" to stop."), js_escape(get_the_title()) ) . "' );\">" . __('Delete') . "</a>"; } ?></td> </tr> <?php diff --git a/wp-admin/comment.php b/wp-admin/comment.php index a8be39e..9adcba6 100644 --- a/wp-admin/comment.php +++ b/wp-admin/comment.php @@ -117,8 +117,8 @@ case 'deletecomment': else wp_delete_comment($comment->comment_ID); - if (($_SERVER['HTTP_REFERER'] != '') && (false == $noredir)) { - header('Location: ' . $_SERVER['HTTP_REFERER']); + if ((wp_get_referer() != '') && (false == $noredir)) { + header('Location: ' . wp_get_referer()); } else { header('Location: '. get_settings('siteurl') .'/wp-admin/edit-comments.php'); } @@ -144,8 +144,8 @@ case 'unapprovecomment': wp_set_comment_status($comment->comment_ID, "hold"); - if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) { - header('Location: ' . $_SERVER['HTTP_REFERER']); + if ((wp_get_referer() != "") && (false == $noredir)) { + header('Location: ' . wp_get_referer()); } else { header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); } @@ -175,8 +175,8 @@ case 'approvecomment': } - if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) { - header('Location: ' . $_SERVER['HTTP_REFERER']); + if ((wp_get_referer() != "") && (false == $noredir)) { + header('Location: ' . wp_get_referer()); } else { header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); } diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 894e239..5431ce2 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -79,8 +79,7 @@ addLoadEvent(focusit); <div id="searchresults" class="autocomplete"></div> <?php autocomplete_textbox( "wpmu-edit.php?action=searchcategories&search=", "newcat", "searchresults" ); ?> <?php endif; ?> -<ul id="categorychecklist"><?php dropdown_categories(get_settings('default_category')); ?></ul> -</div> +<ul id="categorychecklist"><?php dropdown_categories(get_settings('default_category')); ?></ul></div> </fieldset> <fieldset id="commentstatusdiv" class="dbx-box"> @@ -170,10 +169,10 @@ if ('publish' != $post->post_status || 0 == $post_ID) { <input name="referredby" type="hidden" id="referredby" value="<?php if ( !empty($_REQUEST['popupurl']) ) echo wp_specialchars($_REQUEST['popupurl']); -else if ( url_to_postid($_SERVER['HTTP_REFERER']) == $post_ID ) +else if ( url_to_postid(wp_get_referer()) == $post_ID ) echo 'redo'; else - echo wp_specialchars($_SERVER['HTTP_REFERER']); + echo wp_specialchars(wp_get_referer()); ?>" /></p> <?php do_action('edit_form_advanced'); ?> @@ -227,7 +226,7 @@ list_meta($metadata); </div> <?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post_' . $post_ID ); ?> -<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), addslashes($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> +<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> <?php endif; ?> </div> diff --git a/wp-admin/edit-form-comment.php b/wp-admin/edit-form-comment.php index 1f23cef..46d9447 100644 --- a/wp-admin/edit-form-comment.php +++ b/wp-admin/edit-form-comment.php @@ -42,7 +42,7 @@ addLoadEvent(focusit); </fieldset> <p class="submit"><input type="submit" name="editcomment" id="editcomment" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" /> - <input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" /> + <input name="referredby" type="hidden" id="referredby" value="<?php echo wp_get_referer(); ?>" /> </p> </div> diff --git a/wp-admin/edit-form.php b/wp-admin/edit-form.php index dd4bc75..3837fa3 100644 --- a/wp-admin/edit-form.php +++ b/wp-admin/edit-form.php @@ -64,7 +64,7 @@ edCanvas = document.getElementById('content'); <?php if ('bookmarklet' != $mode) { echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' . __('Advanced Editing »') . '" />'; } ?