Make WordPress Core

Changeset 3759


Ignore:
Timestamp:
05/02/2006 10:36:06 PM (18 years ago)
Author:
ryan
Message:

Nonce from above. #2678

Location:
trunk/wp-admin
Files:
30 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-functions.php

    r3754 r3759  
    710710    <td><a href="<?php the_permalink(); ?>" rel="permalink" class="edit"><?php _e('View'); ?></a></td>
    711711    <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='page.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
    712     <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='page.php?action=delete&amp;post=$id' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; page.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), addslashes(wp_specialchars(get_the_title(),'double')) ) . "' );\">" . __('Delete') . "</a>"; } ?></td>
     712    <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='" . wp_nonce_url("page.php?action=delete&amp;post=$id", 'delete-page' . $id) .  "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; page.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), addslashes(wp_specialchars(get_the_title(),'double')) ) . "' );\">" . __('Delete') . "</a>"; } ?></td>
    713713  </tr>
    714714
  • trunk/wp-admin/categories.php

    r3728 r3759  
    2525case 'addcat':
    2626
    27     check_admin_referer();
     27    check_admin_referer('add-category');
    2828
    2929    if ( !current_user_can('manage_categories') )
     
    3636
    3737case 'delete':
    38 
    39     check_admin_referer();
     38    $cat_ID = (int) $_GET['cat_ID'];
     39    check_admin_referer('delete-category' .  $cat_ID);
    4040
    4141    if ( !current_user_can('manage_categories') )
    4242        die (__('Cheatin&#8217; uh?'));
    4343
    44     $cat_ID = (int) $_GET['cat_ID'];
    4544    $cat_name = get_catname($cat_ID);
    4645
     
    6867 <h2><?php _e('Edit Category') ?></h2>
    6968 <form name="editcat" action="categories.php" method="post">
     69      <?php wp_nonce_field('update-category' .  $category->cat_ID); ?>
    7070      <table class="editform" width="100%" cellspacing="2" cellpadding="5">
    7171        <tr>
     
    100100
    101101case 'editedcat':
    102     check_admin_referer();
     102    $cat_ID = (int) $_POST['cat_ID'];
     103    check_admin_referer('update-category' . $cat_ID);
    103104
    104105    if ( !current_user_can('manage_categories') )
     
    158159    <h2><?php _e('Add New Category') ?></h2>
    159160    <form name="addcat" id="addcat" action="categories.php" method="post">
     161        <?php wp_nonce_field('add-category'); ?>
    160162        <div class="alignleft"><?php _e('Name:') ?><br />
    161163        <input type="text" name="cat_name" id="cat_name" value="" /></p>
  • trunk/wp-admin/comment.php

    r3721 r3759  
    9090
    9191case 'deletecomment':
    92 
    93     check_admin_referer();
    94 
    9592    $comment = (int) $_REQUEST['comment'];
     93    check_admin_referer('delete-comment' . $comment);
     94
    9695    $p = (int) $_REQUEST['p'];
    9796    if ( isset($_REQUEST['noredir']) ) {
     
    124123
    125124case 'unapprovecomment':
    126 
    127     check_admin_referer();
    128 
    129     $comment = (int) $_GET['comment'];
     125    $comment = (int) $_GET['comment'];
     126    check_admin_referer('unapprove-comment' . $comment);
     127   
    130128    $p = (int) $_GET['p'];
    131129    if (isset($_GET['noredir'])) {
     
    152150
    153151case 'approvecomment':
    154 
    155     check_admin_referer();
    156 
    157     $comment = (int) $_GET['comment'];
     152    $comment = (int) $_GET['comment'];
     153    check_admin_referer('approve-comment' . $comment);
     154
    158155    $p = (int) $_GET['p'];
    159156    if (isset($_GET['noredir'])) {
     
