From cc35b0c6bdaaa128c70202fbfe370c51eeb26957 Mon Sep 17 00:00:00 2001
From: michelvaldrighi <michelvaldrighi@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Mon, 17 May 2004 19:44:53 +0000
Subject: [PATCH] using check_admin_referer for deletions

git-svn-id: http://svn.automattic.com/wordpress/trunk@1298 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/categories.php | 2 ++
 wp-admin/post.php       | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/wp-admin/categories.php b/wp-admin/categories.php
index 41c047427..4cec8a508 100644
--- a/wp-admin/categories.php
+++ b/wp-admin/categories.php
@@ -62,6 +62,8 @@ case 'Delete':
     $standalone = 1;
     require_once('admin-header.php');
 
+    check_admin_referer();
+
     $cat_ID = intval($_GET["cat_ID"]);
     $cat_name = get_catname($cat_ID);
     $cat_name = addslashes($cat_name);
diff --git a/wp-admin/post.php b/wp-admin/post.php
index 3526fed7b..e38e3ab02 100644
--- a/wp-admin/post.php
+++ b/wp-admin/post.php
@@ -429,6 +429,8 @@ case 'delete':
 	$standalone = 1;
 	require_once('./admin-header.php');
 
+	check_admin_referer();
+
 	if ($user_level == 0)
 		die ('Cheatin&#8217; uh?');
 
@@ -527,6 +529,8 @@ case 'deletecomment':
 $standalone = 1;
 require_once('./admin-header.php');
 
+check_admin_referer();
+
 if ($user_level == 0)
 	die (__('Cheatin&#8217; uh?'));
 
@@ -562,6 +566,8 @@ case 'unapprovecomment':
 $standalone = 1;
 require_once('./admin-header.php');
 
+check_admin_referer();
+
 if ($user_level == 0)
 	die (__('Cheatin&#8217; uh?'));