> - <input name="referredby" type="hidden" id="referredby" value="<?php if (isset($_SERVER['HTTP_REFERER'])) echo urlencode($_SERVER['HTTP_REFERER']); ?>" /> + <input name="referredby" type="hidden" id="referredby" value="<?php if (isset(wp_get_referer())) echo urlencode($_SERVER['HTTP_REFERER']); ?>" /> </p> <?php do_action('simple_edit_form', ''); ?> diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index 530f979..14d5fa8 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -14,7 +14,7 @@ if (0 == $post_ID) { $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />"; } -$sendto = $_SERVER['HTTP_REFERER']; +$sendto = wp_get_referer(); if ( 0 != $post_ID && $sendto == get_permalink($post_ID) ) $sendto = 'redo'; @@ -185,7 +185,7 @@ list_meta($metadata); <?php if ('edit' == $action) : if ( current_user_can('delete_page', $post->ID) ) ?> - <input name="deletepost" class="delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), $wpdb->escape($post->post_title) ) . "')\""; ?> /> + <input name="deletepost" class="delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "')\""; ?> /> <?php endif; ?> </form> diff --git a/wp-admin/index.php b/wp-admin/index.php index 306e0b3..8455e80 100644 --- a/wp-admin/index.php +++ b/wp-admin/index.php @@ -43,7 +43,6 @@ if ( $comments || $numcomments ) : <?php if ( $numcomments ) : ?> <p><strong><a href="moderation.php"><?php echo sprintf(__('Comments in moderation (%s)'), number_format($numcomments) ); ?> »</a></strong></p> <?php endif; ?> -</div> <ul> <?php @@ -58,6 +57,7 @@ foreach ($comments as $comment) { </ul> <?php endif; ?> +</div> <?php if ( $recentposts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'publish' AND post_date_gmt < '$today' ORDER BY post_date DESC LIMIT 5") ) : @@ -79,7 +79,7 @@ foreach ($recentposts as $post) { <?php endif; ?> <?php -if ( $scheduled = $wpdb->get_results("SELECT ID, post_title, post_date_gmt FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'publish' AND post_date_gmt > '$today' ORDER BY post_date ASC") ) : +if ( $scheduled = $wpdb->get_results("SELECT ID, post_title, post_date_gmt FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'future' ORDER BY post_date ASC") ) : ?> <div> <h3><?php _e('Scheduled Entries:') ?></h3> diff --git a/wp-admin/link-manager.php b/wp-admin/link-manager.php index 7638d5f..e2edd38 100644 --- a/wp-admin/link-manager.php +++ b/wp-admin/link-manager.php @@ -176,7 +176,7 @@ if ($links) <?php echo '<td><a href="link.php?link_id='.$link->link_id.'&action=edit" class="edit">'.__('Edit').'</a></td>'; - echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." class='delete' onclick=\"return deleteSomething( 'link', $link->link_id , '".sprintf(__("You are about to delete the "%s" bookmark to %s.\\n"Cancel" to stop, "OK" to delete."), wp_specialchars($link->link_name, 1), wp_specialchars($link->link_url)).'\' );" class="delete">'.__('Delete').'</a></td>'; + echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." class='delete' onclick=\"return deleteSomething( 'link', $link->link_id , '".sprintf(__("You are about to delete the "%s" bookmark to %s.\\n"Cancel" to stop, "OK" to delete."), js_escape($link->link_name), js_escape($link->link_url)).'\' );" class="delete">'.__('Delete').'</a></td>'; echo '<td align="center"><input type="checkbox" name="linkcheck[]" value="'.$link->link_id.'" /></td>'; echo "\n </tr>\n"; } diff --git a/wp-admin/link.php b/wp-admin/link.php index 6e3056d..ae61da3 100644 --- a/wp-admin/link.php +++ b/wp-admin/link.php @@ -76,7 +76,7 @@ switch ($action) { add_link(); - header('Location: '.$_SERVER['HTTP_REFERER'].'?added=true'); + header('Location: '.wp_get_referer().'