Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
02/09/2009 06:52:51 AM (17 years ago)
Author:
apeatling
Message:

Added nonce security checks to all BuddyPress actions. Fixes #454

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/bp-blogs/bp-blogs-templatetags.php

    r1025 r1032  
    692692                <input id="submit" type="submit" name="submit" class="submit" value="<?php _e('Create Blog &raquo;', 'buddypress') ?>" />
    693693            </p>
     694           
     695            <?php wp_nonce_field( 'bp_blog_signup_form' ) ?>
    694696        </form>
    695697        <?php
     
    755757    global $wpdb, $current_user, $blogname, $blog_title, $errors, $domain, $path;
    756758
     759    if ( !check_admin_referer( 'bp_blog_signup_form' ) )
     760        return false;
     761
    757762    $current_user = wp_get_current_user();
    758763   
Note: See TracChangeset for help on using the changeset viewer.