@@ -1091,14 +1091,28 @@ function request_filesystem_credentials( $form_post, $type = '', $error = false,
10911091
10921092 $ credentials = get_option ('ftp_credentials ' , array ( 'hostname ' => '' , 'username ' => '' ));
10931093
1094+ $ submitted_form = wp_unslash ( $ _POST );
1095+
1096+ // Verify nonce, or unset submitted form field values on failure
1097+ if ( ! isset ( $ _POST ['_fs_nonce ' ] ) || ! wp_verify_nonce ( $ _POST ['_fs_nonce ' ], 'filesystem-credentials ' ) ) {
1098+ unset(
1099+ $ submitted_form ['hostname ' ],
1100+ $ submitted_form ['username ' ],
1101+ $ submitted_form ['password ' ],
1102+ $ submitted_form ['public_key ' ],
1103+ $ submitted_form ['private_key ' ],
1104+ $ submitted_form ['connection_type ' ]
1105+ );
1106+ }
1107+
10941108 // If defined, set it to that, Else, If POST'd, set it to that, If not, Set it to whatever it previously was(saved details in option)
1095- $ credentials ['hostname ' ] = defined ('FTP_HOST ' ) ? FTP_HOST : (!empty ($ _POST ['hostname ' ]) ? wp_unslash ( $ _POST ['hostname ' ] ) : $ credentials ['hostname ' ]);
1096- $ credentials ['username ' ] = defined ('FTP_USER ' ) ? FTP_USER : (!empty ($ _POST ['username ' ]) ? wp_unslash ( $ _POST ['username ' ] ) : $ credentials ['username ' ]);
1097- $ credentials ['password ' ] = defined ('FTP_PASS ' ) ? FTP_PASS : (!empty ($ _POST ['password ' ]) ? wp_unslash ( $ _POST ['password ' ] ) : '' );
1109+ $ credentials ['hostname ' ] = defined ('FTP_HOST ' ) ? FTP_HOST : (!empty ($ submitted_form ['hostname ' ]) ? $ submitted_form ['hostname ' ] : $ credentials ['hostname ' ]);
1110+ $ credentials ['username ' ] = defined ('FTP_USER ' ) ? FTP_USER : (!empty ($ submitted_form ['username ' ]) ? $ submitted_form ['username ' ] : $ credentials ['username ' ]);
1111+ $ credentials ['password ' ] = defined ('FTP_PASS ' ) ? FTP_PASS : (!empty ($ submitted_form ['password ' ]) ? $ submitted_form ['password ' ] : '' );
10981112
10991113 // Check to see if we are setting the public/private keys for ssh
1100- $ credentials ['public_key ' ] = defined ('FTP_PUBKEY ' ) ? FTP_PUBKEY : (!empty ($ _POST ['public_key ' ]) ? wp_unslash ( $ _POST ['public_key ' ] ) : '' );
1101- $ credentials ['private_key ' ] = defined ('FTP_PRIKEY ' ) ? FTP_PRIKEY : (!empty ($ _POST ['private_key ' ]) ? wp_unslash ( $ _POST ['private_key ' ] ) : '' );
1114+ $ credentials ['public_key ' ] = defined ('FTP_PUBKEY ' ) ? FTP_PUBKEY : (!empty ($ submitted_form ['public_key ' ]) ? $ submitted_form ['public_key ' ] : '' );
1115+ $ credentials ['private_key ' ] = defined ('FTP_PRIKEY ' ) ? FTP_PRIKEY : (!empty ($ submitted_form ['private_key ' ]) ? $ submitted_form ['private_key ' ] : '' );
11021116
11031117 // Sanitize the hostname, Some people might pass in odd-data:
11041118 $ credentials ['hostname ' ] = preg_replace ('|\w+://| ' , '' , $ credentials ['hostname ' ]); //Strip any schemes off
@@ -1115,8 +1129,8 @@ function request_filesystem_credentials( $form_post, $type = '', $error = false,
11151129 $ credentials ['connection_type ' ] = 'ssh ' ;
11161130 } elseif ( ( defined ( 'FTP_SSL ' ) && FTP_SSL ) && 'ftpext ' == $ type ) { //Only the FTP Extension understands SSL
11171131 $ credentials ['connection_type ' ] = 'ftps ' ;
1118- } elseif ( ! empty ( $ _POST ['connection_type ' ] ) ) {
1119- $ credentials ['connection_type ' ] = wp_unslash ( $ _POST ['connection_type ' ] ) ;
1132+ } elseif ( ! empty ( $ submitted_form ['connection_type ' ] ) ) {
1133+ $ credentials ['connection_type ' ] = $ submitted_form ['connection_type ' ];
11201134 } elseif ( ! isset ( $ credentials ['connection_type ' ] ) ) { //All else fails (And it's not defaulted to something else saved), Default to FTP
11211135 $ credentials ['connection_type ' ] = 'ftp ' ;
11221136 }
@@ -1255,11 +1269,12 @@ function request_filesystem_credentials( $form_post, $type = '', $error = false,
12551269}
12561270
12571271foreach ( (array ) $ extra_fields as $ field ) {
1258- if ( isset ( $ _POST [ $ field ] ) )
1259- echo '<input type="hidden" name=" ' . esc_attr ( $ field ) . '" value=" ' . esc_attr ( wp_unslash ( $ _POST [ $ field ] ) ) . '" /> ' ;
1272+ if ( isset ( $ submitted_form [ $ field ] ) )
1273+ echo '<input type="hidden" name=" ' . esc_attr ( $ field ) . '" value=" ' . esc_attr ( $ submitted_form [ $ field ] ) . '" /> ' ;
12601274}
12611275?>
12621276 <p class="request-filesystem-credentials-action-buttons">
1277+ <?php wp_nonce_field ( 'filesystem-credentials ' , '_fs_nonce ' , false , true ); ?>
12631278 <button class="button cancel-button" data-js-action="close" type="button"><?php _e ( 'Cancel ' ); ?> </button>
12641279 <?php submit_button ( __ ( 'Proceed ' ), '' , 'upgrade ' , false ); ?>
12651280 </p>
0 commit comments