From 2ed80443195d93d3cad625571c678afd7b5c720a Mon Sep 17 00:00:00 2001
From: =?utf8?q?Frank=20J=2E=20G=C3=B3mez?= <frank@ginkgostreet.com>
Date: Sat, 2 Jul 2016 10:53:31 -0400
Subject: [PATCH] CRM-18347: Blacklisted params accidentally passed by
 WordPress to the settings API.

----------------------------------------
* CRM-18347: error message after clearing security release message
  https://issues.civicrm.org/jira/browse/CRM-18347
---
 CRM/Core/BAO/Setting.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CRM/Core/BAO/Setting.php b/CRM/Core/BAO/Setting.php
index 36ac2612ee..be026342c7 100644
--- a/CRM/Core/BAO/Setting.php
+++ b/CRM/Core/BAO/Setting.php
@@ -253,6 +253,11 @@ class CRM_Core_BAO_Setting extends CRM_Core_DAO_Setting {
       'check_permissions',
       'options',
       'prettyprint',
+      // CRM-18347: ignore params unintentionally passed by API explorer on WP
+      'page',
+      'noheader',
+      // CRM-18347: ignore params unintentionally passed by wp CLI tool
+      '',
     );
     $settingParams = array_diff_key($params, array_fill_keys($ignoredParams, TRUE));
     $getFieldsParams = array('version' => 3);
-- 
2.25.1