?added=true'); break; case 'save' : diff --git a/wp-admin/options.php b/wp-admin/options.php index f2752b9..020f0e1 100644 --- a/wp-admin/options.php +++ b/wp-admin/options.php @@ -118,8 +118,8 @@ take this action. //$message = sprintf(__('%d setting(s) saved... '), $any_changed); } - $referred = remove_query_arg('updated' , $_SERVER['HTTP_REFERER']); - $goback = add_query_arg('updated', 'true', $_SERVER['HTTP_REFERER']); + $referred = remove_query_arg('updated' , wp_get_referer()); + $goback = add_query_arg('updated', 'true', wp_get_referer()); $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback); wp_redirect($goback); break; diff --git a/wp-admin/page.php b/wp-admin/page.php index cd4d5cc..32fb2ae 100644 --- a/wp-admin/page.php +++ b/wp-admin/page.php @@ -106,12 +106,12 @@ case 'editpost': $page_ID = edit_post(); if ($_POST['save']) { - $location = $_SERVER['HTTP_REFERER']; + $location = wp_get_referer(); } elseif ($_POST['updatemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=2#postcustom'; + $location = wp_get_referer() . '&message=2#postcustom'; } elseif ($_POST['deletemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=3#postcustom'; - } elseif (isset($_POST['referredby']) && $_POST['referredby'] != $_SERVER['HTTP_REFERER']) { + $location = wp_get_referer() . '&message=3#postcustom'; + } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) $location = get_permalink( $page_ID ); @@ -142,7 +142,7 @@ case 'delete': die( __('Error in deleting...') ); } - $sendback = $_SERVER['HTTP_REFERER']; + $sendback = wp_get_referer(); if (strstr($sendback, 'page.php')) $sendback = get_settings('siteurl') .'/wp-admin/page.php'; elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); diff --git a/wp-admin/post.php b/wp-admin/post.php index aad14e9..d603913 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -108,12 +108,12 @@ case 'editpost': $post_ID = edit_post(); if ($_POST['save']) { - $location = $_SERVER['HTTP_REFERER']; + $location = wp_get_referer(); } elseif ($_POST['updatemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=2#postcustom'; + $location = wp_get_referer() . '&message=2#postcustom'; } elseif ($_POST['deletemeta']) { - $location = $_SERVER['HTTP_REFERER'] . '&message=3#postcustom'; - } elseif (isset($_POST['referredby']) && $_POST['referredby'] != $_SERVER['HTTP_REFERER']) { + $location = wp_get_referer() . '&message=3#postcustom'; + } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) $location = get_permalink( $post_ID ); @@ -122,6 +122,7 @@ case 'editpost': } else { $location = 'post-new.php'; } + header ('Location: ' . $location); // Send user on their way while we keep working exit(); @@ -144,7 +145,7 @@ case 'delete': die( __('Error in deleting...') ); } - $sendback = $_SERVER['HTTP_REFERER']; + $sendback = wp_get_referer(); if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post-new.php'; elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); diff --git a/wp-admin/update-links.php b/wp-admin/update-links.php index 46a7f5a..eff00db 100644 --- a/wp-admin/update-links.php +++ b/wp-admin/update-links.php @@ -23,7 +23,7 @@ $http_request .= "\r\n"; $http_request .= $query_string; $response = ''; -if( false !== ( $fs = fsockopen('api.pingomatic.com', 80, $errno, $errstr, 5) ) ) { +if ( false !== ( $fs = @fsockopen('api.pingomatic.com', 80, $errno, $errstr, 5) ) ) { fwrite($fs, $http_request); while ( !feof($fs) ) $response .= fgets($fs, 1160); // One TCP-IP packet diff --git a/wp-admin/upgrade.php b/wp-admin/upgrade.php index 66f3fec..1a2ed1b 100644 --- a/wp-admin/upgrade.php +++ b/wp-admin/upgrade.php @@ -67,7 +67,7 @@ text-align: center; border-top: 1px solid #ccc; padding-top: 1em; font-style: it switch($step) { case 0: - $goback = wp_specialchars($_SERVER['HTTP_REFERER'], 1); + $goback = wp_specialchars(wp_get_referer()); ?