Add a nonce.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
f166e119f3
commit
0c93cb66be
|
@ -34,6 +34,8 @@ screen_icon();
|
||||||
echo '<h2>' . esc_html( $title ) . '</h2>';
|
echo '<h2>' . esc_html( $title ) . '</h2>';
|
||||||
|
|
||||||
if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == '1' ) {
|
if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == '1' ) {
|
||||||
|
check_admin_referer( 'delete-blog' );
|
||||||
|
|
||||||
$hash = wp_generate_password( 20, false );
|
$hash = wp_generate_password( 20, false );
|
||||||
update_option( 'delete_blog_hash', $hash );
|
update_option( 'delete_blog_hash', $hash );
|
||||||
|
|
||||||
|
@ -68,11 +70,12 @@ Webmaster
|
||||||
<p><?php _e( 'Remember, once deleted your site cannot be restored.' ) ?></p>
|
<p><?php _e( 'Remember, once deleted your site cannot be restored.' ) ?></p>
|
||||||
|
|
||||||
<form method="post" name="deletedirect">
|
<form method="post" name="deletedirect">
|
||||||
|
<?php wp_nonce_field( 'delete-blog' ) ?>
|
||||||
<input type="hidden" name="action" value="deleteblog" />
|
<input type="hidden" name="action" value="deleteblog" />
|
||||||
<p><input id="confirmdelete" type="checkbox" name="confirmdelete" value="1" /> <label for="confirmdelete"><strong><?php printf( __( "I'm sure I want to permanently disable my site, and I am aware I can never get it back or use %s again." ), is_subdomain_install() ? $current_blog->domain : $current_blog->domain . $current_blog->path ); ?></strong></label></p>
|
<p><input id="confirmdelete" type="checkbox" name="confirmdelete" value="1" /> <label for="confirmdelete"><strong><?php printf( __( "I'm sure I want to permanently disable my site, and I am aware I can never get it back or use %s again." ), is_subdomain_install() ? $current_blog->domain : $current_blog->domain . $current_blog->path ); ?></strong></label></p>
|
||||||
<?php submit_button( __( 'Delete My Site Permanently' ) ); ?>
|
<?php submit_button( __( 'Delete My Site Permanently' ) ); ?>
|
||||||
</form>
|
</form>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
echo '</div>';
|
echo '</div>';
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue