WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add nonce to menu-locations-save. Props koopersmith. see #13378 

git-svn-id: http://svn.automattic.com/wordpress/trunk@14725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2010-05-18 15:16:58 +00:00
parent 0ce5224be6
commit bc1bf148e4
4 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
wp-admin/admin-ajax.php
View File

@ -1106,6 +1106,7 @@ case 'menu-quick-search':
case 'menu-locations-save':
if ( ! current_user_can( 'edit_theme_options' ) )
die('-1');
check_ajax_referer( 'add-menu_item', 'menu-settings-column-nonce' );
if ( ! isset( $_POST['menu-locations' ] ) )
die('0');
set_theme_mod( 'nav_menu_locations', $_POST['menu-locations'] );

14
wp-admin/js/nav-menu.dev.js
View File

@ -34,6 +34,7 @@ var wpNavMenu;
this.setupInputWithDefaultTitle();
this.attachAddMenuItemListeners();
this.attachQuickSearchListeners();
this.attachThemeLocationsListeners();
this.attachTabsPanelListeners();
@ -329,7 +330,7 @@ var wpNavMenu;
},
attachAddMenuItemListeners : function() {
var form = $('#nav-menu-meta'), loc = form.find('#nav-menu-theme-locations');
var form = $('#nav-menu-meta');
form.find('.add-to-menu input').click(function(){
$(this).trigger('wp-add-menu-item', [api.addMenuItemToBottom]);
@ -341,9 +342,18 @@ var wpNavMenu;
form.find('.posttypediv, .taxonomydiv').bind('wp-add-menu-item', function(e, processMethod) {
$(this).addSelectedToMenu( processMethod );
});
},
attachThemeLocationsListeners : function() {
var loc = $('#nav-menu-theme-locations'),
params = {
'action': 'menu-locations-save',
'menu-locations': loc.find('select').serialize(),
'menu-settings-column-nonce': $('#menu-settings-column-nonce').val()
};
loc.find('input[type=submit]').click(function() {
loc.find('.waiting').show();
$.post( ajaxurl, loc.find('select').serialize() + '&action=menu-locations-save', function(r) {
$.post( ajaxurl, params, function(r) {
loc.find('.waiting').hide();
});
return false;

2
wp-admin/js/nav-menu.js
View File

File diff suppressed because one or more lines are too long

2
wp-includes/script-loader.php
View File

@ -387,7 +387,7 @@ function wp_default_scripts( &$scripts ) {
) );
// Custom Navigation
$scripts->add( 'nav-menu', "/wp-admin/js/nav-menu$suffix.js", false, '20100517' );
$scripts->add( 'nav-menu', "/wp-admin/js/nav-menu$suffix.js", false, '20100518' );
$scripts->localize( 'nav-menu', 'navMenuL10n', array(
'home' => _x('Home', 'nav menu home label'),
'homeurl' => home_url('/'),