WordPress.org

Make WordPress Core

Changeset 17121


Ignore:
Timestamp:
12/23/10 15:56:32 (3 years ago)
Author:
ryan
Message:

Check bulk-themes nonce before bulk delete. fixes #15922

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/network/themes.php

    r17101 r17121  
    8686            $main_theme = get_current_theme(); 
    8787            $files_to_delete = $theme_info = array(); 
    88             foreach( $themes as $key => $theme ) { 
     88            foreach ( $themes as $key => $theme ) { 
    8989                $data = get_theme_data( WP_CONTENT_DIR . '/themes/' . $theme . '/style.css' ); 
    9090                if ( $data['Name'] == $main_theme ) { 
     
    100100                exit; 
    101101            } 
    102              
     102 
    103103            include(ABSPATH . 'wp-admin/update.php'); 
    104104 
     
    149149                require_once(ABSPATH . 'wp-admin/admin-footer.php'); 
    150150                exit; 
    151             } //Endif verify-delete 
    152             foreach( $themes as $theme ) 
     151            } // Endif verify-delete 
     152            check_admin_referer('bulk-themes'); 
     153            foreach ( $themes as $theme ) 
    153154                $delete_result = delete_theme( $theme ); 
    154155            wp_redirect( network_admin_url( 'themes.php?deleted=true' ) ); 
Note: See TracChangeset for help on using the changeset viewer.