Make WordPress Core


Ignore:
Timestamp:
05/02/2006 10:36:06 PM (19 years ago)
Author:
ryan
Message:

Nonce from above. #2678

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-page-form.php

    r3664 r3759  
    66if (0 == $post_ID) {
    77    $form_action = 'post';
     8    $nonce_action = 'add-page';
    89    $temp_ID = -1 * time();
    910    $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
    1011} else {
    1112    $form_action = 'editpost';
     13    $nonce_action = 'update-page' . $post_ID;
    1214    $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
    1315}
     
    2426
    2527<?php
     28wp_nonce_field($nonce_action);
     29
    2630if (isset($mode) && 'bookmarklet' == $mode) {
    2731    echo '<input type="hidden" name="mode" value="bookmarklet" />';
     
    151155if (current_user_can('upload_files')) {
    152156    $uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
    153     $uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
     157    $uploading_iframe_src = wp_nonce_url("inline-uploading.php?action=view&amp;post=$uploading_iframe_ID", 'inlineuploading');
    154158    $uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
    155159    if ( false != $uploading_iframe_src )
Note: See TracChangeset for help on using the changeset viewer.