Changeset 14933
- Timestamp:
- 05/26/2010 04:55:21 AM (14 years ago)
- Location:
- trunk/wp-admin
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/admin-ajax.php
r14886 r14933 219 219 $action = $_POST['action']; 220 220 $taxonomy = get_taxonomy(substr($action, 4)); 221 check_ajax_referer( $action );221 check_ajax_referer( $action, '_ajax_nonce-add-' . $taxonomy->name ); 222 222 if ( !current_user_can( $taxonomy->cap->edit_terms ) ) 223 223 die('-1'); … … 703 703 break; 704 704 case 'replyto-comment' : 705 check_ajax_referer( $action );705 check_ajax_referer( $action, '_ajax_nonce-replyto-comment' ); 706 706 707 707 $comment_post_ID = (int) $_POST['comment_post_ID']; … … 772 772 break; 773 773 case 'edit-comment' : 774 check_ajax_referer( 'replyto-comment' );774 check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' ); 775 775 776 776 $comment_post_ID = (int) $_POST['comment_post_ID']; … … 846 846 break; 847 847 case 'add-meta' : 848 check_ajax_referer( 'add-meta' );848 check_ajax_referer( 'add-meta', '_ajax_nonce-add-meta' ); 849 849 $c = 0; 850 850 $pid = (int) $_POST['post_id']; -
trunk/wp-admin/includes/meta-boxes.php
r14931 r14933 337 337 <?php wp_dropdown_categories( array( 'taxonomy' => $taxonomy, 'hide_empty' => 0, 'name' => 'new'.$taxonomy.'_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => '— ' . $tax->labels->parent_item . ' —', 'tab_index' => 3 ) ); ?> 338 338 <input type="button" id="<?php echo $taxonomy; ?>-add-submit" class="add:<?php echo $taxonomy ?>checklist:<?php echo $taxonomy ?>-add button category-add-sumbit" value="<?php echo esc_attr( $tax->labels->add_new_item ); ?>" tabindex="3" /> 339 <?php wp_nonce_field( 'add-'.$taxonomy, '_ajax_nonce ', false ); ?>339 <?php wp_nonce_field( 'add-'.$taxonomy, '_ajax_nonce-add-'.$taxonomy, false ); ?> 340 340 <span id="<?php echo $taxonomy; ?>-ajax-response"></span> 341 341 </p> -
trunk/wp-admin/includes/template.php
r14929 r14933 2287 2287 <input type="hidden" name="checkbox" id="checkbox" value="<?php echo $checkbox ? 1 : 0; ?>" /> 2288 2288 <input type="hidden" name="mode" id="mode" value="<?php echo esc_attr($mode); ?>" /> 2289 <?php wp_nonce_field( 'replyto-comment', '_ajax_nonce ', false ); ?>2289 <?php wp_nonce_field( 'replyto-comment', '_ajax_nonce-replyto-comment', false ); ?> 2290 2290 <?php wp_comment_form_unfiltered_html_nonce(); ?> 2291 2291 <?php if ( $table_row ) : ?> … … 2463 2463 <tr><td colspan="2" class="submit"> 2464 2464 <input type="submit" id="addmetasub" name="addmeta" class="add:the-list:newmeta" tabindex="9" value="<?php esc_attr_e( 'Add Custom Field' ) ?>" /> 2465 <?php wp_nonce_field( 'add-meta', '_ajax_nonce ', false ); ?>2465 <?php wp_nonce_field( 'add-meta', '_ajax_nonce-add-meta', false ); ?> 2466 2466 </td></tr> 2467 2467 </tbody>
Note: See TracChangeset
for help on using the changeset viewer.