Context Navigation

Ticket #36954: 36954.diff

File 36954.diff, 1003 bytes (added by scottbasgaard, 10 years ago)

diff --git wp-admin/options-general.php wp-admin/options-general.php
index add4d29..ba59374 100644

  if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?>
         );
         printf(
                 ' <a href="%1$s">%2$s</a>',
                 esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ),
+                esc_url( wp_nonce_url( admin_url( 'options.php?dismiss=new_admin_email' ), 'new-admin-email' ) ),
                 __( 'Cancel' )
         );
 ?></p>

diff --git wp-admin/options.php wp-admin/options.php
index c00fc6a..7f6fd3e 100644

  if ( is_multisite() ) {
                 wp_redirect( admin_url( $redirect ) );
                 exit;
         } elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) {
+                check_admin_referer( 'new-admin-email' );
                 delete_option( 'adminhash' );
                 delete_option( 'new_admin_email' );
                 wp_redirect( admin_url( 'options-general.php?updated=true' ) );