?> </p> <p class="step"><a class="button" href="upgrade.php?step=1&backto=<?php echo $goback; ?> "><?php _e('Update NXTClass Database'); ?> </a></p> <?php break; case 1: nxt_upgrade(); $backto = !empty($_GET['backto']) ? stripslashes(urldecode($_GET['backto'])) : __get_option('home') . '/'; $backto = esc_url($backto); $backto = nxt_validate_redirect($backto, __get_option('home') . '/'); ?> <h2><?php _e('Update Complete'); ?> </h2> <p><?php _e('Your NXTClass database has been successfully updated!'); ?> </p> <p class="step"><a class="button" href="<?php echo $backto; ?> "><?php _e('Continue'); ?>
/** * Performs a safe (local) redirect, using nxt_redirect(). * * Checks whether the $location is using an allowed host, if it has an absolute * path. A plugin can therefore set or remove allowed host(s) to or from the * list. * * If the host is not allowed, then the redirect is to nxt-admin on the siteurl * instead. This prevents malicious redirects which redirect to another host, * but only used in a few places. * * @since 2.3 * @uses nxt_validate_redirect() To validate the redirect is to an allowed host. * * @return void Does not return anything **/ function nxt_safe_redirect($location, $status = 302) { // Need to look at the URL the way it will end up in nxt_redirect() $location = nxt_sanitize_redirect($location); $location = nxt_validate_redirect($location, admin_url()); nxt_redirect($location, $status); }