[wp-trac] Re: [WordPress Trac] #2734: Nonce confirmation not
informative.
WordPress Trac
wp-trac at lists.automattic.com
Thu May 18 20:00:14 GMT 2006
#2734: Nonce confirmation not informative.
----------------------------+-----------------------------------------------
Id: 2734 | Status: new
Component: Administration | Modified: Thu May 18 20:00:14 2006
Severity: normal | Milestone: 2.1
Priority: normal | Version: 2.1
Owner: anonymous | Reporter: mdawaffe
----------------------------+-----------------------------------------------
Comment (by mdawaffe):
I'd thought of that, but it didn't seem worth it.
But I thought about it again and here it is.
2734b.diff
1. Change nonce actions to 'verb-noun_ID': 'delete-post_1234', 'switch-
theme_classic'. This was no easier to parse than 'delete_post1234' but
much easier than 'switch-themeclassic'.
1. If check_admin_referer() fails, an array of known verbs and an array
of known nouns (and what function to call on ID, if any) is built. Both
arrays try to be sensitive to i18n. If we have a known verb and noun
pair, the AYS is made more specific: 'Are you sure you want to delete this
post: "WP rocks"?', 'Are you sure you want to switch to this theme?'.
--
Ticket URL: <http://trac.wordpress.org/ticket/2734>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list