Skip to:
Content

bbPress.org


Ignore:
Timestamp:
11/12/2014 07:34:09 PM (10 years ago)
Author:
johnjamesjacoby
Message:

Add nonce checks to admin area topic & author suggest usages.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/admin/metaboxes.php

    r5561 r5566  
    522522        <strong class="label"><?php esc_html_e( 'Topic:', 'bbpress' ); ?></strong>
    523523        <label class="screen-reader-text" for="parent_id"><?php esc_html_e( 'Topic', 'bbpress' ); ?></label>
    524         <input name="parent_id" id="bbp_topic_id" type="text" value="<?php echo esc_attr( $reply_topic_id ); ?>" />
     524        <input name="parent_id" id="bbp_topic_id" type="text" value="<?php echo esc_attr( $reply_topic_id ); ?>" data-ajax-url="<?php echo wp_nonce_url( add_query_arg( array( 'action' => 'bbp_suggest_topic' ), admin_url( 'admin-ajax.php', 'relative' ) ), 'bbp_suggest_topic_nonce' ); ?>" />
    525525    </p>
    526526
     
    587587            <strong class="label"><?php esc_html_e( 'ID:', 'bbpress' ); ?></strong>
    588588            <label class="screen-reader-text" for="bbp_author_id"><?php esc_html_e( 'ID', 'bbpress' ); ?></label>
    589             <input type="text" id="bbp_author_id" name="post_author_override" value="<?php echo esc_attr( bbp_get_global_post_field( 'post_author' ) ); ?>" />
     589            <input type="text" id="bbp_author_id" name="post_author_override" value="<?php echo esc_attr( bbp_get_global_post_field( 'post_author' ) ); ?>" data-ajax-url="<?php echo wp_nonce_url( add_query_arg( array( 'action' => 'bbp_suggest_user' ), admin_url( 'admin-ajax.php', 'relative' ) ), 'bbp_suggest_user_nonce' ); ?>" />
    590590        </p>
    591591
Note: See TracChangeset for help on using the changeset viewer.