> <p><?php _e('This file upgrades you from any previous version of WordPress to the latest. It may take a while though, so be patient.'); ?></p> <h2 class="step"><a href="upgrade.php?step=1&backto=<?php echo $goback; ?>"><?php _e('Upgrade WordPress »'); ?></a></h2> diff --git a/wp-includes/classes.php b/wp-includes/classes.php index a4ecc54..976a727 100644 --- a/wp-includes/classes.php +++ b/wp-includes/classes.php @@ -234,6 +234,7 @@ class WP { nocache_headers(); if ( !empty($this->query_vars['error']) && '404' == $this->query_vars['error'] ) { status_header( 404 ); + @header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); } else if ( empty($this->query_vars['feed']) ) { @header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); } else { diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index 61cd1b2..7d52ed9 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -1044,6 +1044,8 @@ function htmlentities2($myHTML) { // Escape single quotes, specialchar double quotes, and fix line endings. function js_escape($text) { $text = wp_specialchars($text, 'double'); - return preg_replace("/\r?\n/", "\\n", addslashes($text)); + $text = str_replace(''', "'", $text); + return preg_replace("/\r?\n/", "\\n", addslashes($text)); } + ?> diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 1882962..63416a9 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -833,6 +833,33 @@ function wp_nonce_url($actionurl, $action = -1) { function wp_nonce_field($action = -1) { echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />'; + wp_referer_field(); +} + +function wp_referer_field() { + $ref = wp_specialchars($_SERVER['REQUEST_URI']); + echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />'; + if ( wp_get_original_referer() ) { + $original_ref = wp_specialchars(stripslashes(wp_get_original_referer())); + echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />'; + } +} + +function wp_original_referer_field() { + echo '<input type="hidden" name="_wp_original_http_referer" value="' . wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; +} + +function wp_get_referer() { + foreach ( array($_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER']) as $ref ) + if ( !empty($ref) ) + return $ref; + return false; +} + +function wp_get_original_referer() { + if ( !empty($_REQUEST['_wp_original_http_referer']) ) + return $_REQUEST['_wp_original_http_referer']; + return false; } function wp_mkdir_p($target) { diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 4d6f061..8724cd9 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -237,7 +237,7 @@ if ( !function_exists('check_admin_referer') ) : function check_admin_referer($action = -1) { global $pagenow, $menu, $submenu, $parent_file, $submenu_file;; $adminurl = strtolower(get_settings('siteurl')).'/wp-admin'; - $referer = strtolower($_SERVER['HTTP_REFERER']); + $referer = strtolower(wp_get_referer()); if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) && !(-1 == $action && strstr($referer, $adminurl)) ) { if ( $referer ) diff --git a/wp-includes/vars.php b/wp-includes/vars.php index bb1a18b..2573b27 100644 --- a/wp-includes/vars.php +++ b/wp-includes/vars.php @@ -1,7 +1,7 @@ <?php // On which page are we ? -if (preg_match('#([^/]+.php)#', $PHP_SELF, $self_matches)) { +if (preg_match('#([^/]+\.php)$#', $PHP_SELF, $self_matches)) { $pagenow = $self_matches[1]; } else if (strstr($PHP_SELF, '?')) { $pagenow = explode('/', $PHP_SELF); diff --git a/wp-pass.php b/wp-pass.php index d7d23a6..170d429 100644 --- a/wp-pass.php +++ b/wp-pass.php @@ -7,5 +7,5 @@ if ( get_magic_quotes_gpc() ) // 10 days setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); -wp_redirect($_SERVER['HTTP_REFERER']); -?>
\ No newline at end of file +wp_redirect(wp_get_referer()); +?> |