Make WordPress Core


Ignore:
Timestamp:
05/02/2006 10:36:06 PM (19 years ago)
Author:
ryan
Message:

Nonce from above. #2678

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/users.php

    r3679 r3759  
    1212
    1313case 'promote':
    14     check_admin_referer();
     14    check_admin_referer('bulk-users');
    1515
    1616    if (empty($_POST['users'])) {
     
    4040case 'dodelete':
    4141
    42     check_admin_referer();
     42    check_admin_referer('delete-users');
    4343
    4444    if ( empty($_POST['users']) ) {
     
    7373case 'delete':
    7474
    75     check_admin_referer();
     75    check_admin_referer('bulk-users');
    7676
    7777    if (empty($_POST['users'])) {
     
    8787?>
    8888<form action="" method="post" name="updateusers" id="updateusers">
     89<?php wp_nonce_field('delete-users') ?>
    8990<div class="wrap">
    9091<h2><?php _e('Delete Users'); ?></h2>
     
    132133
    133134case 'adduser':
    134     check_admin_referer();
     135    check_admin_referer('add-user');
    135136
    136137    $user_id = add_user();
     
    206207
    207208<form action="" method="post" name="updateusers" id="updateusers">
     209<?php wp_nonce_field('bulk-users') ?>
    208210<div class="wrap">
    209211    <h2><?php _e('User List by Role'); ?></h2>
     
    258260<?php echo '<p>'.sprintf(__('Users can <a href="%1$s">register themselves</a> or you can manually create users here.'), get_settings('siteurl').'/wp-register.php').'</p>'; ?>
    259261<form action="" method="post" name="adduser" id="adduser">
     262  <?php wp_nonce_field('add-user') ?>
    260263  <table class="editform" width="100%" cellspacing="2" cellpadding="5">
    261264    <tr>
Note: See TracChangeset for help on using the changeset viewer.