X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/41497a896330304904ef6d5783c724ea713739f6..61343b82c4f0da4c68e4c6373daafff4a81efdd1:/wp-admin/load-scripts.php

diff --git a/wp-admin/load-scripts.php b/wp-admin/load-scripts.php
index 8cdb9f7e..8dfe3b18 100644
--- a/wp-admin/load-scripts.php
+++ b/wp-admin/load-scripts.php
@@ -114,8 +114,12 @@ function get_file($path) {
 	return @file_get_contents($path);
 }
 
-$load = preg_replace( '/[^a-z0-9,_-]+/i', '', $_GET['load'] );
-$load = explode(',', $load);
+$load = $_GET['load'];
+if ( is_array( $load ) )
+	$load = implode( '', $load );
+
+$load = preg_replace( '/[^a-z0-9,_-]+/i', '', $load );
+$load = array_unique( explode( ',', $load ) );
 
 if ( empty($load) )
 	exit;
@@ -125,7 +129,7 @@ require(ABSPATH . WPINC . '/version.php');
 
 $compress = ( isset($_GET['c']) && $_GET['c'] );
 $force_gzip = ( $compress && 'gzip' == $_GET['c'] );
-$expires_offset = 31536000;
+$expires_offset = 31536000; // 1 year
 $out = '';
 
 $wp_scripts = new WP_Scripts();