diff --git a/wp-admin/categories.php b/wp-admin/categories.php
index 14e63f7227..9f444faca2 100644
--- a/wp-admin/categories.php
+++ b/wp-admin/categories.php
@@ -24,6 +24,8 @@ switch($action) {
case 'addcat':
+ check_admin_referer();
+
if ( !current_user_can('manage_categories') )
die (__('Cheatin’ uh?'));
@@ -93,6 +95,8 @@ case 'edit':
break;
case 'editedcat':
+ check_admin_referer();
+
if ( !current_user_can('manage_categories') )
die (__('Cheatin’ uh?'));
diff --git a/wp-admin/comment.php b/wp-admin/comment.php
index e431c3d571..557bcfd37b 100644
--- a/wp-admin/comment.php
+++ b/wp-admin/comment.php
@@ -164,6 +164,8 @@ case 'mailapprovecomment':
case 'approvecomment':
+ check_admin_referer();
+
$comment = (int) $_GET['comment'];
$p = (int) $_GET['p'];
if (isset($_GET['noredir'])) {
@@ -194,6 +196,8 @@ case 'approvecomment':
case 'editedcomment':
+ check_admin_referer();
+
edit_comment();
$referredby = $_POST['referredby'];
@@ -208,4 +212,4 @@ default:
break;
} // end switch
include('admin-footer.php');
-?>
\ No newline at end of file
+?>
diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php
index b4e946a608..5ead4874ef 100644
--- a/wp-admin/edit-comments.php
+++ b/wp-admin/edit-comments.php
@@ -51,6 +51,8 @@ function getNumChecked(form)
|
'.__('Your level is not high enough to moderate comments.').'');
diff --git a/wp-admin/options-permalink.php b/wp-admin/options-permalink.php
index 6b41e928ff..3ec746acbe 100644
--- a/wp-admin/options-permalink.php
+++ b/wp-admin/options-permalink.php
@@ -58,6 +58,8 @@ include('admin-header.php');
$home_path = get_home_path();
if ( isset($_POST) ) {
+ check_admin_referer();
+
if ( isset($_POST['permalink_structure']) ) {
$permalink_structure = $_POST['permalink_structure'];
if (! empty($permalink_structure) )
diff --git a/wp-admin/plugin-editor.php b/wp-admin/plugin-editor.php
index 9e94dfa605..9db3c3f678 100644
--- a/wp-admin/plugin-editor.php
+++ b/wp-admin/plugin-editor.php
@@ -34,6 +34,8 @@ switch($action) {
case 'update':
+ check_admin_referer();
+
if ( !current_user_can('edit_plugins') )
die(''.__('You have do not have sufficient permissions to edit templates for this blog.').'
');
diff --git a/wp-admin/templates.php b/wp-admin/templates.php
index d1e890a1e6..938b84c4e1 100644
--- a/wp-admin/templates.php
+++ b/wp-admin/templates.php
@@ -36,8 +36,10 @@ switch($action) {
case 'update':
+ check_admin_referer();
+
if ( ! current_user_can('edit_files') )
- die(''.__('You have do not have sufficient permissions to edit templates for this blog.').'
');
+ die(''.__('You have do not have sufficient permissions to edit templates for this blog.').'
');
$newcontent = stripslashes($_POST['newcontent']);
if (is_writeable($real_file)) {
diff --git a/wp-admin/theme-editor.php b/wp-admin/theme-editor.php
index e6d8093659..cf0065ef55 100644
--- a/wp-admin/theme-editor.php
+++ b/wp-admin/theme-editor.php
@@ -47,6 +47,8 @@ switch($action) {
case 'update':
+ check_admin_referer();
+
if ( !current_user_can('edit_themes') )
die(''.__('You have do not have sufficient permissions to edit templates for this blog.').'
');
diff --git a/wp-includes/classes.php b/wp-includes/classes.php
index a9a20d8752..7ea571bdc5 100644
--- a/wp-includes/classes.php
+++ b/wp-includes/classes.php
@@ -40,7 +40,7 @@ class retrospam_mgr {
if ( empty( $word ) )
continue;
$fulltext = strtolower($comment->email.' '.$comment->url.' '.$comment->ip.' '.$comment->text);
- if( strpos( $fulltext, strtolower($word) ) != FALSE ) {
+ if( false !== strpos( $fulltext, strtolower($word) ) ) {
$this->found_comments[] = $comment->ID;
break;
}