[wp-trac] Re: [WordPress Trac] #2678: Nonces instead of referers
WordPress Trac
wp-trac at lists.automattic.com
Sat Apr 22 16:36:14 GMT 2006
#2678: Nonces instead of referers
----------------------------+-----------------------------------------------
Id: 2678 | Status: new
Component: Administration | Modified: Sat Apr 22 16:36:14 2006
Severity: normal | Milestone:
Priority: normal | Version: 2.1
Owner: anonymous | Reporter: ringmaster
----------------------------+-----------------------------------------------
Comment (by random):
Minor thing: in diff 3, wp_verify_nonce() has:
{{{
|| substr(md5(($i - 1) . DB_PASSWORD . $action . $uid), -12, 10)
}}}
instead of:
{{{
|| substr(md5(($i - 1) . DB_PASSWORD . $action . $uid), -12, 10) == $nonce
}}}
--
Ticket URL: <http://trac.wordpress.org/ticket/2678>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list