Make WordPress Core


Ignore:
Timestamp:
08/25/2007 05:07:10 PM (17 years ago)
Author:
ryan
Message:

Add nonces to tag importers. Props xknown. fixes #4811

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/import/wp-cat2tag.php

    r5700 r5941  
    3939    function categories_form() {
    4040        print '<form action="admin.php?import=wp-cat2tag&amp;step=2" method="post">';
     41        wp_nonce_field('import-cat2tag');
    4142        print '<ul style="list-style:none">';
    4243
     
    145146
    146147        print '<form action="admin.php?import=wp-cat2tag" method="post">';
     148        wp_nonce_field('import-cat2tag');
    147149        print '<p style="text-align:center" class="submit"><input type="submit" value="' . __('Yes') . '" name="yes_convert_all_cats" />&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" value="' . __('No') . '" name="no_dont_do_it" /></p>';
    148150        print '</form>';
     
    159161
    160162    function init() {
    161         echo '<!--'; print_r($_POST); print_r($_GET); echo '-->';
    162163
    163164        if (isset($_POST['maybe_convert_all_cats'])) {
     
    178179            print '</div>';
    179180        } else {
     181            if ( $step > 1 )
     182                check_admin_referer('import-cat2tag');
     183
    180184            switch ($step) {
    181185                case 1 :
Note: See TracChangeset for help on using the changeset viewer.