diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index 12800d2d89..61979a461c 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -513,11 +513,16 @@ case 'autosave-generate-nonces' : die('0'); break; case 'closed-postboxes' : - check_ajax_referer( $action ); - $closed = explode(',', $_POST['closed']); + check_ajax_referer( 'closedpostboxes', 'closedpostboxesnonce' ); + $closed = isset( $_POST['closed'] )? $_POST['closed'] : ''; + $closed = explode( ',', $_POST['closed'] ); + $page = isset( $_POST['page'] )? $_POST['page'] : ''; + if ( !preg_match( '/^[a-z-]+$/', $page ) ) { + die(-1); + } if (!is_array($closed)) break; $current_user = wp_get_current_user(); - update_usermeta($current_user->ID, 'closedpostboxes', $closed); + update_usermeta($current_user->ID, 'closedpostboxes_'.$page, $closed); break; case 'sample-permalink': check_ajax_referer( $action ); diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 5aca0a960b..6994be4260 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -89,6 +89,7 @@ addLoadEvent(focusit);
post_content); ?> + @@ -175,7 +176,7 @@ else echo clean_url(stripslashes(wp_get_referer())); ?>" /> -