Make WordPress Core

Opened 14 years ago

Closed 14 years ago

#12049 closed defect (bug) (fixed)

QuickPress POST request returns 403 forbidden error/WordPress failure notice. POST requests multiply when button is clicked again.

Reported by: beatpanda's profile beatpanda Owned by: azaozz's profile azaozz
Milestone: 3.0 Priority: normal
Severity: major Version: 3.0
Component: Widgets Keywords: has-patch
Focuses: Cc:


QuickPress appears to be broken in 3.0-alpha. A request is made to wp-admin/post.php, and the request returns the "WordPress Failure notice" page with the message "Are you sure you want to do this?"

Even weirder, if you click "publish" again, two POST requests are sent out, and if you click again it turns into 4. The spinner graphic also multiplies every time.

Attachments (1)

12049.diff (1.5 KB) - added by nacin 14 years ago.

Download all attachments as: .zip

Change History (4)

#1 @beatpanda
14 years ago

  • Milestone set to 3.0

14 years ago

#2 @nacin
14 years ago

  • Keywords has-patch added

There used to be check_admin_referer('add_post'). Now it's "add_{$post_type}", which QuickPress doesn't specify.

The simple fix would be to have QuickPress also pass a post type. A bigger fix would be to always set $post_type to 'post' when otherwise not specified, and there may be a backwards compatibility argument for that, though that will require some refactoring.

Related #9674. Other recent QuickPress tickets that jump out when testing this are #11504 (E_NOTICEs) and #10680 (ugly placement of spinner).

#3 @ryan
14 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [12874]) Set post_type for QuickPress publishing. Props nacin. fixes #12049

Note: See TracTickets for help on using tickets.