    185182case 'editedcomment':
    186183
    187     check_admin_referer();
     184    check_admin_referer('update-comment');
    188185
    189186    edit_comment();
  • trunk/wp-admin/edit-comments.php

    r3722 r3759  
    5252<?php
    5353if ( !empty( $_POST['delete_comments'] ) ) :
    54     check_admin_referer();
     54    check_admin_referer('bulk-comments');
    5555
    5656    $i = 0;
     
    120120if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
    121121    echo " <a href='comment.php?action=editcomment&amp;comment=".$comment->comment_ID."\'>" .  __('Edit') . '</a>';
    122     echo ' | <a href="comment.php?action=deletecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($comment->comment_author, 1)) . "' );\">" . __('Delete') . '</a> ';
     122    echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'delete-comment' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($comment->comment_author, 1)) . "' );\">" . __('Delete') . '</a> ';
    123123    if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
    124         echo '<span class="unapprove"> | <a href="comment.php?action=unapprovecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Unapprove') . '</a> </span>';
    125         echo '<span class="approve"> | <a href="comment.php?action=approvecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Approve') . '</a> </span>';
     124        echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'unapprove-comment' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Unapprove') . '</a> </span>';
     125        echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'approve-comment' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Approve') . '</a> </span>';
    126126    }
    127127    echo " | <a href=\"comment.php?action=deletecomment&amp;delete_type=spam&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), wp_specialchars( $comment->comment_author, 1 ))  . "' );\">" . __('Spam') . "</a> ";
     
    151151
    152152    if ($comments) {
    153         echo '<form name="deletecomments" id="deletecomments" action="" method="post">
    154         <table width="100%" cellpadding="3" cellspacing="3">
     153        echo '<form name="deletecomments" id="deletecomments" action="" method="post"> ';
     154        wp_nonce_field('bulk-comments');
     155        echo '<table width="100%" cellpadding="3" cellspacing="3">
    155156  <tr>
    156157    <th scope="col">*</th>
  • trunk/wp-admin/edit-form-advanced.php

    r3664 r3759  
    2323    $temp_ID = -1 * time();
    2424    $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
     25    wp_nonce_field('add-post');
    2526} else {
    2627    $form_action = 'editpost';
    2728    $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
     29    wp_nonce_field('update-post' .  $post_ID);
    2830}
    2931
     
    174176if (current_user_can('upload_files')) {
    175177    $uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
    176     $uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
     178    $uploading_iframe_src = wp_nonce_url("inline-uploading.php?action=view&amp;post=$uploading_iframe_ID", 'inlineuploading');
    177179    $uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
    178180    if ( false != $uploading_iframe_src )
  • trunk/wp-admin/edit-form-comment.php

    r3721 r3759  
    77
    88<form name="post" action="comment.php" method="post" id="post">
     9<?php wp_nonce_field('update-comment' . $comment->comment_ID) ?>
    910<div class="wrap">
    1011<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
  • trunk/wp-admin/edit-link-form.php

    r3729 r3759  
    33    $heading = __('Edit Bookmark');
    44    $submit_text = __('Save Changes &raquo;');
    5     $form = '<form name="editlink" id="editlink" method="post" action="link.php">';
     5    $form = '<form name="editlink" id="editlink" method="post" action="link.php">';
     6    $nonce_action = 'update-bookmark' . $link_id;
    67} else {
    78    $heading = __('Create Bookmark');
    89    $submit_text = __('Add Bookmark &raquo;');
    910    $form = '<form name="addlink" id="addlink" method="post" action="link.php">';
     11    $nonce_action = 'add-bookmark';
    1012}
    1113
     
    3234<h2><?php echo $heading ?></h2>
    3335<?php echo $form ?>
    34  
     36<?php wp_nonce_field($nonce_action); ?>
     37
    3538<div id="poststuff">
    3639<div id="moremeta">
  • trunk/wp-admin/edit-page-form.php

    r3664 r3759  
    66if (0 == $post_ID) {
    77    $form_action = 'post';
     8    $nonce_action = 'add-page';
    89    $temp_ID = -1 * time();
    910    $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
    1011} else {
    1112    $form_action = 'editpost';
     13    $nonce_action = 'update-page' . $post_ID;
    1214    $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
    1315}
     
