Changeset 6837

Timestamp:

07/27/2018 06:02:12 PM (8 years ago)

Author:

johnjamesjacoby

Message:

Forms: include forum/topic ID in nonce checks.

This change adds in missing object IDs, fixing a bug causing form content to be lost when an error had occurred.

Props wpdennis. Fixes #3209.

Location:

trunk/src/includes

Files:

• forums/template.php (modified) (1 diff)
• topics/template.php (modified) (1 diff)

trunk/src/includes/forums/template.php

@@ -2530 +2530 @@
     }
 
-    // Creating a new topic
+    // Creating a new forum
     if ( bbp_verify_nonce_request( 'bbp-new-forum' ) ) {
         return true;
     }
 
-    // Editing an existing topic
-    if ( bbp_verify_nonce_request( 'bbp-edit-forum' ) ) {
+    // Editing an existing forum
+    if ( bbp_verify_nonce_request( 'bbp-edit-forum_' . bbp_get_forum_id() ) ) {
         return true;
     }

trunk/src/includes/topics/template.php

@@ -3958 +3958 @@
 
     // Editing an existing topic
-    if ( bbp_verify_nonce_request( 'bbp-edit-topic' ) ) {
+    if ( bbp_verify_nonce_request( 'bbp-edit-topic_' . bbp_get_topic_id() ) ) {
         return true;
     }