Changeset 3774
- Timestamp:
- 05/17/2006 12:28:26 AM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/pluggable-functions.php
r3761 r3774 233 233 $adminurl = strtolower(get_settings('siteurl')).'/wp-admin'; 234 234 $referer = strtolower($_SERVER['HTTP_REFERER']); 235 if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) ) { 235 if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) && 236 !(-1 == $action && strstr($referer, $adminurl)) ) { 237 236 238 $html = "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>\n<html xmlns='http://www.w3.org/1999/xhtml' lang='en' xml:lang='en'>\n\n"; 237 239 $html .= "<head>\n\t<title>" . __('WordPress Confirmation') . "</title>\n";
Note: See TracChangeset
for help on using the changeset viewer.