nonce functions. #2678

git-svn-id: https://develop.svn.wordpress.org/trunk@3758 602fd350-edb4-49c9-b593-d223f7449a82

wp-includes/functions-compat.php

@@ -98,4 +98,17 @@ if (!function_exists('array_change_key_case')) {
     }
 }
 
+// From php.net
+if(!function_exists('http_build_query')) {
+   function http_build_query( $formdata, $numeric_prefix = null, $key = null ) {
+       $res = array();
+       foreach ((array)$formdata as $k=>$v) {
+           $tmp_key = urlencode(is_int($k) ? $numeric_prefix.$k : $k);
+           if ($key) $tmp_key = $key.'['.$tmp_key.']';
+           $res[] = ( ( is_array($v) || is_object($v) ) ? http_build_query($v, null, $tmp_key) : $tmp_key."=".urlencode($v) );
+       }
+       $separator = ini_get('arg_separator.output');
+       return implode($separator, $res);
+   }
+}
 ?>

wp-includes/functions.php

@@ -1663,4 +1663,12 @@ function is_blog_installed() {
 	return $installed;
 }
 
+function wp_nonce_url($actionurl, $action = -1) {
+	return add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl);
+}
+
+function wp_nonce_field($action = -1) {
+	echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />';
+}
+
 ?>

wp-includes/pluggable-functions.php

@@ -228,14 +228,34 @@ function auth_redirect() {
 endif;
 
 if ( !function_exists('check_admin_referer') ) :
-function check_admin_referer() {
+function check_admin_referer($action = -1) {
+	global $pagenow;
 	$adminurl = strtolower(get_settings('siteurl')).'/wp-admin';
 	$referer = strtolower($_SERVER['HTTP_REFERER']);
-	if (!strstr($referer, $adminurl))
-		die(__('Sorry, you need to <a href="http://codex.wordpress.org/Enable_Sending_Referrers">enable sending referrers</a> for this feature to work.'));
+	if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) ) {
+		$html  = "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>\n<html xmlns='http://www.w3.org/1999/xhtml' lang='en' xml:lang='en'>\n\n";
+		$html .= "<head>\n\t<title>" . __('WordPress Confirmation') . "</title>\n";
+		$html .= "</head>\n<body>\n";
+		if ( $_POST ) {
+			$q = http_build_query($_POST);
+			$q = explode( ini_get('arg_separator.output'), $q);
+			$html .= "\t<form method='post' action='$pagenow'>\n";
+			foreach ( (array) $q as $a ) {
+				$v = substr(strstr($a, '='), 1);
+				$k = substr($a, 0, -(strlen($v)+1));
+				$html .= "\t\t<input type='hidden' name='" . wp_specialchars( urldecode($k), 1 ) . "' value='" . wp_specialchars( urldecode($v), 1 ) . "' />\n";
+			}
+			$html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce($action) . "' />\n";
+			$html .= "\t\t<p>" . __('Are you sure you want to do this?') . "</p>\n\t\t<p><a href='$adminurl'>No</a> <input type='submit' value='" . __('Yes') . "' /></p>\n\t</form>\n";
+		} else {
+			$html .= "\t<p>" . __('Are you sure you want to do this?') . "</p>\n\t\t<p><a href='$adminurl'>No</a> <a href='" . add_query_arg( '_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI'] ) . "'>" . __('Yes') . "</a></p>\n";
+		}
+		$html .= "</body>\n</html>";
+
+		die($html);
+	}
 	do_action('check_admin_referer');
-}
-endif;
+}endif;
 
 if ( !function_exists('check_ajax_referer') ) :
 function check_ajax_referer() {
@@ -460,4 +480,29 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
 }
 endif;
 
+if ( !function_exists('wp_verify_nonce') ) :
+function wp_verify_nonce($nonce, $action = -1) {
+	$user = wp_get_current_user();
+	$uid = $user->id;
+
+	$i = ceil(time() / 43200);
+
+	//Allow for expanding range, but only do one check if we can
+	if( substr(md5($i . DB_PASSWORD . $action . $uid), -12, 10) == $nonce || substr(md5(($i - 1) . DB_PASSWORD . $action . $uid), -12, 10) == $nonce )
+		return true;
+	return false;
+}
+endif;
+
+if ( !function_exists('wp_create_nonce') ) :
+function wp_create_nonce($action = -1) {
+	$user = wp_get_current_user();
+	$uid = $user->id;
+
+	$i = ceil(time() / 43200);
+	
+	return substr(md5($i . DB_PASSWORD . $action . $uid), -12, 10);
+}
+endif;
+
 ?>