Changeset 12624
- Timestamp:
- 04/21/2020 06:02:58 PM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/bp-xprofile/bp-xprofile-admin.php
r12596 r12624 565 565 global $message, $type; 566 566 567 check_admin_referer( 'bp_xprofile_delete_field-' . $field_id, 'bp_xprofile_delete_field' ); 568 567 569 // Switch type to 'option' if type is not 'field'. 568 570 // @todo trust this param. … … 728 730 729 731 <div class="delete-button"> 730 <a class="confirm submit-delete deletion" href="<?php echo esc_url( $field_delete_url); ?>"><?php _ex( 'Delete', 'Delete field link', 'buddypress' ); ?></a>732 <a class="confirm submit-delete deletion" href="<?php echo esc_url( wp_nonce_url( $field_delete_url, 'bp_xprofile_delete_field-' . $field->id, 'bp_xprofile_delete_field' ) ); ?>"><?php _ex( 'Delete', 'Delete field link', 'buddypress' ); ?></a> 731 733 </div> 732 734
Note: See TracChangeset
for help on using the changeset viewer.