Changeset 24528 for trunk/wp-admin/includes/misc.php
- Timestamp:
- 06/29/2013 01:31:44 AM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/misc.php
r24408 r24528 640 640 if ( array_key_exists( 'wp-refresh-post-nonces', $data ) ) { 641 641 $received = $data['wp-refresh-post-nonces']; 642 $response['wp-refresh-post-nonces'] = array( 'check' => 1 ); 642 643 643 644 if ( ! $post_id = absint( $received['post_id'] ) ) 644 645 return $response; 645 646 646 if ( ! current_user_can( 'edit_post', $post_id) )647 if ( ! current_user_can( 'edit_post', $post_id ) || empty( $received['post_nonce'] ) ) 647 648 return $response; 648 649 649 if ( ! empty( $received['post_nonce'] ) &&2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) {650 if ( 2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) { 650 651 $response['wp-refresh-post-nonces'] = array( 651 'replace-autosavenonce' => wp_create_nonce('autosave'), 652 'replace-getpermalinknonce' => wp_create_nonce('getpermalink'), 653 'replace-samplepermalinknonce' => wp_create_nonce('samplepermalink'), 654 'replace-closedpostboxesnonce' => wp_create_nonce('closedpostboxes'), 655 'replace-_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ), 656 'replace-_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), 652 'replace' => array( 653 'autosavenonce' => wp_create_nonce('autosave'), 654 'getpermalinknonce' => wp_create_nonce('getpermalink'), 655 'samplepermalinknonce' => wp_create_nonce('samplepermalink'), 656 'closedpostboxesnonce' => wp_create_nonce('closedpostboxes'), 657 '_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ), 658 '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), 659 ), 660 'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ), 657 661 ); 658 662 }
Note: See TracChangeset
for help on using the changeset viewer.