From 672dbe7edc0ce613459dc86700c5512264793b52 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Wed, 17 May 2006 00:28:26 +0000
Subject: [PATCH] Fallback to admin referer check instead of nonce if no action
 is given to check_admin_referer().  For plugin compatibility.

git-svn-id: https://develop.svn.wordpress.org/trunk@3774 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/pluggable-functions.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/wp-includes/pluggable-functions.php b/wp-includes/pluggable-functions.php
index 7728633ac4..d05ac9c977 100644
--- a/wp-includes/pluggable-functions.php
+++ b/wp-includes/pluggable-functions.php
@@ -232,7 +232,9 @@ function check_admin_referer($action = -1) {
 	global $pagenow;
 	$adminurl = strtolower(get_settings('siteurl')).'/wp-admin';
 	$referer = strtolower($_SERVER['HTTP_REFERER']);
-	if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) ) {
+	if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) &&
+		!(-1 == $action && strstr($referer, $adminurl)) ) {
+		
 		$html  = "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>\n<html xmlns='http://www.w3.org/1999/xhtml' lang='en' xml:lang='en'>\n\n";
 		$html .= "<head>\n\t<title>" . __('WordPress Confirmation') . "</title>\n";
 		$html .= "</head>\n<body>\n";