Keep people from putting non-emaily things in the backup email recipi…

…ent field.
matzko · Mar 8, 2016 · 8dca2aa · 8dca2aa
1 parent 2e45101
commit 8dca2aa
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 17 deletions.
diff --git a/README.markdown b/README.markdown
@@ -4,9 +4,9 @@ WP-DB-Backup
 Contributors: filosofo
 Donate link: http://austinmatzko.com/wordpress-plugins/wp-db-backup/
 Tags: mysql, database, backup, cron
-Requires at least: 2.0.3
-Tested up to: 4.2.2
-Stable tag: 2.3.0
+Requires at least: 3.6.0
+Tested up to: 4.4.2
+Stable tag: 2.3.1
 
 On-demand backup of your WordPress database.
 

diff --git a/readme.txt b/readme.txt
@@ -2,9 +2,9 @@
 Contributors: filosofo
 Donate link: http://austinmatzko.com/wordpress-plugins/wp-db-backup/
 Tags: mysql, database, backup, cron
-Requires at least: 2.0.3
-Tested up to: 4.2.2
-Stable tag: 2.3.0
+Requires at least: 3.6.0
+Tested up to: 4.4.2
+Stable tag: 2.3.1
 
 On-demand backup of your WordPress database.
 
@@ -17,7 +17,7 @@ Released under the terms of the GNU GPL, version 2.
 
               NO WARRANTY.
 
-	Copyright (c) 2015 Austin Matzko
+	Copyright (c) 2016 Austin Matzko
 
 [Source Code on GitHub](https://github.com/matzko/wp-db-backup)
 

diff --git a/wp-db-backup.php b/wp-db-backup.php
@@ -5,7 +5,7 @@
 Description: On-demand backup of your WordPress database. Navigate to <a href="edit.php?page=wp-db-backup">Tools &rarr; Backup</a> to get started.
 Author: Austin Matzko 
 Author URI: http://austinmatzko.com/
-Version: 2.3.0
+Version: 2.3.1
 
 Copyright 2016  Austin Matzko  (email : austin at pressedcode.com)
 
@@ -298,13 +298,14 @@ function finishBackup() {
 			';
 			break;
 		case 'smtp':
-			if ( get_option('wpdb_backup_recip') != $_POST['backup_recipient'] ) {
-				update_option('wpdb_backup_recip', $_POST['backup_recipient'] );
+			$email = sanitize_text_field(wp_unslash($_POST['backup_recipient']));
+			if ( get_option('wpdb_backup_recip') != $email) {
+				update_option('wpdb_backup_recip', $email);
 			}
 			echo '
-				setProgress("' . sprintf(__('Your backup has been emailed to %s','wp-db-backup'), $_POST['backup_recipient']) . '");
+				setProgress("' . sprintf(__('Your backup has been emailed to %s','wp-db-backup'), $email) . '");
 				window.onbeforeunload = null; 
-				fram.src = "' . $download_uri . '&via=email&recipient=' . $_POST['backup_recipient'] . '";
+				fram.src = "' . $download_uri . '&via=email&recipient=' . $email . '";
 			';
 			break;
 		default:
@@ -431,9 +432,10 @@ function perform_backup() {
 		$this->backup_file = $this->db_backup($core_tables, $also_backup);
 		if (false !== $this->backup_file) {
 			if ('smtp' == $_POST['deliver']) {
-				$this->deliver_backup($this->backup_file, $_POST['deliver'], $_POST['backup_recipient'], 'main');
-				if ( get_option('wpdb_backup_recip') != $_POST['backup_recipient'] ) {
-					update_option('wpdb_backup_recip', $_POST['backup_recipient'] );
+				$email = sanitize_text_field(wp_unslash($_POST['backup_recipient']));
+				$this->deliver_backup($this->backup_file, $_POST['deliver'], $email, 'main');
+				if ( get_option('wpdb_backup_recip') != $email ) {
+					update_option('wpdb_backup_recip', $email );
 				}
 				wp_redirect($this->page_url);
 			} elseif ('http' == $_POST['deliver']) {
@@ -1147,10 +1149,11 @@ function backup_menu() {
 				$feedback .= '<br />' . sprintf(__('Your backup file: %2s should begin downloading shortly.','wp-db-backup'), "{$this->backup_file}", $this->backup_file);
 				break;
 			case 'smtp':
-				if (! is_email($_POST['backup_recipient'])) {
+				$email = sanitize_text_field(wp_unslash($_POST['backup_recipient']));
+				if (! is_email($email)) {
 					$feedback .= get_option('admin_email');
 				} else {
-					$feedback .= $_POST['backup_recipient'];
+					$feedback .= $email;
 				}
 				$feedback = '<br />' . sprintf(__('Your backup has been emailed to %s','wp-db-backup'), $feedback);
 				break;