[wp-trac] [WordPress Trac] #3185: options.php saves nonce fields and Submit button value

WordPress Trac wp-trac at lists.automattic.com
Mon Oct 2 15:11:10 GMT 2006


#3185: options.php saves nonce fields and Submit button value
---------------------+------------------------------------------------------
 Reporter:  donncha  |       Owner:  rboren       
     Type:  defect   |      Status:  new          
 Priority:  normal   |   Milestone:  2.1          
Component:  General  |     Version:  2.1          
 Severity:  normal   |    Keywords:  options nonce
---------------------+------------------------------------------------------
 If you edit the options of a blog directly through options.php it will add
 options for Update, Wpnonce, and Wp_http_referer. This is because
 $_POST['page_options'] doesn't exist.

 To fix: add each element of the form to an array and run through that
 array when updating, or just check for the nonce fields.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/3185>
WordPress Trac <http://wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list