WordPress.org

Make WordPress Core

Changeset 17126


Ignore:
Timestamp:
12/23/10 18:53:44 (3 years ago)
Author:
nacin
Message:

bulk-themes nonce for network/themes.php deletion. props PeteMall, see #15969.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/network/themes.php

    r17122 r17126  
    7070            update_site_option( 'allowedthemes', $allowed_themes ); 
    7171            break; 
    72         case 'delete': 
    73             check_admin_referer('delete-theme_' . $_GET['template']); 
    74             if ( !current_user_can('delete_themes') ) 
    75                 wp_die( __( 'Cheatin’ uh?' ) ); 
    76             delete_theme($_GET['template']); 
    77             wp_redirect( network_admin_url('themes.php?deleted=true') ); 
    78             exit; 
    79             break; 
    8072        case 'delete-selected': 
    8173            if ( ! current_user_can( 'delete_themes' ) ) 
    8274                wp_die( __('You do not have sufficient permissions to delete themes for this site.') ); 
     75            check_admin_referer( 'bulk-themes' ); 
    8376 
    8477            $themes = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked'] : array(); 
Note: See TracChangeset for help on using the changeset viewer.