Make WordPress Core

Opened 15 years ago

Closed 15 years ago

#12049 closed defect (bug) (fixed)

QuickPress POST request returns 403 forbidden error/WordPress failure notice. POST requests multiply when button is clicked again.

Reported by: beatpanda's profile beatpanda Owned by: azaozz's profile azaozz
Milestone: 3.0 Priority: normal
Severity: major Version: 3.0
Component: Widgets Keywords: has-patch
Focuses: Cc:

Description

QuickPress appears to be broken in 3.0-alpha. A request is made to wp-admin/post.php, and the request returns the "WordPress Failure notice" page with the message "Are you sure you want to do this?"

Even weirder, if you click "publish" again, two POST requests are sent out, and if you click again it turns into 4. The spinner graphic also multiplies every time.

Attachments (1)

12049.diff (1.5 KB) - added by nacin 15 years ago.

Download all attachments as: .zip

Change History (4)

#1 @beatpanda
15 years ago

  • Milestone set to 3.0

@nacin
15 years ago

#2 @nacin
15 years ago

  • Keywords has-patch added

There used to be check_admin_referer('add_post'). Now it's "add_{$post_type}", which QuickPress doesn't specify.

The simple fix would be to have QuickPress also pass a post type. A bigger fix would be to always set $post_type to 'post' when otherwise not specified, and there may be a backwards compatibility argument for that, though that will require some refactoring.

Related #9674. Other recent QuickPress tickets that jump out when testing this are #11504 (E_NOTICEs) and #10680 (ugly placement of spinner).

#3 @ryan
15 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [12874]) Set post_type for QuickPress publishing. Props nacin. fixes #12049

Note: See TracTickets for help on using tickets.