Make WordPress Core


Ignore:
Timestamp:
03/28/2011 09:32:01 PM (14 years ago)
Author:
ryan
Message:

Add some nonce checks to the uploaders. Props duck_. For 3.1.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.1/wp-admin/media-upload.php

    r16847 r17569  
    3939
    4040    if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
     41        check_admin_referer('media-form');
    4142        // Upload File button was clicked
    4243        $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
Note: See TracChangeset for help on using the changeset viewer.