Changeset 6739

Show
Ignore:
Timestamp:
02/06/08 21:19:47 (7 months ago)
Author:
ryan
Message:

Remove cookie checking from check_ajax_referer(). Check nonces instead. Props mdawaffe. fixes #5782

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/wp-admin/admin-ajax.php

    r6726 r6739  
    468468    break; 
    469469case 'autosave' : // The name of this action is hardcoded in edit_post() 
    470     check_ajax_referer( $action ); 
     470    check_ajax_referer( 'autosave', 'autosavenonce' ); 
    471471    $_POST['post_content'] = $_POST['content']; 
    472472    $_POST['post_excerpt'] = $_POST['excerpt']; 
     
    500500break; 
    501501case 'autosave-generate-nonces' : 
    502     check_ajax_referer( $action ); 
     502    check_ajax_referer( 'autosave', 'autosavenonce' ); 
    503503    $ID = (int) $_POST['post_ID']; 
    504504    if($_POST['post_type'] == 'post') { 

  • trunk/wp-admin/edit-form-advanced.php

    r6713 r6739  
    8989<h3><?php _e('Post') ?></h3> 
    9090<?php the_editor($post->post_content); ?> 
     91<?php wp_nonce_field( 'autosave', 'autosavenonce', false ); ?> 
    9192</div> 
    9293 

  • trunk/wp-admin/edit-form.php

    r6567 r6739  
    4040?> 
    4141<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content"><?php echo $post->post_content ?></textarea></div> 
     42<?php wp_nonce_field( 'autosave', 'autosavenonce', false ); ?> 
    4243</fieldset> 
    4344 

  • trunk/wp-admin/edit-page-form.php

    r6726 r6739  
    5757<h3><?php _e('Page') ?></h3> 
    5858<?php the_editor($post->post_content); ?> 
     59<?php wp_nonce_field( 'autosave', 'autosavenonce', false ); ?> 
    5960</div> 
    6061 

  • trunk/wp-includes/js/autosave.js

    r6694 r6739  
    3737            action: "autosave-generate-nonces", 
    3838            post_ID: res, 
    39             cookie: document.cookie
     39            autosavenonce: jQuery('#autosavenonce').val()
    4040            post_type: jQuery('#post_type').val() 
    4141        }, function(html) { 
     
    8888            post_ID:  jQuery("#post_ID").val() || 0, 
    8989            post_title: jQuery("#title").val() || "", 
    90             cookie: document.cookie
     90            autosavenonce: jQuery('#autosavenonce').val()
    9191            tags_input: jQuery("#tags-input").val() || "", 
    9292            post_type: jQuery('#post_type').val() || "" 
     
    100100    }  
    101101     
    102     post_data["content"] = jQuery("#content").val(); 
     102   post_data["content"] = jQuery("#content").val(); 
    103103 
    104104    if(post_data["post_title"].length==0 || post_data["content"].length==0 || post_data["post_title"] + post_data["content"] == autosaveLast) { 

  • trunk/wp-includes/pluggable.php

    r6726 r6739  
    636636 * 
    637637 * @param string $action Action nonce 
    638  */ 
    639 function check_admin_referer($action = -1) { 
     638 * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5) 
     639 */ 
     640function check_admin_referer($action = -1, $query_arg = '_wpnonce' ) { 
    640641    $adminurl = strtolower(get_option('siteurl')).'/wp-admin'; 
    641642    $referer = strtolower(wp_get_referer()); 
    642     if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) && 
     643    if ( !wp_verify_nonce($_REQUEST[$query_arg], $action) && 
    643644        !(-1 == $action && strpos($referer, $adminurl) !== false)) { 
    644645        wp_nonce_ays($action); 
     
    655656 * 
    656657 * @param string $action Action nonce 
    657  */ 
    658 function check_ajax_referer( $action = -1 ) { 
    659     $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce']; 
    660     if ( !wp_verify_nonce( $nonce, $action ) ) { 
    661         $current_id = ''; 
    662         if ( ( $current = wp_get_current_user() ) && $current->ID ) 
    663             $current_id = $current->ID; 
    664         if ( !$current_id ) 
    665             die('-1'); 
    666  
    667         $auth_cookie = ''; 
    668         $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie 
    669         foreach ( $cookie as $tasty ) { 
    670             if ( false !== strpos($tasty, AUTH_COOKIE . '=') ) { 
    671                 $auth_cookie = substr(strstr($tasty, '='), 1); 
    672                 break; 
    673             } 
    674         } 
    675  
    676         if ( empty($auth_cookie) ) 
    677             die('-1'); 
    678  
    679         if ( ! $user_id = wp_validate_auth_cookie( $auth_cookie ) ) 
    680             die('-1'); 
    681  
    682         if ( $current_id != $user_id ) 
    683             die('-1'); 
    684     } 
     658 * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5) 
     659 */ 
     660function check_ajax_referer( $action = -1, $query_arg = false ) { 
     661    if ( $query_arg ) 
     662        $nonce = $_REQUEST[$query_arg]; 
     663    else 
     664        $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce']; 
     665 
     666    if ( !wp_verify_nonce( $nonce, $action ) )  
     667        die('-1'); 
     668 
    685669    do_action('check_ajax_referer'); 
    686670} 

  • trunk/wp-includes/script-loader.php

    r6726 r6739  
    3838        $this->add( 'prototype', '/wp-includes/js/prototype.js', false, '1.6'); 
    3939 
    40         $this->add( 'autosave', '/wp-includes/js/autosave.js', array('jquery', 'schedule'), '20080104'); 
     40        $this->add( 'autosave', '/wp-includes/js/autosave.js', array('jquery', 'schedule'), '20080206'); 
    4141        $this->localize( 'autosave', 'autosaveL10n', array( 
    4242            'autosaveInterval' => apply_filters('autosave_interval', '120'),