vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-03-30 18:24:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Nonce from above. #2678

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@3759 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren
2006-05-02 22:36:06 +00:00
parent b96cd6f60c
commit fcfda4db13
30 changed files with 100 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
wp-admin/post.php
View File

@@ -24,7 +24,7 @@ if ( isset( $_POST['deletepost'] ) )
switch($action) {
case 'postajaxpost':
case 'post':
check_admin_referer();
check_admin_referer('add-post');
$post_ID = 'post' == $action ? write_post() : edit_post();
@@ -78,10 +78,10 @@ case 'edit':
break;
case 'editattachment':
check_admin_referer();
$post_id = (int) $_POST['post_ID'];
check_admin_referer('update-attachment' . $post_id);
// Don't let these be changed
unset($_POST['guid']);
$_POST['post_type'] = 'attachment';
@@ -96,7 +96,8 @@ case 'editattachment':
add_post_meta($post_id, '_wp_attachment_metadata', $newmeta);
case 'editpost':
check_admin_referer();
$post_ID = (int) $_POST['post_ID'];
check_admin_referer('update-post' . $post_ID);
$post_ID = edit_post();
@@ -121,9 +122,8 @@ case 'editpost':
break;
case 'delete':
check_admin_referer();
$post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']);
check_admin_referer('delete-post' . $post_id);
$post = & get_post($post_id);