sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Throw _doing_it_wrong() when nonce action not passed to check_admin_referer(). props duck_. see #16449

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@18195 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Mark Jaquith 2011-06-08 16:56:26 +00:00
parent 24d38bc521
commit 46a87bd9fa
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
wp-includes/pluggable.php
View File

@ -866,6 +866,9 @@ if ( !function_exists('check_admin_referer') ) :
* @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
*/
function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
if ( -1 == $action )
_doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2' );
$adminurl = strtolower(admin_url());
$referer = strtolower(wp_get_referer());
$result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;