Make WordPress Core

Opened 16 years ago

Closed 14 years ago

#6215 closed defect (bug) (duplicate)

The post editing page has two instances of _ajax_nonce

Reported by: quandary's profile Quandary Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.5
Component: Administration Keywords:
Focuses: Cc:

Description

The ID "_ajax_nonce" is used twice on the post editing page -- once in the output of meta_form() (for custom fields), and once in the output of wp-admin/edit-form-advanced.php (for categories).

These nonces need unique names, preferably reflecting the purpose that they serve.

Change History (4)

#1 @ryan
16 years ago

The $name argument for wp_nonce_field() and the $query_arg argument for check_admin_referer() can be used.

#2 @Denis-de-Bernardy
15 years ago

  • Component changed from General to Administration

#3 @ryan
14 years ago

  • Milestone changed from 2.9 to Future Release

#4 @nacin
14 years ago

  • Milestone Future Release deleted
  • Resolution set to duplicate
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.