Changeset 5941 for trunk/wp-admin/import/utw.php

Timestamp:

08/25/2007 05:07:10 PM (17 years ago)

Author:

ryan

Message:

Add nonces to tag importers. Props xknown. fixes #4811

File:

• trunk/wp-admin/import/utw.php (modified) (4 diffs)

trunk/wp-admin/import/utw.php

@@ -32 +32 @@
             $step = (int) $_GET['step'];
         }
+        
+        if ( $step > 1 )
+            check_admin_referer('import-utw');
 
         // load the header
@@ -103 +106 @@
 
         echo '<form action="admin.php?import=utw&amp;step=2" method="post">';
+        wp_nonce_field('import-utw');
         echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 2 &raquo;').'" /></p>';
         echo '</form>';
@@ -138 +142 @@
 
         echo '<form action="admin.php?import=utw&amp;step=3" method="post">';
+        wp_nonce_field('import-utw');
         echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 3 &raquo;').'" /></p>';
         echo '</form>';
@@ -156 +161 @@
 
         echo '<form action="admin.php?import=utw&amp;step=4" method="post">';
+        wp_nonce_field('import-utw');
         echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 4 &raquo;').'" /></p>';
         echo '</form>';