WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
05/11/2006 11:05:45 PM (20 years ago)
Author:
ryan
Message:

Backport nonces and pluggable cookies.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/2.0/wp-admin/categories.php

    r3737 r3771  
    2626case 'addcat':
    2727
    28     check_admin_referer();
     28    check_admin_referer('add-category');
    2929
    3030    if ( !current_user_can('manage_categories') )
     
    3737
    3838case 'delete':
    39 
    40     check_admin_referer();
     39    $cat_ID = (int) $_GET['cat_ID'];
     40    check_admin_referer('delete-category' .  $cat_ID);
    4141
    4242    if ( !current_user_can('manage_categories') )
    4343        die (__('Cheatin’ uh?'));
    4444
    45     $cat_ID = (int) $_GET['cat_ID'];
    4645    $cat_name = get_catname($cat_ID);
    4746
     
    6564 <h2><?php _e('Edit Category') ?></h2>
    6665 <form name="editcat" action="categories.php" method="post">
     66      <?php wp_nonce_field('update-category' .  $category->cat_ID); ?>
    6767      <table class="editform" width="100%" cellspacing="2" cellpadding="5">
    6868        <tr>
     
    9797
    9898case 'editedcat':
    99     check_admin_referer();
     99    $cat_ID = (int) $_POST['cat_ID'];
     100    check_admin_referer('update-category' . $cat_ID);
    100101
    101102    if ( !current_user_can('manage_categories') )
     
    151152    <h2><?php _e('Add New Category') ?></h2>
    152153    <form name="addcat" id="addcat" action="categories.php" method="post">
    153        
     154    <?php wp_nonce_field('add-category'); ?>
    154155        <p><?php _e('Name:') ?><br />
    155156        <input type="text" name="cat_name" value="" /></p>
Note: See TracChangeset for help on using the changeset viewer.