diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-06-07 14:28:14 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-06-07 14:28:14 +0000 |
| commit | 9d42ec4ee5db0437e9ad14b793f044fa0f5de8fe (patch) | |
| tree | a0bb93e81f1856204377f936a97a8a285f77f2b7 /wp-inst/wp-admin/plugin-editor.php | |
| parent | 16cdc878fce216364bd57f498baeeb1b94ca8662 (diff) | |
| download | wordpress-mu-9d42ec4ee5db0437e9ad14b793f044fa0f5de8fe.tar.gz wordpress-mu-9d42ec4ee5db0437e9ad14b793f044fa0f5de8fe.tar.xz wordpress-mu-9d42ec4ee5db0437e9ad14b793f044fa0f5de8fe.zip | |
WP Merge and new features
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@550 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-inst/wp-admin/plugin-editor.php')
| -rw-r--r-- | wp-inst/wp-admin/plugin-editor.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/wp-inst/wp-admin/plugin-editor.php b/wp-inst/wp-admin/plugin-editor.php index 739ccb5..885fb94 100644 --- a/wp-inst/wp-admin/plugin-editor.php +++ b/wp-inst/wp-admin/plugin-editor.php @@ -35,6 +35,8 @@ switch($action) { case 'update': + check_admin_referer('edit-plugin_' . $file); + if ( !current_user_can('edit_plugins') ) die('<p>'.__('You have do not have sufficient permissions to edit templates for this blog.').'</p>'); @@ -96,6 +98,7 @@ if ($plugin_files) : </div> <?php if (!$error) { ?> <form name="template" id="template" action="plugin-editor.php" method="post"> + <?php wp_nonce_field('edit-plugin_' . $file) ?> <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1"><?php echo $content ?></textarea> <input type="hidden" name="action" value="update" /> <input type="hidden" name="file" value="<?php echo $file ?>" /> |