mirror of
https://github.com/WordPress/WordPress.git
synced 2024-09-29 07:37:44 +02:00
Backport nonce fixes. #2678
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3779 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
7428c2fbbc
commit
a512f85b1f
@ -597,9 +597,9 @@ function cat_rows($parent = 0, $level = 0, $categories = 0) {
|
||||
if ( current_user_can('manage_categories') ) {
|
||||
$edit = "<a href='categories.php?action=edit&cat_ID=$category->cat_ID' class='edit'>".__('Edit')."</a></td>";
|
||||
$default_cat_id = get_option('default_category');
|
||||
|
||||
|
||||
if ($category->cat_ID != $default_cat_id)
|
||||
$edit .= "<td><a href='categories.php?action=delete&cat_ID=$category->cat_ID' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '".sprintf(__("You are about to delete the category "%s". All of its posts will go to the default category.\\n"OK" to delete, "Cancel" to stop."), wp_specialchars($category->cat_name, 1))."' );\" class='delete'>".__('Delete')."</a>";
|
||||
$edit .= "<td><a href='" . wp_nonce_url("categories.php?action=delete&cat_ID=$category->cat_ID", 'delete-category' . $category->cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . sprintf(__("You are about to delete the category "%s". All of its posts will go to the default category.\\n"OK" to delete, "Cancel" to stop."), wp_specialchars($category->cat_name, 1))."' );\" class='delete'>".__('Delete')."</a>";
|
||||
else
|
||||
$edit .= "<td style='text-align:center'>".__("Default");
|
||||
}
|
||||
|
@ -266,8 +266,8 @@ if($metadata = has_meta($post_ID)) {
|
||||
|
||||
</div>
|
||||
|
||||
<?php if ('edit' == $action) : ?>
|
||||
<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), addslashes($post->post_title) ) . "')\""; ?> />
|
||||
<?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post' . $post_ID ); ?>
|
||||
<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), addslashes($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}\""; ?> />
|
||||
<?php endif; ?>
|
||||
|
||||
</div>
|
||||
|
Loading…
Reference in New Issue
Block a user