    2426
    2527<?php
     28wp_nonce_field($nonce_action);
     29
    2630if (isset($mode) && 'bookmarklet' == $mode) {
    2731    echo '<input type="hidden" name="mode" value="bookmarklet" />';
     
    151155if (current_user_can('upload_files')) {
    152156    $uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
    153     $uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
     157    $uploading_iframe_src = wp_nonce_url("inline-uploading.php?action=view&amp;post=$uploading_iframe_ID", 'inlineuploading');
    154158    $uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
    155159    if ( false != $uploading_iframe_src )
  • trunk/wp-admin/edit.php

    r3724 r3759  
    212212    case 'control_delete':
    213213        ?>
    214         <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . sprintf(__("You are about to delete this post &quot;%s&quot;.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), addslashes(wp_specialchars(get_the_title(),'double')) ) . "' );\">" . __('Delete') . "</a>"; } ?></td>
     214        <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . sprintf(__("You are about to delete this post &quot;%s&quot;.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), addslashes(wp_specialchars(get_the_title(),'double')) ) . "' );\">" . __('Delete') . "</a>"; } ?></td>
    215215        <?php
    216216        break;
     
    274274if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
    275275    echo " <a href='comment.php?action=editcomment&amp;comment=".$comment->comment_ID."\'>" .  __('Edit') . '</a>';
    276     echo ' | <a href="comment.php?action=deletecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($comment->comment_author, 1)) . "' );\">" . __('Delete') . '</a> ';
     276    echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'delete-comment' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($comment->comment_author, 1)) . "' );\">" . __('Delete') . '</a> ';
    277277    if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
    278         echo '<span class="unapprove"> | <a href="comment.php?action=unapprovecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Unapprove') . '</a> </span>';
    279         echo '<span class="approve"> | <a href="comment.php?action=approvecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Approve') . '</a> </span>';
     278        echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'unapprove-comment' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Unapprove') . '</a> </span>';
     279        echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'approve-comment' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\' );">' . __('Approve') . '</a> </span>';
    280280    }
    281     echo " | <a href=\"comment.php?action=deletecomment&amp;delete_type=spam&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), wp_specialchars( $comment->comment_author, 1 ))  . "' );\">" . __('Spam') . "</a> ]";
     281    echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;delete_type=spam&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID, 'delete-comment' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), wp_specialchars( $comment->comment_author, 1 ))  . "' );\">" . __('Spam') . "</a> ]";
    282282} // end if any comments to show
    283283?>
  • trunk/wp-admin/inline-uploading.php

    r3665 r3759  
    33require_once('admin.php');
    44
    5 check_admin_referer();
     5check_admin_referer('inlineuploading');
    66
    77header('Content-Type: text/html; charset=' . get_option('blog_charset'));
     
    4242wp_delete_attachment($attachment);
    4343
    44 header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=view&start=$start");
     44header("Location: ". wp_nonce_url(basename(__FILE__)."?post=$post&all=$all&action=view&start=$start", 'inlineuploading'));
    4545die;
    4646
     
    101101}
    102102
    103 header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=view&start=0");
     103header("Location: ". wp_nonce_url(basename(__FILE__)."?post=$post&all=$all&action=view&start=0", 'inlineuploading'));
    104104die();
    105105
     
    140140
    141141if ( count($attachments) == 0 ) {
    142     header("Location: ".basename(__FILE__)."?post=$post&action=upload");
     142    header("Location: ". wp_nonce_url(basename(__FILE__)."?post=$post&action=upload", 'inlineuploading') );
    143143    die;
    144144} elseif ( count($attachments) > $num ) {
  • trunk/wp-admin/link-manager.php

    r3718 r3759  
    111111
    112112<form id="links" method="post" action="link.php">
     113<?php wp_nonce_field('bulk-bookmarks') ?>
    113114<input type="hidden" name="link_id" value="" />
    114115<input type="hidden" name="action" value="" />
     
