Changeset 7375 for trunk/wp-admin/admin-ajax.php

Timestamp:

03/18/2008 02:43:20 AM (18 years ago)

Author:

ryan

Message:

Renew autosave nonce. Props andy. fixes #6266

File:

• trunk/wp-admin/admin-ajax.php (modified) (2 diffs)

trunk/wp-admin/admin-ajax.php

@@ -461 +461 @@
     break;
 case 'autosave' : // The name of this action is hardcoded in edit_post()
-    check_ajax_referer( 'autosave', 'autosavenonce' );
+    $nonce_age = check_ajax_referer( 'autosave', 'autosavenonce');
     global $current_user;
 
@@ -520 +520 @@
     if ( $do_lock && $id && is_numeric($id) )
         wp_set_post_lock( $id );
+
+    if ( $nonce_age == 2 )
+        $supplemental['replace-autosavenonce'] = wp_create_nonce('autosave');
 
     $x = new WP_Ajax_Response( array(