Make WordPress Core


Ignore:
Timestamp:
07/28/2015 10:06:52 PM (9 years ago)
Author:
azaozz
Message:

Fix updating of nonces on the Edit Post screen after the log in expires and the user logs in again.
Props iseulde, azaozz. Fixes #33098.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/misc.php

    r32672 r33468  
    772772        $response['wp-refresh-post-nonces'] = array( 'check' => 1 );
    773773
    774         if ( ! $post_id = absint( $received['post_id'] ) )
     774        if ( ! $post_id = absint( $received['post_id'] ) ) {
    775775            return $response;
    776 
    777         if ( ! current_user_can( 'edit_post', $post_id ) || empty( $received['post_nonce'] ) )
     776        }
     777
     778        if ( ! current_user_can( 'edit_post', $post_id ) ) {
    778779            return $response;
    779 
    780         if ( 2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) {
    781             $response['wp-refresh-post-nonces'] = array(
    782                 'replace' => array(
    783                     'getpermalinknonce' => wp_create_nonce('getpermalink'),
    784                     'samplepermalinknonce' => wp_create_nonce('samplepermalink'),
    785                     'closedpostboxesnonce' => wp_create_nonce('closedpostboxes'),
    786                     '_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ),
    787                     '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
    788                 ),
    789                 'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ),
    790             );
    791         }
     780        }
     781
     782        $response['wp-refresh-post-nonces'] = array(
     783            'replace' => array(
     784                'getpermalinknonce' => wp_create_nonce('getpermalink'),
     785                'samplepermalinknonce' => wp_create_nonce('samplepermalink'),
     786                'closedpostboxesnonce' => wp_create_nonce('closedpostboxes'),
     787                '_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ),
     788                '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
     789            ),
     790            'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ),
     791        );
    792792    }
    793793
Note: See TracChangeset for help on using the changeset viewer.