Changeset 14737
- Timestamp:
- 05/19/2010 05:32:39 AM (14 years ago)
- Location:
- trunk/wp-admin
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/ms-edit.php
r14735 r14737 142 142 break; 143 143 case 'addblog': 144 check_admin_referer( 'add-blog' );144 check_admin_referer( 'add-blog', '_wpnonce_add-blog' ); 145 145 146 146 if ( ! current_user_can( 'manage_sites' ) ) … … 326 326 case 'allblogs': 327 327 if ( isset( $_POST['doaction']) || isset($_POST['doaction2'] ) ) { 328 check_admin_referer( 'bulk-ms-sites' );328 check_admin_referer( 'bulk-ms-sites', '_wpnonce_bulk-ms-sites' ); 329 329 330 330 if ( ! current_user_can( 'manage_sites' ) ) … … 508 508 509 509 if ( isset( $_POST['doaction']) || isset($_POST['doaction2'] ) ) { 510 check_admin_referer( 'bulk-ms-users' );510 check_admin_referer( 'bulk-ms-users', '_wpnonce_bulk-ms-users' ); 511 511 512 512 if ( $_GET['action'] != -1 || $_POST['action2'] != -1 ) … … 591 591 592 592 case 'adduser': 593 check_admin_referer( 'add-user' );593 check_admin_referer( 'add-user', '_wpnonce_add-user' ); 594 594 if ( ! current_user_can( 'manage_network_users' ) ) 595 595 wp_die( __( 'You do not have permission to access this page.' ) ); -
trunk/wp-admin/ms-sites.php
r14735 r14737 247 247 ?> 248 248 <td> 249 <select name="role[<?php echo $val->user_id ?>]" id="new_role "><?php249 <select name="role[<?php echo $val->user_id ?>]" id="new_role_1"><?php 250 250 foreach ( $editblog_roles as $role => $role_assoc ){ 251 251 $name = translate_user_role( $role_assoc['name'] ); 252 echo '<option ' . selected( $role, $existing_role ) . ' value="' . esc_attr( $role ) . '">' . esc_html( $name ) . '</option>';252 echo '<option ' . selected( $role, $existing_role, false ) . ' value="' . esc_attr( $role ) . '">' . esc_html( $name ) . '</option>'; 253 253 } 254 254 ?> … … 283 283 <th scope="row"><?php _e( 'Role:' ) ?></th> 284 284 <td> 285 <select name="new_role" id="new_role ">285 <select name="new_role" id="new_role_0"> 286 286 <?php 287 287 reset( $editblog_roles ); … … 419 419 </select> 420 420 <input type="submit" value="<?php esc_attr_e( 'Apply' ); ?>" name="doaction" id="doaction" class="button-secondary action" /> 421 <?php wp_nonce_field( 'bulk-ms-sites' ); ?>421 <?php wp_nonce_field( 'bulk-ms-sites', '_wpnonce_bulk-ms-sites' ); ?> 422 422 </div> 423 423 … … 680 680 <h3><?php _e( 'Add Site' ) ?></h3> 681 681 <form method="post" action="ms-edit.php?action=addblog"> 682 <?php wp_nonce_field( 'add-blog' ) ?>682 <?php wp_nonce_field( 'add-blog', '_wpnonce_add-blog' ) ?> 683 683 <table class="form-table"> 684 684 <tr class="form-field form-required"> -
trunk/wp-admin/ms-users.php
r14735 r14737 135 135 </select> 136 136 <input type="submit" value="<?php esc_attr_e( 'Apply' ); ?>" name="doaction" id="doaction" class="button-secondary action" /> 137 <?php wp_nonce_field( 'bulk-ms-users' ); ?>137 <?php wp_nonce_field( 'bulk-ms-users', '_wpnonce_bulk-ms-users' ); ?> 138 138 </div> 139 139 … … 356 356 </table> 357 357 <p class="submit"> 358 <?php wp_nonce_field( 'add-user' ) ?>358 <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ) ?> 359 359 <input class="button" type="submit" value="<?php esc_attr_e( 'Add user' ) ?>" /></p> 360 360 </form>
Note: See TracChangeset
for help on using the changeset viewer.