Make WordPress Core

Changeset 3665


Ignore:
Timestamp:
03/30/2006 11:12:54 PM (19 years ago)
Author:
ryan
Message:

Ref checks from mdawaffe.

Location:
trunk
Files:
11 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/categories.php

    r3660 r3665  
    2424
    2525case 'addcat':
     26
     27    check_admin_referer();
    2628
    2729    if ( !current_user_can('manage_categories') )
     
    9496
    9597case 'editedcat':
     98    check_admin_referer();
     99
    96100    if ( !current_user_can('manage_categories') )
    97101        die (__('Cheatin’ uh?'));
  • trunk/wp-admin/comment.php

    r3566 r3665  
    165165case 'approvecomment':
    166166
     167    check_admin_referer();
     168
    167169    $comment = (int) $_GET['comment'];
    168170    $p = (int) $_GET['p'];
     
    195197case 'editedcomment':
    196198
     199    check_admin_referer();
     200
    197201    edit_comment();
    198202
  • trunk/wp-admin/edit-comments.php

    r3660 r3665  
    5252<?php
    5353if ( !empty( $_POST['delete_comments'] ) ) :
     54    check_admin_referer();
     55
    5456    $i = 0;
    5557    foreach ($_POST['delete_comments'] as $comment) : // Check the permissions on each
  • trunk/wp-admin/inline-uploading.php

    r3544 r3665  
    22
    33require_once('admin.php');
     4
     5check_admin_referer();
    46
    57header('Content-Type: text/html; charset=' . get_option('blog_charset'));
  • trunk/wp-admin/link-import.php

    r3570 r3665  
    6464
    6565    case 1: {
     66        check_admin_referer();
     67
    6668                include_once('admin-header.php');
    6769                if ( !current_user_can('manage_links') )
  • trunk/wp-admin/moderation.php

    r3599 r3665  
    3232
    3333case 'update':
     34
     35    check_admin_referer();
    3436
    3537    if ( ! current_user_can('moderate_comments') )
  • trunk/wp-admin/options-permalink.php

    r3517 r3665  
    5959
    6060if ( isset($_POST) ) {
     61    check_admin_referer();
     62
    6163    if ( isset($_POST['permalink_structure']) ) {
    6264        $permalink_structure = $_POST['permalink_structure'];
  • trunk/wp-admin/plugin-editor.php

    r3541 r3665  
    3434
    3535case 'update':
     36
     37    check_admin_referer();
    3638
    3739    if ( !current_user_can('edit_plugins') )
  • trunk/wp-admin/templates.php

    r3541 r3665  
    3737case 'update':
    3838
     39    check_admin_referer();
     40
    3941    if ( ! current_user_can('edit_files') )
    40     die('<p>'.__('You have do not have sufficient permissions to edit templates for this blog.').'</p>');
     42        die('<p>'.__('You have do not have sufficient permissions to edit templates for this blog.').'</p>');
    4143
    4244    $newcontent = stripslashes($_POST['newcontent']);
  • trunk/wp-admin/theme-editor.php

    r3541 r3665  
    4747
    4848case 'update':
     49
     50    check_admin_referer();
    4951
    5052    if ( !current_user_can('edit_themes') )
  • trunk/wp-includes/classes.php

    r3639 r3665  
    4141                        continue;
    4242                    $fulltext = strtolower($comment->email.' '.$comment->url.' '.$comment->ip.' '.$comment->text);
    43                     if( strpos( $fulltext, strtolower($word) ) != FALSE ) {
     43                    if( false !== strpos( $fulltext, strtolower($word) ) ) {
    4444                        $this->found_comments[] = $comment->ID;
    4545                        break;
Note: See TracChangeset for help on using the changeset viewer.