    176177
    177178        echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=edit" class="edit">'.__('Edit').'</a></td>';
    178         echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=delete"'." class='delete' onclick=\"return deleteSomething( 'link', $link->link_id , '".sprintf(__("You are about to delete the &quot;%s&quot; bookmark to %s.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($link->link_name, 1), wp_specialchars($link->link_url)).'\' );" class="delete">'.__('Delete').'</a></td>';
     179        echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark' . $link->link_id ) . '"'." class='delete' onclick=\"return deleteSomething( 'link', $link->link_id , '".sprintf(__("You are about to delete the &quot;%s&quot; bookmark to %s.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($link->link_name, 1), wp_specialchars($link->link_url)).'\' );" class="delete">'.__('Delete').'</a></td>';
    179180        echo '<td align="center"><input type="checkbox" name="linkcheck[]" value="'.$link->link_id.'" /></td>';
    180181        echo "\n    </tr>\n";
  • trunk/wp-admin/link.php

    r3570 r3759  
    3030switch ($action) {
    3131        case 'deletebookmarks' :
    32         check_admin_referer();
     32        check_admin_referer('bulk-bookmarks');
    3333
    3434        // check the current user's level first.
     
    5454
    5555    case 'move' :
    56         check_admin_referer();
     56        check_admin_referer('bulk-bookmarks');
    5757
    5858        // check the current user's level first.
     
    7373
    7474    case 'add' :
    75         check_admin_referer();
     75        check_admin_referer('add-bookmark');
    7676
    7777        add_link();
     
    8181
    8282    case 'save' :
    83         check_admin_referer();
     83        $link_id = (int) $_POST['link_id'];
     84        check_admin_referer('update-bookmark' . $link_id);
    8485
    85         $link_id = (int) $_POST['link_id'];
    8686        edit_link($link_id);
    8787
     
    9191
    9292    case 'delete' :
    93         check_admin_referer();
     93        $link_id = (int) $_GET['link_id'];
     94        check_admin_referer('delete-bookmark' . $link_id);
    9495
    9596        if (!current_user_can('manage_links'))
    9697            die(__("Cheatin' uh ?"));
    97 
    98         $link_id = (int) $_GET['link_id'];
    9998
    10099        wp_delete_link($link_id);
  • trunk/wp-admin/moderation.php

    r3722 r3759  
    3333case 'update':
    3434
    35     check_admin_referer();
     35    check_admin_referer('moderate-comments');
    3636
    3737    if ( ! current_user_can('moderate_comments') )
     
    133133    <h2><?php _e('Moderation Queue') ?></h2>
    134134    <form name="approval" action="moderation.php" method="post">
     135    <?php wp_nonce_field('moderate-comments') ?>
    135136    <input type="hidden" name="action" value="update" />
    136137    <ol id="the-list" class="commentlist">
  • trunk/wp-admin/options-discussion.php

    r3345 r3759  
    2222<h2><?php _e('Discussion Options') ?></h2>
    2323<form method="post" action="options.php">
     24<?php wp_nonce_field('update-options') ?>
    2425<fieldset class="options">
    2526<legend><?php _e('Usual settings for an article:<br /><small><em>(These settings may be overridden for individual articles.)</em></small>') ?></legend>
  • trunk/wp-admin/options-general.php

    r3677 r3759  
    1111<h2><?php _e('General Options') ?></h2>
    1212<form method="post" action="options.php">
     13<?php wp_nonce_field('update-options') ?>
    1314<table class="optiontable">
    1415<tr valign="top">
  • trunk/wp-admin/options-misc.php

    r3570 r3759  
    1212<h2><?php _e('Miscellaneous Options') ?></h2>
    1313<form method="post" action="options.php">
    14 
     14<?php wp_nonce_field('update-options') ?>
    1515<fieldset class="options">
    1616<legend><?php _e('Uploading'); ?></legend>
  • trunk/wp-admin/options-permalink.php

    r3665 r3759  
    5858$home_path = get_home_path();
    5959
    60 if ( isset($_POST) ) {
    61     check_admin_referer();
     60if ( isset($_POST['permalink_structure']) || isset($_POST['category_base']) ) {
     61    check_admin_referer('update-permalink');
    6262
    6363    if ( isset($_POST['permalink_structure']) ) {
     
