Make WordPress Core

Ticket #32207: 32207.diff

File 32207.diff, 1.0 KB (added by markjaquith, 9 years ago)
  • src/wp-includes/pluggable.php

    diff --git src/wp-includes/pluggable.php src/wp-includes/pluggable.php
    index ffe2a07..947094f 100644
    function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) { 
    10841084        $adminurl = strtolower(admin_url());
    10851085        $referer = strtolower(wp_get_referer());
    10861086        $result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;
    1087         if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) {
    1088                 wp_nonce_ays($action);
    1089                 die();
    1090         }
    10911087
    10921088        /**
    10931089         * Fires once the admin request has been validated or not.
    function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) { 
    10991095         *                          0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
    11001096         */
    11011097        do_action( 'check_admin_referer', $action, $result );
     1098
     1099        if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) {
     1100                wp_nonce_ays($action);
     1101                die();
     1102        }
     1103
    11021104        return $result;
    11031105}
    11041106endif;