Make WordPress Core

Ticket #43667: signup_nonce_check.2.patch

File signup_nonce_check.2.patch, 628 bytes (added by herregroen, 6 years ago)
  • src/wp-includes/ms-functions.php

    diff --git src/wp-includes/ms-functions.php src/wp-includes/ms-functions.php
    index ebc699436d..e278d53ac6 100644
    function signup_nonce_check( $result ) { 
    21932193                return $result;
    21942194        }
    21952195
    2196         if ( wp_create_nonce( 'signup_form_' . $_POST['signup_form_id'] ) != $_POST['_signup_form'] ) {
    2197                 wp_die( __( 'Please try again.' ) );
     2196        if ( ! wp_verify_nonce( $_POST['_signup_form'], 'signup_form_' . $_POST['signup_form_id'] ) ) {
     2197                $result['errors']->add( 'nonce', __( 'Unable to submit this form, please try again.' ) );
    21982198        }
    21992199
    22002200        return $result;