    118118?>
    119119<form name="form" action="options-permalink.php" method="post">
     120<?php wp_nonce_field('update-permalink') ?>
    120121<h3><?php _e('Common options:'); ?></h3>
    121122<p>
     
    166167  <p><?php _e('If your <code>.htaccess</code> file were <a href="http://codex.wordpress.org/Make_a_Directory_Writable">writable</a>, we could do this automatically, but it isn&#8217;t so these are the mod_rewrite rules you should have in your <code>.htaccess</code> file. Click in the field and press <kbd>CTRL + a</kbd> to select all.') ?></p>
    167168<form action="options-permalink.php" method="post">
     169<?php wp_nonce_field('update-permalink') ?>
    168170   <p>
    169171<textarea rows="5" style="width: 98%;" name="rules"><?php echo $wp_rewrite->mod_rewrite_rules(); ?>
  • trunk/wp-admin/options-reading.php

    r3583 r3759  
    1111<h2><?php _e('Reading Options') ?></h2>
    1212<form name="form1" method="post" action="options.php">
     13<?php wp_nonce_field('update-options') ?>
    1314
    1415<?php if ( get_pages() ): ?>
  • trunk/wp-admin/options-writing.php

    r3570 r3759  
    1111<h2><?php _e('Writing Options') ?></h2>
    1212<form method="post" action="options.php">
     13<?php wp_nonce_field('update-options') ?>
    1314<table width="100%" cellspacing="2" cellpadding="5" class="editform">
    1415<tr valign="top">
  • trunk/wp-admin/options.php

    r3710 r3759  
    3030    $any_changed = 0;
    3131
    32     check_admin_referer();
     32    check_admin_referer('update-options');
    3333
    3434    if (!$_POST['page_options']) {
     
    9090  <h2><?php _e('All options'); ?></h2>
    9191  <form name="form" action="options.php" method="post">
     92  <?php wp_nonce_field('update-options') ?>
    9293  <input type="hidden" name="action" value="update" />
    9394  <table width="98%">
  • trunk/wp-admin/page.php

    r3674 r3759  
    2525switch($action) {
    2626case 'post':
    27 
     27    check_admin_referer('add-page');
    2828    $page_ID = write_post();
    2929
     
    7777case 'editattachment':
    7878    $page_id = $post_ID = (int) $_POST['post_ID'];
     79    check_admin_referer('update-attachment' . $page_id);
    7980
    8081    // Don't let these be changed
     
    9293
    9394case 'editpost':
     95    $page_ID = (int) $_POST['post_ID'];
     96    check_admin_referer('update-page' . $page_ID);
     97
    9498    $page_ID = edit_post();
    9599
     
    115119
    116120case 'delete':
    117     check_admin_referer();
    118 
    119121    $page_id = (isset($_GET['post']))  ? intval($_GET['post']) : intval($_POST['post_ID']);
     122    check_admin_referer('delete-page' .  $page_id);
    120123
    121124    $page = & get_post($page_id);
  • trunk/wp-admin/plugin-editor.php

    r3665 r3759  
    3535case 'update':
    3636
    37     check_admin_referer();
     37    check_admin_referer('edit-plugin' . $file);
    3838
    3939    if ( !current_user_can('edit_plugins') )
     
