Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-25 22:35:02 +02:00
Code Issues Projects Releases Wiki Activity

Comment nonce fixes from Mark Jaquith and mdawaffe. fixes #2760

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2006-06-01 16:59:55 +00:00
parent 2fce9d926e
commit 286a935a59
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-admin/comment.php
View File

@ -184,7 +184,9 @@ case 'approvecomment':
case 'editedcomment':
check_admin_referer('update-comment');
$comment_id = (int) $_POST['comment_ID'];
check_admin_referer('update-comment_' . $comment_id);
edit_comment();
@ -192,7 +194,7 @@ case 'editedcomment':
if (!empty($referredby)) {
header('Location: ' . $referredby);
} else {
header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
header ("Location: edit.php?p=$comment_id&c=1#comments");
}
break;

2
wp-admin/edit-form-comment.php
View File

@ -6,7 +6,7 @@ $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment-
?>
<form name="post" action="comment.php" method="post" id="post">
<?php wp_nonce_field('update-comment' . $comment->comment_ID) ?>
<?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
<div class="wrap">
<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
<input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />