From 6d0af32ea79559730badcacef28c35f514f62023 Mon Sep 17 00:00:00 2001
From: Andrew Nacin <nacin@git.wordpress.org>
Date: Tue, 11 Jan 2011 22:42:22 +0000
Subject: [PATCH] Add nonces to instances where the list table display() method
 is overridden. see #16188.

git-svn-id: https://develop.svn.wordpress.org/trunk@17262 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/includes/class-wp-comments-list-table.php      | 4 ++++
 wp-admin/includes/class-wp-theme-install-list-table.php | 2 ++
 wp-admin/includes/class-wp-themes-list-table.php        | 2 ++
 3 files changed, 8 insertions(+)

diff --git a/wp-admin/includes/class-wp-comments-list-table.php b/wp-admin/includes/class-wp-comments-list-table.php
index d76b02ba4b..0cba0a1ed0 100644
--- a/wp-admin/includes/class-wp-comments-list-table.php
+++ b/wp-admin/includes/class-wp-comments-list-table.php
@@ -266,6 +266,8 @@ class WP_Comments_List_Table extends WP_List_Table {
 	function display() {
 		extract( $this->_args );
 
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
+
 		$this->display_tablenav( 'top' );
 
 ?>
@@ -533,6 +535,8 @@ class WP_Post_Comments_List_Table extends WP_Comments_List_Table {
 
 	function display( $output_empty = false ) {
 		extract( $this->_args );
+
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
 ?>
 <table class="<?php echo implode( ' ', $this->get_table_classes() ); ?>" cellspacing="0" style="display:none;">
 	<tbody id="the-comment-list"<?php if ( $singular ) echo " class='list:$singular'"; ?>>
diff --git a/wp-admin/includes/class-wp-theme-install-list-table.php b/wp-admin/includes/class-wp-theme-install-list-table.php
index 152775f106..f1dc411093 100644
--- a/wp-admin/includes/class-wp-theme-install-list-table.php
+++ b/wp-admin/includes/class-wp-theme-install-list-table.php
@@ -126,6 +126,8 @@ class WP_Theme_Install_List_Table extends WP_List_Table {
 	}
 
 	function display() {
+
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
 ?>
 		<div class="tablenav top">
 			<div class="alignleft actions">
diff --git a/wp-admin/includes/class-wp-themes-list-table.php b/wp-admin/includes/class-wp-themes-list-table.php
index a91c73d110..97ae61c5db 100644
--- a/wp-admin/includes/class-wp-themes-list-table.php
+++ b/wp-admin/includes/class-wp-themes-list-table.php
@@ -84,6 +84,8 @@ class WP_Themes_List_Table extends WP_List_Table {
 	}
 
 	function display() {
+
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
 ?>
 		<div class="tablenav top">
 			<?php $this->pagination( 'top' ); ?>