WordPress.org

Make WordPress Core

Changeset 17992


Ignore:
Timestamp:
05/22/11 23:18:58 (3 years ago)
Author:
ryan
Message:

Add a nonce.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/ms-delete-site.php

    r16061 r17992  
    3535 
    3636if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == '1' ) { 
     37    check_admin_referer( 'delete-blog' ); 
     38 
    3739    $hash = wp_generate_password( 20, false ); 
    3840    update_option( 'delete_blog_hash', $hash ); 
     
    6971 
    7072    <form method="post" name="deletedirect"> 
     73        <?php wp_nonce_field( 'delete-blog' ) ?> 
    7174        <input type="hidden" name="action" value="deleteblog" /> 
    7275        <p><input id="confirmdelete" type="checkbox" name="confirmdelete" value="1" /> <label for="confirmdelete"><strong><?php printf( __( "I'm sure I want to permanently disable my site, and I am aware I can never get it back or use %s again." ), is_subdomain_install() ? $current_blog->domain : $current_blog->domain . $current_blog->path ); ?></strong></label></p> 
    7376        <?php submit_button( __( 'Delete My Site Permanently' ) ); ?> 
    7477    </form> 
    75     <?php 
     78    <?php 
    7679} 
    7780echo '</div>'; 
Note: See TracChangeset for help on using the changeset viewer.