Changeset 22930
- Timestamp:
- 11/30/2012 12:01:02 AM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/dashboard.php
r22831 r22930 132 132 133 133 if ( 'POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['widget_id']) ) { 134 check_admin_referer( 'edit-dashboard-widget_' . $_POST['widget_id'] ); 134 135 ob_start(); // hack - but the same hack wp-admin/widgets.php uses 135 136 wp_dashboard_trigger_widget_control( $_POST['widget_id'] ); … … 183 184 echo '<form action="" method="post" class="dashboard-widget-control-form">'; 184 185 wp_dashboard_trigger_widget_control( $meta_box['id'] ); 186 wp_nonce_field( 'edit-dashboard-widget_' . $meta_box['id'] ); 185 187 echo '<input type="hidden" name="widget_id" value="' . esc_attr($meta_box['id']) . '" />'; 186 188 submit_button( __('Submit') );
Note: See TracChangeset
for help on using the changeset viewer.