Add nonces to importers

git-svn-id: https://develop.svn.wordpress.org/trunk@5404 602fd350-edb4-49c9-b593-d223f7449a82
2026-06-28 14:20:15 +00:00 · 2007-05-07 15:56:53 +00:00
parent 7c1f56b9b7
commit e8da828363
9 changed files with 57 additions and 26 deletions
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -2030,6 +2030,7 @@ function wp_import_upload_form( $action ) {
 ?>
 <form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo attribute_escape($action) ?>">
 <p>
+<?php wp_nonce_field('import-upload'); ?>
 <label for="upload"><?php _e( 'Choose a file from your computer:' ); ?></label> (<?php printf( __('Maximum size: %s' ), $size ); ?> )
 <input type="file" id="upload" name="import" size="25" />
 <input type="hidden" name="action" value="save" />