[wp-trac] [WordPress Trac] #24063: Introduce some more _doing_it_wrong() calls in nonce functions
WordPress Trac
noreply at wordpress.org
Fri Apr 12 17:15:25 UTC 2013
#24063: Introduce some more _doing_it_wrong() calls in nonce functions
-----------------------------+-------------------------
Reporter: johnbillion | Type: enhancement
Status: new | Priority: normal
Milestone: Awaiting Review | Component: Security
Version: 3.2 | Severity: normal
Keywords: |
-----------------------------+-------------------------
`check_admin_referer()` will tell you that you're `_doing_it_wrong()` if
you don't specify the `$action` parameter. The corresponding
`wp_nonce_field()` and `wp_nonce_url()` functions should behave the same
way.
`check_ajax_referer()` should also behave the same as
`check_admin_referer()` but I'm not sure if potentially raising notices in
AJAX calls is a good idea. I've included it in the patch anyway.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24063>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list