Opened 9 years ago
Closed 9 years ago
#32207 closed enhancement (fixed)
check_admin_referer action only fires on success
Reported by: | markjaquith | Owned by: | markjaquith |
---|---|---|---|
Milestone: | 4.3 | Priority: | low |
Severity: | minor | Version: | 1.5.1 |
Component: | Administration | Keywords: | has-patch |
Focuses: | Cc: |
Description
The check_admin_referer
action in check_admin_referer()
fires after the conditional die()
. So there is no way to use this hook to log nonce failures in the admin.
I think we could move the action above the if
/die()
portion without causing any trouble.
Attachments (1)
Change History (7)
Note: See
TracTickets for help on using
tickets.
Like so.
Further reasoning on the move being okay: it passes
$result
. So people should have been checking that all along. I doubt anyone was assuming "this hook running means a nonce success".