Make WordPress Core

Opened 18 years ago

Closed 17 years ago

#3263 closed defect (bug) (fixed)

Nonces & forms

Reported by: viper007bond's profile Viper007Bond Owned by: markjaquith's profile markjaquith
Milestone: 2.3 Priority: normal
Severity: normal Version: 2.0.4
Component: Administration Keywords: needs-patch
Focuses: Cc:

Description

I have a form at admin.php?page=blah. In the $_POST handling for the form, I have a nonces check (which I've forced to fail for testing purposes by typing in a fake name). The result of this is a "Are you sure you want to do this" (no question mark at the end of that BTW) with a "No" link and a "Yes" button.

Now if I click the "Yes" button, it posts to admin.php which is then blank. It should post to the current URL instead in order for things to keep working.

No patch 'cause it's 7:30 in the morning and I'm still up, so I'm lazy / tired. :P

Change History (6)

#1 @markjaquith
18 years ago

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

(In [4410]) Questions should have question marks. Props Viper007Bond. Partially addresses: #3263

#2 @foolswisdom
18 years ago

  • Milestone changed from 2.0.5 to 2.1

I am guessing the main problem also applies to 2.1 . As 2.0.5 is in release candidate updating milestone to 2.1

#3 @markjaquith
18 years ago

Nonce code has some differences in 2.1, especially as it relates to AYS stuff, so we need this verified as a problem in 2.1

#4 @matt
18 years ago

  • Milestone changed from 2.1 to 2.2

#5 @foolswisdom
17 years ago

  • Milestone changed from 2.2 to 2.3

#6 @ryan
17 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.