Skip to:
Content

bbPress.org


Ignore:
Timestamp:
03/19/2012 07:31:01 PM (12 years ago)
Author:
johnjamesjacoby
Message:

Add nonces to admin area metabox saves, to avoid accidentally running save routines.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/plugin/bbp-admin/bbp-topics.php

    r3766 r3814  
    291291     */
    292292    function attributes_metabox_save( $topic_id ) {
    293 
     293       
    294294        // Bail if doing an autosave
    295295        if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE )
     
    300300            return $topic_id;
    301301
     302        // Nonce check
     303        if ( empty( $_POST['bbp_topic_metabox'] ) || !wp_verify_nonce( $_POST['bbp_topic_metabox'], 'bbp_topic_metabox_save' ) )
     304            return $topic_id;
     305
    302306        // Bail if post_type is not a topic
    303307        if ( get_post_type( $topic_id ) != $this->post_type )
    304             return;
     308            return $topic_id;
    305309
    306310        // Bail if current user cannot edit this topic
Note: See TracChangeset for help on using the changeset viewer.