From a5547588d750a40a91ba52bde190325a255deb5a Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 18 May 2006 01:02:25 +0000
Subject: [PATCH] Fallback to admin referer check instead of nonce if no action
 is given to check_admin_referer(). For plugin compatibility.

git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/pluggable-functions.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/wp-includes/pluggable-functions.php b/wp-includes/pluggable-functions.php
index 8528ba8e13..067ac402a0 100644
--- a/wp-includes/pluggable-functions.php
+++ b/wp-includes/pluggable-functions.php
@@ -232,7 +232,9 @@ function check_admin_referer($action = -1) {
 	global $pagenow;
 	$adminurl = strtolower(get_settings('siteurl')).'/wp-admin';
 	$referer = strtolower($_SERVER['HTTP_REFERER']);
-	if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) ) {
+	if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) &&
+		!(-1 == $action && strstr($referer, $adminurl)) ) {
+		
 		$html  = "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>\n<html xmlns='http://www.w3.org/1999/xhtml' lang='en' xml:lang='en'>\n\n";
 		$html .= "<head>\n\t<title>" . __('WordPress Confirmation') . "</title>\n";
 		$html .= "</head>\n<body>\n";