    9898    <?php   if (!$error) { ?>
    9999  <form name="template" id="template" action="plugin-editor.php" method="post">
     100  <?php wp_nonce_field('edit-plugin' . $file) ?>
    100101         <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1"><?php echo $content ?></textarea>
    101102     <input type="hidden" name="action" value="update" />
  • trunk/wp-admin/plugins.php

    r3517 r3759  
    33
    44if ( isset($_GET['action']) ) {
    5     check_admin_referer();
    6 
    75    if ('activate' == $_GET['action']) {
     6        check_admin_referer('activate-plugin' . $_GET['plugin']);
    87        $current = get_settings('active_plugins');
    98        if (!in_array($_GET['plugin'], $current)) {
     
    1615        header('Location: plugins.php?activate=true');
    1716    } else if ('deactivate' == $_GET['action']) {
     17        check_admin_referer('deactivate-plugin' . $_GET['plugin']);
    1818        $current = get_settings('active_plugins');
    1919        array_splice($current, array_search( $_GET['plugin'], $current), 1 ); // Array-fu!
     
    9999
    100100        if (!empty($current_plugins) && in_array($plugin_file, $current_plugins)) {
    101             $action = "<a href='plugins.php?action=deactivate&amp;plugin=$plugin_file' title='".__('Deactivate this plugin')."' class='delete'>".__('Deactivate')."</a>";
     101            $action = "<a href='" . wp_nonce_url("plugins.php?action=deactivate&amp;plugin=$plugin_file", 'deactivate-plugin' . $plugin_file) . "' title='".__('Deactivate this plugin')."' class='delete'>".__('Deactivate')."</a>";
    102102            $plugin_data['Title'] = "<strong>{$plugin_data['Title']}</strong>";
    103103            $style .= $style == 'alternate' ? ' active' : 'active';
    104104        } else {
    105             $action = "<a href='plugins.php?action=activate&amp;plugin=$plugin_file' title='".__('Activate this plugin')."' class='edit'>".__('Activate')."</a>";
     105            $action = "<a href='" . wp_nonce_url("plugins.php?action=activate&amp;plugin=$plugin_file", 'activate-plugin' . $plugin_file) . "' title='".__('Activate this plugin')."' class='edit'>".__('Activate')."</a>";
    106106        }
    107107        $plugin_data['Description'] = wp_kses($plugin_data['Description'], array('a' => array('href' => array(),'title' => array()),'abbr' => array('title' => array()),'acronym' => array('title' => array()),'code' => array(),'em' => array(),'strong' => array()) ); ;
  • trunk/wp-admin/post.php

    r3721 r3759  
    2525case 'postajaxpost':
    2626case 'post':
    27     check_admin_referer();
     27    check_admin_referer('add-post');
    2828   
    2929    $post_ID = 'post' == $action ? write_post() : edit_post();
     
    7979
    8080case 'editattachment':
    81     check_admin_referer();
     81    $post_id = (int) $_POST['post_ID'];
    8282
    83     $post_id = (int) $_POST['post_ID'];
     83    check_admin_referer('update-attachment' . $post_id);
    8484
    8585    // Don't let these be changed
     
    9797
    9898case 'editpost':
    99     check_admin_referer();
     99    $post_ID = (int) $_POST['post_ID'];
     100    check_admin_referer('update-post' . $post_ID);
    100101   
    101102    $post_ID = edit_post();
     
    122123
    123124case 'delete':
    124     check_admin_referer();
    125 
    126125    $post_id = (isset($_GET['post']))  ? intval($_GET['post']) : intval($_POST['post_ID']);
     126    check_admin_referer('delete-post' . $post_id);
    127127
    128128    $post = & get_post($post_id);
  • trunk/wp-admin/profile-update.php

    r3679 r3759  
    33require_once('admin.php');
    44
    5 check_admin_referer();
     5check_admin_referer('update-profile' . $user_ID);
    66
    77if ( !$_POST )
  • trunk/wp-admin/profile.php

    r3412 r3759  
    2020<h2><?php _e('Your Profile and Personal Options'); ?></h2>
    2121<form name="profile" id="your-profile" action="profile-update.php" method="post">
     22<?php wp_nonce_field('update-profile' . $user_ID) ?>
    2223<p>
    2324<input type="hidden" name="from" value="profile" />
  • trunk/wp-admin/templates.php

    r3687 r3759  
    3737case 'update':
    3838
    39     check_admin_referer();
     39    check_admin_referer('edit-file' . $file);
    4040
    4141    if ( ! current_user_can('edit_files') )
     
    129129<?php if (!$error) { ?>
    130130  <form name="template" id="template" action="templates.php" method="post">
     131  <?php wp_nonce_field('edit-file' . $file) ?>
    131132     <div><textarea cols="70" rows="25" name="newcontent" id='newcontent' tabindex="1"><?php echo $content ?></textarea>
    132133     <input type="hidden" name="action" value="update" />
  • trunk/wp-admin/theme-editor.php

    r3665 r3759  
    4848case 'update':
    4949
    50     check_admin_referer();
     50    check_admin_referer('edit-theme' . $file . $theme);
    5151
    5252    if ( !current_user_can('edit_themes') )
     
    132132    ?>
    133133  <form name="template" id="template" action="theme-editor.php" method="post">
     134  <?php wp_nonce_field('edit-theme' . $file . $theme) ?>
    134135         <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1"><?php echo $content ?></textarea>
    135136     <input type="hidden" name="action" value="update" />
  • trunk/wp-admin/themes.php

    r3517 r3759  
    33
    44if ( isset($_GET['action']) ) {
    5     check_admin_referer();
     5    check_admin_referer('switch-theme' . $_GET['template']);
    66
    77    if ('activate' == $_GET['action']) {
     
    7070    $screenshot = $themes[$theme_name]['Screenshot'];
    7171    $stylesheet_dir = $themes[$theme_name]['Stylesheet Dir'];
    72     $activate_link = "themes.php?action=activate&amp;template=$template&amp;stylesheet=$stylesheet";
     72    $activate_link = wp_nonce_url("themes.php?action=activate&amp;template=$template&amp;stylesheet=$stylesheet", 'switch-theme' . $template);
    7373?>
    7474<div class="available-theme">
  • trunk/wp-admin/users.php

    r3679 r3759  
    1212
    1313case 'promote':
    14     check_admin_referer();
     14    check_admin_referer('bulk-users');
    1515
    1616    if (empty($_POST['users'])) {
     
    4040case 'dodelete':
    4141
    42     check_admin_referer();
     42    check_admin_referer('delete-users');
    4343
    4444    if ( empty($_POST['users']) ) {
     
    7373case 'delete':
    7474
    75     check_admin_referer();
     75    check_admin_referer('bulk-users');
    7676
    7777    if (empty($_POST['users'])) {
     
    8787?>
    8888<form action="" method="post" name="updateusers" id="updateusers">
     89<?php wp_nonce_field('delete-users') ?>
    8990<div class="wrap">
    9091<h2><?php _e('Delete Users'); ?></h2>
     
    132133
    133134case 'adduser':
    134     check_admin_referer();
     135    check_admin_referer('add-user');
    135136
    136137    $user_id = add_user();
     
    206207
    207208<form action="" method="post" name="updateusers" id="updateusers">
     209<?php wp_nonce_field('bulk-users') ?>
    208210<div class="wrap">
    209211    <h2><?php _e('User List by Role'); ?></h2>
     
    258260<?php echo '<p>'.sprintf(__('Users can <a href="%1$s">register themselves</a> or you can manually create users here.'), get_settings('siteurl').'/wp-register.php').'</p>'; ?>
    259261<form action="" method="post" name="adduser" id="adduser">
     262  <?php wp_nonce_field('add-user') ?>
    260263  <table class="editform" width="100%" cellspacing="2" cellpadding="5">
    261264    <tr>
Note: See TracChangeset for help on using the changeset viewer.